www.yallashoots.live Open in urlscan Pro
2606:4700:3036::6815:5c11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.yallashoots.live/
Effective URL:
https://www.yallashoots.live/home/
Submission: On February 06 via manual (February 6th 2023, 6:10:01 pm UTC) from QA — Scanned from DE

Summary HTTP 189 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 16 domains to perform 189 HTTP transactions. The main IP is 2606:4700:3036::6815:5c11, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yallashoots.live.
TLS certificate: Issued by E1 on January 8th 2023. Valid for: 3 months.

This is the only time www.yallashoots.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:b8f9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 13	2606:4700:303... 2606:4700:3036::6815:5c11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:48f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:45d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:55d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
1 38	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:400d:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
18	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
189	28

1 2606:4700:3034::ac43:b8f9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.yallashoots.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3036::6815:5c11 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.yallashoots.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:48f4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.foxpush.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:45d (United States)

ASN13335 (CLOUDFLARENET, US)

json.foxpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:55d (United States)

ASN13335 (CLOUDFLARENET, US)

www.foxpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Norresundby, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	598 KB
42	criteo.net static.criteo.net — Cisco Umbrella Rank: 647 csm.eu.criteo.net — Cisco Umbrella Rank: 7891 pix.eu.criteo.net — Cisco Umbrella Rank: 7989	1 MB
25	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com	480 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	218 KB
14	yallashoots.live 2 redirects www.yallashoots.live	124 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	385 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7817 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9740 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12826	100 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	5 KB
5	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	10 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741	696 B
2	semasio.net 1 redirects uip.semasio.net — Cisco Umbrella Rank: 18626	1 KB
2	foxpush.com json.foxpush.com — Cisco Umbrella Rank: 150913 www.foxpush.com — Cisco Umbrella Rank: 94233	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	foxpush.net cdn.foxpush.net — Cisco Umbrella Rank: 137304	17 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	608 B
189	16

	Domain	Requested by
38	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.yallashoots.live
20	pix.eu.criteo.net	ads.eu.criteo.com
18	static.criteo.net	ads.eu.criteo.com
18	pagead2.googlesyndication.com	www.yallashoots.live pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	www.yallashoots.live	2 redirects www.yallashoots.live
12	www.gstatic.com	googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	rtb.nl.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	uip.semasio.net	1 redirects www.foxpush.com
2	www.google-analytics.com	www.yallashoots.live www.google-analytics.com
2	cdn.foxpush.net	www.yallashoots.live cdn.foxpush.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.foxpush.com	cdn.foxpush.net
1	json.foxpush.com	cdn.foxpush.net
189	27

This site contains links to these domains. Also see Links.

Domain
linktr.ee
new.yallashoots.live

Subject Issuer	Validity	Valid
*.yallashoots.live E1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
foxpush.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
foxpush.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.yallashoots.live/home/
Frame ID: 784AB46CC4B7F4147AA13EC23810BEF6
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html
Frame ID: B6A4651089B3B7CDD3C06011D3E335DA
Requests: 1 HTTP requests in this frame

Frame: https://www.foxpush.com/source/index.html?fox_domain=goal-caironet.foxpush.net&hurl=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F
Frame ID: 8199D3AB2D05FCFA7A68180B612B30F8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&adk=1812271804&adf=3025194257&lmt=1675706997&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997057&bpp=4&bdt=254&idt=221&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2439074822546&frm=20&pv=2&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: 232897935AEFA495B14560A702BEFD37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=2655117408&adf=54630664&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997073&bpp=1&bdt=270&idt=232&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DVm1PwSSIG&p=https%3A//www.yallashoots.live&dtd=238
Frame ID: 54E22284A5767A7392437403AC88541E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=90&adk=4177220252&adf=2181667279&w=1100&lmt=1675706997&rafmt=12&format=1100x90&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997080&bpp=1&bdt=277&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aaKiPUhzEo&p=https%3A//www.yallashoots.live&dtd=238
Frame ID: 1868F58E0BE17714F5D0AFDF5A278949
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3749226152&adf=1779215560&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997085&bpp=1&bdt=282&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yxT9DXubJq&p=https%3A//www.yallashoots.live&dtd=241
Frame ID: 41CF1ED8E0338C84171D1EED45B354A3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3732135956&adf=798094206&w=1076&fwrn=4&fwrnh=100&lmt=1675706997&rafmt=1&format=1076x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997086&bpp=1&bdt=283&idt=243&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BPsQzSzVzO&p=https%3A//www.yallashoots.live&dtd=247
Frame ID: E67E6794DE347DC197A2B7D56F716A3A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2336DFBE22DC27785E84F704CDE0D958
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6013D83198052D3D601793E5CCF6D226
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: AFA73A727E7D06A231E75FE32F3C2026
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 31CCA6D138723DE78689950D11CA3358
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D576FF81E3E91D61994339B32955AA0E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9E9DF17B04E7F6B96348E141472714F4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: D1432832EE9F722BAC5F062909DFF0AF
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-FCdQAFQJsKGdMNAAjBP2NJvILXlblj98Dt9g&u=%7CINwQN%2FSu0xIBQ6SmYvkTRlbe7tfw3nl9PA%2FIeEZWNIg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsPNAANLDwTLJVhjGAR0EK06wwSIJT9GcnLgLl10xqzmAQe7FoPnhltKiqTSVeU4EYM_Fqt73AxxAu8EUyh1FsTIf7PZttxjmL27-P6AL4wKf4vd3qKDI3RfflEUqQqJFT8qFL1LuKb0znC29OyrvgGASpuU7hzrK80lxBSBAif_mahoeJ_NFMEO8Za12YNZjQxTIt8FIB1x6m1ffKXHhkk6GU2q-V7qkGmgxIBABKGRilQ4tL0MMPuIVeZWZ-MiCB9hlY02OZShMt2TRF2RRkyk9-e95HgwCzEXBGyL2CY0HEoRz3dNakw2zDw8MNUhASuCTYuCvgp6xmVzglDpK2Ip_Np3dKpJy14XXWUxacg7TgdMTQTSTYtSa1x-Fz9BSyMtC92yUM78l7NCJltIJpLzTZcl6kf-qB1kYR8SNYIEpDkY1fdwS5w-d63d326T55u8d7pUXkSX2w_G0loXrH8hZgIDTdwLo1vrL9GTZo_5CaItge32f-IS8gAp66kmx3654NGhk75xvAys-YZUAUHpTmXW0yBxHdU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjTtcdULhY5uBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEzgFP0M1F0KfxMiXyc9tShcFvEqnbxHSbnPS6UW8oCx0myMyUbEwCC-TJJxBkrkBTw1QUvUbgG4uPXLJs4ppEMBYvWQsA7zE4U82-FA7ti9Llka1OMq2GFxznwYNjS2IHicuJxhENgfG-4Rf-eYoFYPZJLjGYTTcb3W6-iwNSbd0wNGEzXW3g_aCFQUTk2_ShqzSRH3FP1t4sesYeN5fWM1zDruGMPcCPUzcCC9ORKB84_0PIswXME6lO_SN7WaeDFcDcqrVQuqWYUUZUKhPTHIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0p_Dyn3yT5-iOmvQ5fp7mEb5u2kQ%26client%3Dca-pub-2065856232380703%26adurl%3D
Frame ID: 5D8FFC48E92A7674F4A397CD624016A3
Requests: 24 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-FCdQAFQJwKGdMNAAjBPzYPnhSuiizqhY1lDw&u=%7CINwQN%2FSu0xL5XQU7FHfOzxLM%2F35PzlQATU5kZS1YIRw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNlbgLxpcO5Jm02GPbgUo9dZ6evzmMu2HDo-u-DQQOWHnpXNo5VAsGTwwCGXX4XgPUL9gxOLtNUe90arF3pNDnyRg8nRmVBtpgYbXp22r5_kJ5vXZZX9r8o5pkQR6SKpBbIGrCeLhOspBBya-mBj73b9quDiVND8Gi6v5zNNN-G6zAQ-dEOBVrRoMm78pEBQ3gwByLbU9gIUKVP7AnqdcValLfFotltZQ3CqPtrG83GiTqkudT7mGn26oTTJKC0oFwJB05fx9mDyi3-vE62WZTORNfcKzR1XCpdutsvjNU8RFvf63EbYvASQSlH4Cx8NBR9nu4-NWDeFxamvSEwT6_QdUaoW7RWRDQ2tBePNjbuxrT_Rm1MzpA3uQVlRtjGTAnjWeb96WM4x8AOTCRsnKg936_92cMgxxamFvgwcdma6cpIJ55d-YXEyHXr9Yo_QHyTez-l-bWBEQAajCxWfrS53Hvp6pLnCJLj9KW2SIyZU4JbDHljwS0bkuLNRttZbc2X39_DHWlQXEfsisk8f3_nR2RLa7EG1f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqMO_dULhY5yBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEzgFP0FTr-M-oetIcclMgrpqqtKsqPZOg-iB1YgImYpY-lU2wpAh9xhxcxdFzj1IWktBDOjeDTMfvyO4HWzO58vLBvmhgMR7A-1vE5-QaxsC8LW8qG46xTCXDDh52I-8_jEiHGcxX8IC-XFSu3onDqv37rGhaTbsVKXC-V72ncnkYZmJe0jP9axmJcpJPy3yhZikV54YME03phQeHvqcGXH4ogmzjkP3YxnzKautM8sU6U3nhJ4ptOZmUTkYInrp_MkORdhbpa3AcMkSuOQpfIoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10HmSSCW_rgFeRYQDWwhjaCcIvlA%26client%3Dca-pub-2065856232380703%26adurl%3D
Frame ID: 9C745522DEC55868C832D08E966D3963
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: 1089C850C8DD33F2A62C26791735391B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 53C133063A8ED517AD30DF0719F75DA1
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: 189FD1E39CCD9AB2F86FCEB5E5C27460
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: A05314815E43B6632F611C1E8E917966
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js
Frame ID: 6E7427F441FE38D8DE1C35D39281A745
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2BDCFB0B50F739ED85A34EA8FE1E54EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E3B9637BBA85B35704D76A8E203587F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

يلا شوت لايف Yalla Shoot Live || أهم مباريات اليوم بث مباشر جودة عالية

Page URL History Show full URLs

http://www.yallashoots.live/ HTTP 301
https://www.yallashoots.live/ HTTP 301
https://www.yallashoots.live/home/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

189
Requests

99 %
HTTPS

93 %
IPv6

16
Domains

27
Subdomains

28
IPs

5
Countries

3073 kB
Transfer

5799 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://linktr.ee/mosa7

Search URL Search Domain Scan URL

URL: https://new.yallashoots.live/
Title: يلا شوت الجديد

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.yallashoots.live/ HTTP 301
https://www.yallashoots.live/ HTTP 301
https://www.yallashoots.live/home/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://uip.semasio.net/foxpush/1/info?_referrer=https%3A//www.yallashoots.live/&sType=view&gdpr=0&gdpr_consent=null&nJs=1&_ignore=58385607744431624&nIframe=1 HTTP 302
https://uip.semasio.net/foxpush/1/info2?_referrer=https%3A//www.yallashoots.live/&sType=view&gdpr=0&gdpr_consent=null&nJs=1&_ignore=58385607744431624&nIframe=1

Request Chain 129

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE8pnNWBCgBhigBjIIEpj-VFr-G5k HTTP 301
https://tpc.googlesyndication.com/simgad/8581284204173772508

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

189 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.yallashoots.live/home/
Redirect Chain

http://www.yallashoots.live/
https://www.yallashoots.live/
https://www.yallashoots.live/home/

86 KB
20 KB

542ms
541ms

Document
text/html

2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yallashoots.live/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17422c5ac5387f3589d540b8cc2ce798d649d4c451ae77833498d9a752d9a5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7955d6f69fcbbb47-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 Feb 2023 18:09:56 GMT
expires: Mon, 06 Feb 2023 18:09:56 GMT
link: <https://www.yallashoots.live/wp-json/>; rel="https://api.w.org/", <https://www.yallashoots.live/wp-json/wp/v2/pages/6063>; rel="alternate"; type="application/json", <https://www.yallashoots.live/?p=6063>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhCUhTHhJnG%2BDaV48iVdYhxZetw%2FY187iLIHlmZyVtTNI2OEJGAYcUQ1wwB8qVJk%2BbUHY%2B4rS7pbM71c%2FqTQTF3wb3mvlJhQk3psD3bocqIfBWrfOoM5sL1xl0ctZFE7Q45miLA71hfNvXgWQ%2BiVWd73Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-litespeed-tag: 0d0_HTTP.200
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7955d6f68fafbb47-FRA
date: Mon, 06 Feb 2023 18:09:56 GMT
expires: Mon, 06 Feb 2023 19:09:56 GMT
location: https://www.yallashoots.live/home/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxaYFl2RWgfnbNlmcLXIZjokCyYjMyOLRlIbzwjehfOqXHsIU2EQCg6hp0%2BhN8PTfZTq8%2F9sPYx1bMLoOkHEQXwMSU1iJf9KSUabhfRKwyWVYj0Kbsx6ZN9LrFZT5aD7qG06aE27gc54p4gu8T4p7UXdrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 classic-themes.min.css
www.yallashoots.live/wp-includes/css/ 217 B
721 B 182ms
181ms Stylesheet
text/css 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yallashoots.live/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:56 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Wed, 02 Nov 2022 06:50:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrTStmDCODZPSZrccPBOL5I0ZcgJf3CzmDPg0vVR4YopqQoLXzvaVboLMxAkMV7zUCAQR5SF6cSX3oAnAHj%2BEsQgcsqvEiOnvHl1LpnpOtu4toEwxjmSH%2F4%2Bw0iInLmdMqrv9cBlN0Ewme2cX8JelZEe1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
cf-ray: 7955d6fa0f479968-FRA
expires: Wed, 08 Mar 2023 18:09:56 GMT

GET
H3 200 light.css
www.yallashoots.live/wp-content/plugins/easy-liveblogs/assets/css/themes/ 1 KB
1008 B 57ms
56ms Stylesheet
text/css 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yallashoots.live/wp-content/plugins/easy-liveblogs/assets/css/themes/light.css?ver=2.3.2

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ade2a623409a12d9b2eb3117d90c9813b6f0eabc63d4b23fd5ad5dd9b76c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:56 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Tue, 29 Nov 2022 23:38:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62nwF4O87Inx9YBwG5EFuAmPmNvy%2F6np6nHearsimlmllJSBxycsIoLz2tuNADwVQCItay%2FCUE5PXm1FPydCKAz7Eq4XUHS5gm%2F%2B0qIps3u5%2FraKmMgZASS7JRxyJ8x6ygtuiDiseSOtiL24dPzchJlTsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
cf-ray: 7955d6fa0f489968-FRA
expires: Wed, 08 Mar 2023 18:09:56 GMT

GET
H3 200 NeoSansArabic.woff
www.yallashoots.live/wp-content/themes/YallaShoot/fonts/ 56 KB
57 KB 20ms
18ms Font
font/woff 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yallashoots.live/wp-content/themes/YallaShoot/fonts/NeoSansArabic.woff

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yallashoots.live/home/
Origin: https://www.yallashoots.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:56 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1998564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57364
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Tue, 29 Nov 2022 23:36:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNq0i1bjOUKIPC7rG%2BIbBKtJJOEwyO0f8EL%2FRU4YlZgADsjCvFbg7t%2FGFQO5F86pa0M73DDOIFEg43Lu%2B8S8W4y%2Bi1J3jjrMnx3iJjk8u3m%2BTjPuBjKRiKq81zCg%2FY0ZxTNOoJ%2Bj8Ibb28VQkErFk8sz2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fa0f499968-FRA
expires: Wed, 15 Mar 2023 14:24:32 GMT

GET
H3 200 logo.png
www.yallashoots.live/wp-content/uploads/2022/08/ 8 KB
9 KB 16ms
16ms Image
image/png 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yallashoots.live/wp-content/uploads/2022/08/logo.png

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a33b94fbbd8a352b2c828c68434a4913d483f5d46c4708f92c8e42353f612115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:56 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1998563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8569
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Tue, 30 Aug 2022 23:46:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfeMEUnO6nwPaPBktOKm92Izn4Q9w4rwBZf277pGcIq8WK6lBc9sji6uWqNHR985eTiSKTK31qEcKr3zIqispYQ6BGFoGBZo2fTc5DfEzaGi%2BHNW2zi4hJOKJpGDP%2FeSc59OpoDIw903201ARxQvV3mAyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fa6fd99968-FRA
expires: Wed, 15 Mar 2023 14:24:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
49 KB 122ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2065856232380703

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd7710dad4ccd2e33543576da3d279f3aaf0d3010384791d6b691a34cece42bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Origin: https://www.yallashoots.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50011
x-xss-protection: 0
server: cafe
etag: 14584709426099408878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 18:09:56 GMT

GET
H3 200 easy-liveblogs.css
www.yallashoots.live/wp-content/plugins/easy-liveblogs/assets/css/ 640 B
878 B 21ms
20ms Stylesheet
text/css 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.yallashoots.live/wp-content/plugins/easy-liveblogs/assets/css/easy-liveblogs.css

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/wp-content/plugins/easy-liveblogs/assets/css/themes/light.css?ver=2.3.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8c1ffafa4cfd35df4f7a3b7c640a87515cc88202d806f824b85d2d0e7e73e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/wp-content/plugins/easy-liveblogs/assets/css/themes/light.css?ver=2.3.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:56 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1998563
cf-polished: origSize=770
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
cf-bgj: minify
last-modified: Tue, 29 Nov 2022 23:38:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BgGdv2H%2BD8mODrhtn0%2Bko%2BooU1hYJNLBRm3JUF0bHYFn4GkVxINcvCKMFIp6wr65bAQfBgtoaV8wukrOP8k0meAdv4YjNmKP7SEC5ydu2WToThJ6PF0xKL9%2B%2B1SP0sGx2XtXC9mbGobzOM9tu%2BAWHGfVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
cf-ray: 7955d6fa6fdc9968-FRA
expires: Mon, 13 Feb 2023 14:24:32 GMT

GET
H2 200 foxpush_SDK_min.js Show response
cdn.foxpush.net/sdk/ 40 KB
11 KB 62ms
27ms Script
application/javascript 2606:4700:20::ac43:48f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Requested by: Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeb8fb895f03c433a3b60f8710b634d46512a88560f23fa46810f4276b8ebd17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 10 Mar 2022 18:24:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a02c-17f7512e842"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aY8d2PDrka4bkHvL1SpB%2FOEBr0I9s%2B2F8qmCSXiA8RMS4mlGFm6eam%2FNZRrzoJk4guvN23xRD5vSZC9KF6LMO6B0ROvazpIxkoanCsP9ynFTbglolBGIhAryqLCmqNeguYHrjP%2B8ncdq%2BD%2FgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 7955d6fb6e253651-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
DATA 200
OK truncated Show response
/ 152 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22fbbe9eb30c318e496c02229662da3a2d050356be82db0b6b518835152ba2dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated Show response
/ 255 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efda7eb50949d6879d9ceb1c5588d3e6e203b58d81d86db3f99141e02af0595a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
16ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 16:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4507
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Feb 2023 18:54:50 GMT

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8521252fc3f4448a051e19592c2d6547d52bfce0e7f71bbec072b2b034c9762c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ 359 KB
118 KB 126ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2065856232380703&plah=www.yallashoots.live&bust=31071721

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2065856232380703

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caa3291280c6817ef3716377f85cead6dac8b80db67a70d2a8069f996889d128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120764
x-xss-protection: 0
server: cafe
etag: 7501927231883531665
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 18:09:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/ Frame B6A4 10 KB
5 KB 124ms
29ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2065856232380703

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 21:43:24 GMT
etag: 10353107486223812946
expires: Sun, 19 Feb 2023 21:43:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1880.png
www.yallashoots.live/wp-content/uploads/2022/10/ 9 KB
9 KB 56ms
55ms Image
image/png 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yallashoots.live/wp-content/uploads/2022/10/1880.png

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf35de10aa844df804632324ff8b198d2915b0f89acc223a84ff12770d72ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8954
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 17 Oct 2022 01:58:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFCs8ibpHeu%2FU%2Ftyypo0WPy3ZuYoDp3IWT72eFQLhrw6KA4hFnGkbB2VcJacYz8LRkd8EJ%2FZX9%2FX5PAS%2FHPsijJ9NE3CtakeQJ6iy50gsOXSeMU7ddpj1XwFfcG9mIOhemuEG0dsGH8U7M8hG5pkaCrilQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fbd9c69968-FRA
expires: Fri, 07 Apr 2023 10:49:30 GMT

GET
H3 200 2.png
www.yallashoots.live/wp-content/uploads/2022/09/ 5 KB
5 KB 57ms
55ms Image
image/png 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yallashoots.live/wp-content/uploads/2022/09/2.png

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f019a79b9a0291a04fbcd0b926e4660380cdc9fc47838f565a40971112bc0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4807
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Sat, 17 Sep 2022 02:46:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRrFSSagdSqgFw8omlS2NX41Cct8mDn8Wv4S%2BnLQYpjVZe8cbX8uDvIWzfoqTLi%2BC%2BVci9ck3e5s%2Fxo%2B9pJrHXFtKqCOOINJ8y85wn%2B9NcROT9TEUuQcrVlfxBRnf5bp%2FZ9QLAbRjMfK5czb3zN3V0zhwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fbd9ca9968-FRA
expires: Fri, 07 Apr 2023 10:49:30 GMT

GET
H3 200 1395.png
www.yallashoots.live/wp-content/uploads/2022/09/ 4 KB
4 KB 51ms
49ms Image
image/png 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yallashoots.live/wp-content/uploads/2022/09/1395.png

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92bdbb30e7b2101729611ed48679aeb38281c61e7914d5b5d2076313c76c566e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3712
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 12 Sep 2022 03:45:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj3jG3rZ%2FEKH%2BtxiGx86OIoJkETVw1eGcs33rW8%2BeoIwI352CM4%2FSYfLlItzwOnSzXJBjHlHSMiyZMP2F4G6t4SoLzOSDFTVd%2FmLhjcltWrG4W12zqXRBvJi6ArV2kOS3iZDJyYgR1VegamoiyXJLoph4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fbd9cc9968-FRA
expires: Fri, 07 Apr 2023 10:49:30 GMT

GET
H3 200 136.png
www.yallashoots.live/wp-content/uploads/2022/09/ 3 KB
4 KB 52ms
50ms Image
image/png 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yallashoots.live/wp-content/uploads/2022/09/136.png

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f2d31a40425077915dff1cbdffe77c69cac7a3645ad859da9e8b881cf5bd1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3295
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 12 Sep 2022 03:45:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYXJkflEFwOGUvCypHmqbeHk5ZdoyXhYYg83zxb%2BaCERdoBhhoA%2FC4s5AJSdER14ijfo1y8fNc6FBzFqztlwwKjo7vI2tqj2X7W8WO%2BOQ%2F9i%2Bjd4b2t29lfUPnVm0fL2V%2F3xEXQ4vlscWDgqQ2Vk%2BT%2BfYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fbd9ce9968-FRA
expires: Fri, 07 Apr 2023 10:49:30 GMT

GET
H3 200 122.png
www.yallashoots.live/wp-content/uploads/2022/09/ 6 KB
6 KB 52ms
51ms Image
image/png 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yallashoots.live/wp-content/uploads/2022/09/122.png

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eee5e26206caa6d728cbf23a6c5146bc0966daa3df8b440116479b3cb325403e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5955
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Sat, 17 Sep 2022 02:43:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QW%2Fb1SL37%2Bam%2FndujMoMeKoB5X3YfaUxx222CCtP1DpGF6K8LjAun4Y2ADzG5UU4Jyb%2BPt4h8uMa4iwz3aCYyS3kFcnOU%2BtEuGgZCZPPF%2B3%2FT3FQ4gtWd6qCMI7GaQoKS7i7GZR1vD92HW9QVpEKyHiS2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fbd9d19968-FRA
expires: Fri, 07 Apr 2023 10:49:30 GMT

GET
H3 200 752.png
www.yallashoots.live/wp-content/uploads/2022/09/ 5 KB
6 KB 54ms
53ms Image
image/png 2606:4700:3036::6815:5c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.yallashoots.live/wp-content/uploads/2022/09/752.png

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:5c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1683af271ada9748c2664596e50e565bfa3f72dac60cdf1a0a083e8a684f88b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/home/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5294
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: MISS
last-modified: Mon, 12 Sep 2022 03:02:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68gGE0XMQPm26rS8vVdljESpH9SpKU6FjoeyQiJYwxkYvTiY1KVEHdkcZIAP9%2BO7Fzdi6BFTHPblo%2FGeszBvzYRFD8d1NGe0RVSxgCM91zTyZBWHgY5izDYg11I6IyxcmYBwQW0TWHPUW%2B5dkh5CFAjEyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 7955d6fbd9d29968-FRA
expires: Fri, 07 Apr 2023 10:49:30 GMT

GET
H2 200 goal-caironet.json Show response
json.foxpush.com/ 1 KB
1 KB 65ms
28ms XHR
application/json 2606:4700:20::681a:45d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://json.foxpush.com/goal-caironet.json?v=0.2225616911423982
Requested by: Host: cdn.foxpush.net
URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:45d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c76a2350fdd3e78da04d7f64760050546d2dcd1b9badd7fb097bbf1d08c337fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 10:19:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b1-186263cecb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoPiBRcs985Crmo1Mh5kzbCIgBH5KKd7qqH9pyxG9YmwBFyRRIrMoKwd8C0CEPurgL%2FkVddGkl1JikxhTRsOATGhUynGFVikrwmrWpQziP0HS%2F0njCX5Y37DqhsLGOCq5c5BTH7mqSIAkY7UVg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 7955d6fc1e859bef-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 23ms
22ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=311698602&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&ul=en-us&de=UTF-8&dt=%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D9%84%D8%A7%D9%8A%D9%81%20Yalla%20Shoot%20Live%20%7C%7C%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%AF%D8%A9%20%D8%B9%D8%A7%D9%84%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1418050287&gjid=422381246&cid=2023091984.1675706997&tid=UA-139803942-4&_gid=1062445197.1675706997&_r=1&_slc=1&z=276065319

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yallashoots.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:09:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yallashoots.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
www.foxpush.com/source/ Frame 8199 989 B
848 B 64ms
28ms Document
text/html 2606:4700:20::681a:55d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foxpush.com/source/index.html?fox_domain=goal-caironet.foxpush.net&hurl=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F
Requested by: Host: cdn.foxpush.net
URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:55d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2830bdb37d519f86563ffe63daee20904ac82d3542f9f6eeb821613de68572

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33537
cf-cache-status: DYNAMIC
cf-ray: 7955d6fc897b37ce-FRA
content-encoding: br
content-type: text/html
date: Mon, 06 Feb 2023 18:09:57 GMT
last-modified: Tue, 29 Mar 2022 13:15:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcFazFHRwaSJOD54Na0GABY9bBkZFlIx0XdkNlUZNfFC271RE47BQfIw85EgzcN82zAZ2zoJnsrB%2FryTs87vNBBJG8liB5uWFRfc1DN0eQ4UWejo9ErToMINp1F6HcSrp4XnTyVRwoe0Y0N8xA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
x-amz-cf-id: Ci64lmMrlHSryNf1jA_W8_2zfAESHKOA6DUbVsSckRD_tNsurXWLpQ==
x-amz-cf-pop: FRA56-P4
x-amz-version-id: YtW_NNCmSut_C5fwmNEDaqgbuj6FlNun
x-cache: Hit from cloudfront

GET
H2 200 foxpush_SDK_min.css
cdn.foxpush.net/sdk/ 21 KB
6 KB 26ms
26ms Stylesheet
text/css 2606:4700:20::ac43:48f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.css?v=1544652719
Requested by: Host: cdn.foxpush.net
URL: https://cdn.foxpush.net/sdk/foxpush_SDK_min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:48f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e7a602e420b13bf0ec8bc909755748532f62765968b211fc33c1b15f5b12a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 06 Jul 2021 20:47:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5581-17a7d938997"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nYe4%2BXYcw%2BoLx6qp48ZhfD09ip%2FrPlsndRewts0SfjeM%2F8Ui0CNcFXFG%2FqPz64c4TyuJbz3gIkdZfoEkqbsTHFR9oCi4AVuy3%2BUNAi9XSyltUIx1FVtqKIPvy0OxFzXUbQBI6fhY%2FYDKByiiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 7955d6fc5f733651-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1

200
OK

info2
uip.semasio.net/foxpush/1/ Frame 8199
Redirect Chain

https://uip.semasio.net/foxpush/1/info?_referrer=https%3A//www.yallashoots.live/&sType=view&gdpr=0&gdpr_consent=null&nJs=1&_ignore=58385607744431624&nIframe=1
https://uip.semasio.net/foxpush/1/info2?_referrer=https%3A//www.yallashoots.live/&sType=view&gdpr=0&gdpr_consent=null&nJs=1&_ignore=58385607744431624&nIframe=1

42 B
603 B

31ms
31ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uip.semasio.net/foxpush/1/info2?_referrer=https%3A//www.yallashoots.live/&sType=view&gdpr=0&gdpr_consent=null&nJs=1&_ignore=58385607744431624&nIframe=1
Requested by: Host: www.foxpush.com
URL: https://www.foxpush.com/source/index.html?fox_domain=goal-caironet.foxpush.net&hurl=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F
Protocol: HTTP/1.1
Server: 77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.foxpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:10:03 GMT
frontend-id: 4
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:10:02 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /foxpush/1/info2?_referrer=https%3A//www.yallashoots.live/&sType=view&gdpr=0&gdpr_consent=null&nJs=1&_ignore=58385607744431624&nIframe=1
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
608 B 61ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.yallashoots.live&callback=_gfp_s_&client=ca-pub-2065856232380703

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2065856232380703&plah=www.yallashoots.live&bust=31071721

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9874045db9867c98b24785dbc2eeeb0905d4a1581a846fbea2075701218b9579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 161ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yallashoots.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 134ms
52ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yallashoots.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2328 374 KB
77 KB 434ms
433ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&adk=1812271804&adf=3025194257&lmt=1675706997&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997057&bpp=4&bdt=254&idt=221&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2439074822546&frm=20&pv=2&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c08288c02179dd3339e2f05a4cad135d9fbe9d05d9ec73d7fc5abbdf5bcd6b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 78734
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:57 GMT
expires: Mon, 06 Feb 2023 18:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54E2 91 KB
33 KB 346ms
345ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=2655117408&adf=54630664&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997073&bpp=1&bdt=270&idt=232&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DVm1PwSSIG&p=https%3A//www.yallashoots.live&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39ff157b3453e030a1281012441cae61b4c53cecebd740e475ef9f2e597adc62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33627
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:57 GMT
expires: Mon, 06 Feb 2023 18:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1868 71 KB
23 KB 486ms
485ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=90&adk=4177220252&adf=2181667279&w=1100&lmt=1675706997&rafmt=12&format=1100x90&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997080&bpp=1&bdt=277&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aaKiPUhzEo&p=https%3A//www.yallashoots.live&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aea725121ed9cbaa2978e5eb02d104dc461ea0af39ed3b67e196d19aa6cc1fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23370
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:57 GMT
expires: Mon, 06 Feb 2023 18:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41CF 84 KB
31 KB 249ms
249ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3749226152&adf=1779215560&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997085&bpp=1&bdt=282&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yxT9DXubJq&p=https%3A//www.yallashoots.live&dtd=241

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77a2cfbd4fabe90158d2d593ff51dcc11fa4648c88ac7995d7a92167a1e002a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:57 GMT
expires: Mon, 06 Feb 2023 18:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E67E 94 KB
33 KB 273ms
272ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3732135956&adf=798094206&w=1076&fwrn=4&fwrnh=100&lmt=1675706997&rafmt=1&format=1076x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997086&bpp=1&bdt=283&idt=243&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BPsQzSzVzO&p=https%3A//www.yallashoots.live&dtd=247

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad2d84aef45fdd228c374c5fdf0ffbdd9267fcac12c27896c237a9460b05d794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:57 GMT
expires: Mon, 06 Feb 2023 18:09:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 41CF 6 KB
1 KB 133ms
51ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3749226152&adf=1779215560&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997085&bpp=1&bdt=282&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yxT9DXubJq&p=https%3A//www.yallashoots.live&dtd=241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 16:15:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 41CF 2 KB
799 B 92ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:20:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 41CF 22 KB
9 KB 67ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 06:46:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 41CF 3 KB
1 KB 53ms
41ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 18:09:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 41CF 18 KB
8 KB 69ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41CF 157 KB
48 KB 108ms
69ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:57 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 41CF 33 KB
14 KB 92ms
31ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 May 2023 09:19:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E67E 8 KB
968 B 125ms
52ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3732135956&adf=798094206&w=1076&fwrn=4&fwrnh=100&lmt=1675706997&rafmt=1&format=1076x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997086&bpp=1&bdt=283&idt=243&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BPsQzSzVzO&p=https%3A//www.yallashoots.live&dtd=247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 18:06:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E67E 2 KB
846 B 83ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:20:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame E67E 22 KB
9 KB 62ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 06:46:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E67E 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 18:09:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame E67E 18 KB
8 KB 71ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E67E 157 KB
48 KB 112ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:57 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame E67E 33 KB
14 KB 79ms
37ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 May 2023 09:19:41 GMT

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 54E2 9 KB
4 KB 146ms
63ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=2655117408&adf=54630664&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997073&bpp=1&bdt=270&idt=232&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DVm1PwSSIG&p=https%3A//www.yallashoots.live&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 00:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 05 May 2023 00:10:38 GMT

GET
H2 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame 54E2 10 KB
4 KB 143ms
60ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 16:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 May 2023 16:39:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 54E2 8 KB
968 B 117ms
54ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 17:38:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 54E2 2 KB
765 B 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:20:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 54E2 22 KB
9 KB 64ms
30ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 06:46:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 54E2 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 17:30:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 54E2 18 KB
8 KB 69ms
35ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54E2 157 KB
48 KB 108ms
87ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:57 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 54E2 33 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 May 2023 09:19:41 GMT

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 1868 9 KB
4 KB 135ms
69ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=90&adk=4177220252&adf=2181667279&w=1100&lmt=1675706997&rafmt=12&format=1100x90&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997080&bpp=1&bdt=277&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aaKiPUhzEo&p=https%3A//www.yallashoots.live&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 00:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 05 May 2023 00:10:38 GMT

GET
H2 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame 1868 10 KB
4 KB 132ms
66ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 16:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 May 2023 16:39:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1868 8 KB
968 B 100ms
53ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 16:11:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1868 2 KB
765 B 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:20:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 1868 22 KB
9 KB 54ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 06:46:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1868 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 17:30:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 1868 18 KB
8 KB 50ms
32ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1868 157 KB
49 KB 61ms
56ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:57 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 1868 33 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 May 2023 09:19:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 41CF 0
0 73ms
72ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrIf-dULhY-u8FvGP-cAPgMe56AT71bjtbvnhsZLhEOOl4J-uAhABIIquoD1glcKmgrAHoAG3mIGiKMgBCakCzttQidAdej6oAwHIA8sEqgThAU_QX591okuhxUzHwLfWQarbUyfm87nNjRBP8ag5Grn1V9cxYR7kmKzcJQ69DXX59lA1_1PqzkLCzhs3bfYlVayHjMCoO48XwXsp1-U1TnXIdLlP7SRSZisSeHxJCYGgdkHDOkCN-X-k79cmmynsdljCmie4w7uDDdyRCa55HHdrjNXfi8Lkz8ttMBjWfi8fEzX7j0jgx_yi3Bu2iceHmi9xWt6kwI0DykfmikgxTyqqDpfZE062k1tYw256oVVKH5ye338L5lD_DSVpQAFlRfDJN6wmqRd6o1lGDSmWmFa2OsAE9orQpIwEkgUECAQYAZIFBAgFGASgBi6AB4HPjboDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpucC0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTIwNjU4NTYyMzIzODA3MDMYAA&sigh=HBJCnsjU0wo&uach_m=[UACH]&cid=CAQSGwDUE5ymseJB44omvEl2QFGCtLRkIpbCFaq1DhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3749226152&adf=1779215560&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997085&bpp=1&bdt=282&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=1097&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=4&uci=a!4&fsb=1&xpc=yxT9DXubJq&p=https%3A//www.yallashoots.live&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:09:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 18:09:57 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/10395942457481521001/ Frame 41CF 19 KB
20 KB 50ms
41ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10395942457481521001/2728354180183721846?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbfde5dea08b3f8444e8cf41979f899f2497fb76c9061698a3daf719d57a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 21:45:24 GMT
x-content-type-options: nosniff
age: 332673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19752
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 10:38:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Feb 2024 21:45:24 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/5977582997972535253/ Frame 41CF 7 KB
7 KB 51ms
43ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5977582997972535253/2728354180183721846?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:26:18 GMT
x-content-type-options: nosniff
age: 359019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7449
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 10:38:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Feb 2024 14:26:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E67E 0
0 77ms
77ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGppzdULhY_SCF4ipZtSahfgIjYHz7G6I76LOpBDqtozxvgEQASCKrqA9YJXCpoKwB6ABt5iBoijIAQmpAs7bUInQHXo-qAMByAPLBKoE4QFP0BZEmx8kfUH-QPuoHAAfsbIS_l2iPbPF_FskoKQ6IfBdfrazWKFlZoXjAzPHSjT0Ja1-DrFIMG_39fssD1kVl6mT9u3h4RWw9cqAUKtbCu1u6IdWHtgMdd7l27iZvRROR60Gm91tg9wwqAAfZgNAfpab-YqAL3yXab12XuUiDjn3oue-RoGaBNKG3lspCfc7VksIZdjOSJxPj9_DR3yH3blIixNAhfbZq9VvBfUKsend2pzlDlsinRl4U69wOegpED2kX7F_y49MXJF7jdatcKyQtEFUgQ-9YI3idv6KUmnABOjZhYmUBJIFBAgEGAGSBQQIBRgEoAYugAf92KatA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDENhs0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMjA2NTg1NjIzMjM4MDcwMxgA&sigh=Tt9rf7khTl0&uach_m=[UACH]&cid=CAQSGwDUE5ymv2SNNk821ivHZnb8xsJC2ePS5jL76hgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=3732135956&adf=798094206&w=1076&fwrn=4&fwrnh=100&lmt=1675706997&rafmt=1&format=1076x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997086&bpp=1&bdt=283&idt=243&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280%2C1100x90%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BPsQzSzVzO&p=https%3A//www.yallashoots.live&dtd=247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5138588182162159514/ Frame E67E 10 KB
10 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5138588182162159514/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c2fea583668d5a5a3b7f6631cfb7db22ec31b2ac6de5c7fb67c1e15305a773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 06:07:46 GMT
x-content-type-options: nosniff
age: 302531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10604
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:11:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 06:07:46 GMT

GET
DATA 200
OK truncated
/ Frame E67E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E67E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/ 150 KB
51 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301120101/reactive_library_fy2021.js?bust=31071721

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

291dd8d074134af2ebb249247aed29765ceb1067c6f1a90d02684ac60db5f14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52165
x-xss-protection: 0
server: cafe
etag: 833543801129767236
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
DATA 200
OK truncated
/ Frame 41CF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f88e7d8dd4e591753d25373558607b591fa8f1da3ad4a15a7cb0988f6249937

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E67E 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e831551f91e8522867f5574a3202d5f5a04a9cc2ec435a510f23aa974a8e925b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41CF 15 KB
16 KB 121ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 20:40:44 GMT
x-content-type-options: nosniff
age: 250154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41CF 16 KB
16 KB 123ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 13:59:42 GMT
x-content-type-options: nosniff
age: 360616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 13:59:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 41CF 15 KB
15 KB 133ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 360262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 14:05:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 25ms
23ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yallashoots.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 53ms
51ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yallashoots.live

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame 2336 10 KB
4 KB 39ms
32ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 07:23:37 GMT
etag: 10353107486223812946
expires: Mon, 20 Feb 2023 07:23:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame 6013 10 KB
4 KB 40ms
33ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 07:23:37 GMT
etag: 10353107486223812946
expires: Mon, 20 Feb 2023 07:23:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame AFA7 10 KB
4 KB 39ms
33ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 07:23:37 GMT
etag: 10353107486223812946
expires: Mon, 20 Feb 2023 07:23:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/ Frame 31CC 10 KB
4 KB 43ms
38ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 07:23:37 GMT
etag: 10353107486223812946
expires: Mon, 20 Feb 2023 07:23:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E67E 28 KB
28 KB 102ms
35ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:59:50 GMT
x-content-type-options: nosniff
age: 285008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 10:59:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54E2 0
0 73ms
73ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnST5dULhY-LJFeKM-cAPr8Cg8AaNgfPsbojvos6kEPLa6JnLARABIIquoD1glcKmgrAHoAG3mIGiKMgBAakCzttQidAdej6oAwHIA8sEqgTbAU_Qb1vKIhzpqmSos1gQTyJCc4NJZhMMm4n-ZfyRgrpiQblycJ-CNVW6rLE0Ts8Y4avw-POrkY-Xv9zrM4jOj-NoprHwkEm9I-pH_X-NSArJzfvEt1dKgdWXBXdCbVBQD9Yv2zhzNftRB0nM_f5Ctpy6P32qN8F5lC5K2APPUeVo2h3tBITYY-jYLaasESIpa5F3c98ezzrP7slllQQrsdaMnBbb0eB6pPS7PXUbqNGolL6915OkRzXUxoXPAS9O806VTsPySSLp4cKiLTpw8iA_L71PRVedAUdE8cAE6NmFiZQEkgUECAQYAZIFBAgFGASAB_3Ypq0DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ744E0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMjA2NTg1NjIzMjM4MDcwMxgA&sigh=_VJc60hPXfA&uach_m=[UACH]&cid=CAQSGwDUE5ym8IR8VkKzxSwVb1kSTpCjYmIAu0scchgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=2655117408&adf=54630664&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997073&bpp=1&bdt=270&idt=232&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DVm1PwSSIG&p=https%3A//www.yallashoots.live&dtd=238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D576 143 B
166 B 45ms
40ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=280&adk=2655117408&adf=54630664&w=1100&lmt=1675706997&rafmt=12&format=1100x280&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997073&bpp=1&bdt=270&idt=232&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DVm1PwSSIG&p=https%3A//www.yallashoots.live&dtd=238
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:11:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6803787358223291912
tpc.googlesyndication.com/simgad/ Frame 1868 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6803787358223291912?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6088cd865c8a13c0b7a448bc6d10f35b8a069abaeda72a16c5966df0ced2d659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 02:06:34 GMT
x-content-type-options: nosniff
age: 317004
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1680
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 02:12:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Feb 2024 02:06:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1868 0
0 72ms
72ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck2BOdULhY9GHFo-b-cAPm8OdqASTw4Dubqy58LL8EJbQ7KWODhABIIquoD1glcKmgrAHoAGlkZakKMgBAakCLwzsiboMsj6oAwGqBN0BT9DsUFEed9S5A5oD2gKZGvyPVkDYM4HJy3e2qB44-pSP1y5epLnHrfHGTkhzsR0gfHqQYv8WBC0cEo3nBKPv437cY4sr_vnreJ7A9e1Eem031RmR3_M2bKFNQ7-g5c4nW6pamCRxdxNMP5iXoytAXI8IeD9XiGZmZH_dPzu7tErKRQiWwozerFowEIfBhLYT1WKa04PN_R8t89SEZhu8i1ghYMI_MaTmY5DvFByvkuikPkhvv3E_V52VRgN2BVlt50_C9Oj93YNw8NJcA-tabVdTrIC6YjV0WtaHKMjABN6Tz-WXBJIFBAgEGAGSBQQIBRgEgAelyeaDA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIbIAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIwNjU4NTYyMzIzODA3MDMYAA&sigh=uQvzfYT0MyY&uach_m=[UACH]&cid=CAQSGwDUE5ymIhP_hdf0YmotEpnEyOztMi7KPbcIbBgB&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=90&adk=4177220252&adf=2181667279&w=1100&lmt=1675706997&rafmt=12&format=1100x90&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997080&bpp=1&bdt=277&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aaKiPUhzEo&p=https%3A//www.yallashoots.live&dtd=238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E9D 143 B
166 B 45ms
42ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2065856232380703&output=html&h=90&adk=4177220252&adf=2181667279&w=1100&lmt=1675706997&rafmt=12&format=1100x90&url=https%3A%2F%2Fwww.yallashoots.live%2Fhome%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675706997080&bpp=1&bdt=277&idt=235&shv=r20230201&mjsv=m202301120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1100x280&nras=1&correlator=2439074822546&frm=20&pv=1&ga_vid=2023091984.1675706997&ga_sid=1675706997&ga_hid=311698602&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071721%2C44779793&oid=2&pvsid=989882057808755&tmod=1013765354&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=aaKiPUhzEo&p=https%3A//www.yallashoots.live&dtd=238
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:11:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 54E2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d64d7427374b22f80ff8dda7353a1ba3598e6076d5ae70114d0be0a34b977508

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1868 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49a9f0383dab15c31b4bec64d461096746d9e435dec972ccac97e3b6822013b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame D143 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 08:35:56 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2336 4 KB
709 B 53ms
52ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 16:53:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2336 205 B
229 B 30ms
29ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 16:56:20 GMT
x-content-type-options: nosniff
age: 4418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Feb 2024 16:56:20 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2336 604 B
628 B 32ms
31ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:59:28 GMT
x-content-type-options: nosniff
age: 11430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 06 Feb 2024 14:59:28 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/ Frame 2336 20 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 20:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
server: cafe
etag: 8727046649480766555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 20:02:52 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5D8F 146 KB
49 KB 136ms
102ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-FCdQAFQJsKGdMNAAjBP2NJvILXlblj98Dt9g&u=%7CINwQN%2FSu0xIBQ6SmYvkTRlbe7tfw3nl9PA%2FIeEZWNIg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsPNAANLDwTLJVhjGAR0EK06wwSIJT9GcnLgLl10xqzmAQe7FoPnhltKiqTSVeU4EYM_Fqt73AxxAu8EUyh1FsTIf7PZttxjmL27-P6AL4wKf4vd3qKDI3RfflEUqQqJFT8qFL1LuKb0znC29OyrvgGASpuU7hzrK80lxBSBAif_mahoeJ_NFMEO8Za12YNZjQxTIt8FIB1x6m1ffKXHhkk6GU2q-V7qkGmgxIBABKGRilQ4tL0MMPuIVeZWZ-MiCB9hlY02OZShMt2TRF2RRkyk9-e95HgwCzEXBGyL2CY0HEoRz3dNakw2zDw8MNUhASuCTYuCvgp6xmVzglDpK2Ip_Np3dKpJy14XXWUxacg7TgdMTQTSTYtSa1x-Fz9BSyMtC92yUM78l7NCJltIJpLzTZcl6kf-qB1kYR8SNYIEpDkY1fdwS5w-d63d326T55u8d7pUXkSX2w_G0loXrH8hZgIDTdwLo1vrL9GTZo_5CaItge32f-IS8gAp66kmx3654NGhk75xvAys-YZUAUHpTmXW0yBxHdU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjTtcdULhY5uBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEzgFP0M1F0KfxMiXyc9tShcFvEqnbxHSbnPS6UW8oCx0myMyUbEwCC-TJJxBkrkBTw1QUvUbgG4uPXLJs4ppEMBYvWQsA7zE4U82-FA7ti9Llka1OMq2GFxznwYNjS2IHicuJxhENgfG-4Rf-eYoFYPZJLjGYTTcb3W6-iwNSbd0wNGEzXW3g_aCFQUTk2_ShqzSRH3FP1t4sesYeN5fWM1zDruGMPcCPUzcCC9ORKB84_0PIswXME6lO_SN7WaeDFcDcqrVQuqWYUUZUKhPTHIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0p_Dyn3yT5-iOmvQ5fp7mEb5u2kQ%26client%3Dca-pub-2065856232380703%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2907602c2763bbb8f5b2bdcf6265ac10844606a2f2704c396afb8bb5cc33ac42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:58 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=1l-LfYtB69BY7uGEgR8g7CEbhcdpK2FYa7Bmopfv2mznXyHUtxIwWj19RDOqMHW-glLsXKBKQJpt_eRcGtASwHMbFRd21wEcVBmIOeFocllAe_-7aLPOgCtBje_Ce0reqWUGxiYcPBmkPp8bln9HD3S-MIiuNpdeVx8igCzqzzCEehCbD15l9so2VZmXqJ9tBiopznqyc3xCtoyOK44fygZZ3xZZfa9rw12j4wYD__B6lahgOTSZxFXHUzquzHMkxEcG6Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 82673566
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6013 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 17:30:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 6013 18 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6013 157 KB
48 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9C74 149 KB
50 KB 164ms
133ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-FCdQAFQJwKGdMNAAjBPzYPnhSuiizqhY1lDw&u=%7CINwQN%2FSu0xL5XQU7FHfOzxLM%2F35PzlQATU5kZS1YIRw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNlbgLxpcO5Jm02GPbgUo9dZ6evzmMu2HDo-u-DQQOWHnpXNo5VAsGTwwCGXX4XgPUL9gxOLtNUe90arF3pNDnyRg8nRmVBtpgYbXp22r5_kJ5vXZZX9r8o5pkQR6SKpBbIGrCeLhOspBBya-mBj73b9quDiVND8Gi6v5zNNN-G6zAQ-dEOBVrRoMm78pEBQ3gwByLbU9gIUKVP7AnqdcValLfFotltZQ3CqPtrG83GiTqkudT7mGn26oTTJKC0oFwJB05fx9mDyi3-vE62WZTORNfcKzR1XCpdutsvjNU8RFvf63EbYvASQSlH4Cx8NBR9nu4-NWDeFxamvSEwT6_QdUaoW7RWRDQ2tBePNjbuxrT_Rm1MzpA3uQVlRtjGTAnjWeb96WM4x8AOTCRsnKg936_92cMgxxamFvgwcdma6cpIJ55d-YXEyHXr9Yo_QHyTez-l-bWBEQAajCxWfrS53Hvp6pLnCJLj9KW2SIyZU4JbDHljwS0bkuLNRttZbc2X39_DHWlQXEfsisk8f3_nR2RLa7EG1f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqMO_dULhY5yBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEzgFP0FTr-M-oetIcclMgrpqqtKsqPZOg-iB1YgImYpY-lU2wpAh9xhxcxdFzj1IWktBDOjeDTMfvyO4HWzO58vLBvmhgMR7A-1vE5-QaxsC8LW8qG46xTCXDDh52I-8_jEiHGcxX8IC-XFSu3onDqv37rGhaTbsVKXC-V72ncnkYZmJe0jP9axmJcpJPy3yhZikV54YME03phQeHvqcGXH4ogmzjkP3YxnzKautM8sU6U3nhJ4ptOZmUTkYInrp_MkORdhbpa3AcMkSuOQpfIoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10HmSSCW_rgFeRYQDWwhjaCcIvlA%26client%3Dca-pub-2065856232380703%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dd3f79224fc798b7982453693bfacfca820dd956ccd2b323e849684f577feb46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=IlZbA4tB69BY7uGECbUKyaN5V24eW0inqPFi9sD8MFw_t2U_B9rC1yDiExVkxrp-9MTIoJ6VZq3yJ4QRaN1Ri6dZbbGOeIFETTemhFuLCCALN7n4YNqh9ruoax799M8J5aHB-2uTxrPZ4y35Ar4RpsEDw_hH0VdlsWDmNux9iWTZvs5BIGZU8cH8H_38piuTcufW6N_5BsyGTrgXch7SQWJ--vOvouBsAjIkLM6aI4Pcf77Ar5se3Kv2a4I"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 104098786
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame AFA7 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 17:30:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame AFA7 18 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFA7 157 KB
48 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1089 36 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 08:35:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 31CC 2 KB
765 B 21ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:20:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 31CC 0
0 76ms
74ms Fetch
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtDZLdULhY52BFY2mZ7-Co5AM85S7g27E3ZXHohC96f3JiDIQASCKrqA9YJXCpoKwB6AB4r_W8wLIAQmpAi8M7Im6DLI-qAMByAPLBKoE3AFP0H-4WjREy0qYlwsjwBPgM3sgC59Ak1tLsbdLt5iAd0QM5iZPvmboXkKZNjVgFOQ-qoigF80ElkI2tjBVIVg7SZuhwIRIJAKQlI8aiALRyILMMvPzqoV5kAYrgaN136Jque72Vs7rZaqQ2S2T_Fm8UmmAFtnYdJvqsLMOLzujdd8ioTsIvHvCUKeP5Vu2TaZb_KT3vM0FHXlHlj_QIDlt9Con3rRFD05hFnuQBTVS-XoLo_C7AKxXNL2OAAPKPyKZtQ4TQSUrTwzROxcdBFnHqRtLZqmuOVAPI3p0wASvhYTxlQSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHhsCpjAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQpdoB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwuIFAnQFQGAFwGyFxwKGggAEhRwdWItMjA2NTg1NjIzMjM4MDcwMxgA&sigh=2mHbWb04Y7Y&uach_m=[UACH]&cid=CAQSGwDUE5ymtUinzTLGUpg2le1dT5Eih52tX82pTBgB&template_id=494

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:09:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 31CC 22 KB
9 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 06:46:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 31CC 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 17:30:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 31CC 18 KB
7 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31CC 157 KB
48 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 31CC 33 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 May 2023 09:19:41 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 54E2 28 KB
28 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:59:50 GMT
x-content-type-options: nosniff
age: 285008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 10:59:50 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1868 28 KB
28 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 10:59:50 GMT
x-content-type-options: nosniff
age: 285008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 10:59:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 31CC 28 KB
28 KB 223ms
103ms Image
image/jpeg 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTFoKANK1yXXBu47MEsCFsHw-LIXd1N1FwI5_7UwbhWuFHMJGdmSHPukEPVKg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfd98b47d6465bb1423742dc70d3a23ea3994f999cefd6809449df1f7440df43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 20:20:54 GMT
x-content-type-options: nosniff
age: 510544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28439
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 10:16:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 31 Jan 2024 20:20:54 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 31CC 16 KB
16 KB 185ms
67ms Image
image/jpeg 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRBADEMHCLQSOjuHm14R3AFVXnqrA1Z0hpHFqkOI970tYsJNrDDgT2by9HgQZ0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a139d63dde5c652d8cea9f21d504cbdf3ca942bffb54681582d4a671dc76a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:42:30 GMT
x-content-type-options: nosniff
age: 26848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16586
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 09:59:59 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 06 Feb 2024 10:42:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 31CC 12 KB
12 KB 165ms
48ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQOue0LMNbxPR3xvMb_kOdSY5uLxghUV8n01qOmhzF6WLDN6_nkyAEA_OPwbA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7b4dba6509e352c492a5f2f4055420280bbfab752ae45864c82ce9d8c6c32b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 10:01:00 GMT
x-content-type-options: nosniff
age: 29338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12573
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 05:42:18 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 06 Feb 2024 10:01:00 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 31CC 32 KB
33 KB 147ms
30ms Image
image/jpeg 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR6pmyTNuH5E47Jv1q_DfhligZpAsJfM30vFik8W-HLW_Mn_Z_XSQ6DFrErESk&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0729d2a1b220efef3752aff646c92051b2c141a176204006047c9400118e4c25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 00:43:27 GMT
x-content-type-options: nosniff
age: 581191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32902
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 10:15:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 31 Jan 2024 00:43:27 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 31CC 40 KB
41 KB 150ms
32ms Image
image/jpeg 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQKN7_KoQOWPP4omsTTa4-x6uN1iPIvvRXia-iG-zPWQwzxbiJ6UKJjXKBrdcg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9635364ea8b3a26d92df2fa7e6e052443fe7164f2e6e5307c06e55675cee1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:44:47 GMT
x-content-type-options: nosniff
age: 30311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41233
x-xss-protection: 0
last-modified: Sat, 29 Oct 2022 05:03:27 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 06 Feb 2024 09:44:47 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 31CC 67 KB
68 KB 134ms
18ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSnNV-3rEuKUNsD9FqnqIkvxgw6W_PS9wSGqeDOMQS74VWN9UvSQ0bjc3SpnQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d02d1d3854b0a453e7bcf6e55172b1bbe2943b202f18918b460c76c2b777facf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:01:10 GMT
x-content-type-options: nosniff
age: 479328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68823
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 02:36:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 01 Feb 2024 05:01:10 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 31CC 50 KB
50 KB 183ms
66ms Image
image/jpeg 2a00:1450:400d:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQEwirI_ml-YPd3N-WUBGCTYgcllNLLfjcdLEMTvvMTVtk5m9B5rZSp5w0jou0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b2d18422accb6d7a46924653152b16cc21d372b0985e4221131566fad9bc209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 05:05:41 GMT
x-content-type-options: nosniff
age: 565457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51472
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 22:05:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 31 Jan 2024 05:05:41 GMT

GET
H3

200

8581284204173772508
tpc.googlesyndication.com/simgad/ Frame 31CC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCE8pnNWBCgBhigBjIIEpj-VFr-G5k
https://tpc.googlesyndication.com/simgad/8581284204173772508

97 KB
97 KB

20ms
20ms

Image
image/jpeg

2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8581284204173772508

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141075c29836431a9e319dec9f54db57aaa3ecb6e3df714bf8f525749653a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 04:44:12 GMT
x-content-type-options: nosniff
age: 393946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98948
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 14:41:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Feb 2024 04:44:12 GMT

Redirect headers

date: Mon, 06 Feb 2023 11:12:28 GMT
x-content-type-options: nosniff
server: cafe
age: 25050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8581284204173772508
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Mar 2023 11:12:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D576
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

71ms
70ms

Document
text/html

2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:58 GMT
expires: Mon, 06 Feb 2023 18:09:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E9D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

82ms
82ms

Document
text/html

2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:58 GMT
expires: Mon, 06 Feb 2023 18:09:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:09:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 53C1 2 KB
765 B 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:20:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/ Frame 53C1 22 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8993
x-xss-protection: 0
server: cafe
etag: 12355142264901698679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 06:46:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 53C1 3 KB
1 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 17:30:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/ Frame 53C1 18 KB
7 KB 22ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 19:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7647
x-xss-protection: 0
server: cafe
etag: 2161395064574532456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Feb 2023 19:19:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 53C1 157 KB
48 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675254965429469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:09:58 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 53C1 33 KB
14 KB 37ms
31ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 09:19:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 May 2023 09:19:41 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5D8F 2 KB
1 KB 63ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-FCdQAFQJsKGdMNAAjBP2NJvILXlblj98Dt9g&u=%7CINwQN%2FSu0xIBQ6SmYvkTRlbe7tfw3nl9PA%2FIeEZWNIg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsPNAANLDwTLJVhjGAR0EK06wwSIJT9GcnLgLl10xqzmAQe7FoPnhltKiqTSVeU4EYM_Fqt73AxxAu8EUyh1FsTIf7PZttxjmL27-P6AL4wKf4vd3qKDI3RfflEUqQqJFT8qFL1LuKb0znC29OyrvgGASpuU7hzrK80lxBSBAif_mahoeJ_NFMEO8Za12YNZjQxTIt8FIB1x6m1ffKXHhkk6GU2q-V7qkGmgxIBABKGRilQ4tL0MMPuIVeZWZ-MiCB9hlY02OZShMt2TRF2RRkyk9-e95HgwCzEXBGyL2CY0HEoRz3dNakw2zDw8MNUhASuCTYuCvgp6xmVzglDpK2Ip_Np3dKpJy14XXWUxacg7TgdMTQTSTYtSa1x-Fz9BSyMtC92yUM78l7NCJltIJpLzTZcl6kf-qB1kYR8SNYIEpDkY1fdwS5w-d63d326T55u8d7pUXkSX2w_G0loXrH8hZgIDTdwLo1vrL9GTZo_5CaItge32f-IS8gAp66kmx3654NGhk75xvAys-YZUAUHpTmXW0yBxHdU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjTtcdULhY5uBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEzgFP0M1F0KfxMiXyc9tShcFvEqnbxHSbnPS6UW8oCx0myMyUbEwCC-TJJxBkrkBTw1QUvUbgG4uPXLJs4ppEMBYvWQsA7zE4U82-FA7ti9Llka1OMq2GFxznwYNjS2IHicuJxhENgfG-4Rf-eYoFYPZJLjGYTTcb3W6-iwNSbd0wNGEzXW3g_aCFQUTk2_ShqzSRH3FP1t4sesYeN5fWM1zDruGMPcCPUzcCC9ORKB84_0PIswXME6lO_SN7WaeDFcDcqrVQuqWYUUZUKhPTHIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0p_Dyn3yT5-iOmvQ5fp7mEb5u2kQ%26client%3Dca-pub-2065856232380703%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5D8F 2 KB
1 KB 57ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5D8F 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5D8F 293 B
621 B 24ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 5D8F 43 B
348 B 158ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=P4I4lNf-d25BDl79y1zj0KUH4QWVW9P2boKvwClM1Ta0SBCJDcLLR-i68eVyIRSmVQPXax_zVxzgrOMqjzQSQcju_1nqmLg6imYfc9OJUVWaUuZGkcMiSvpBGRVfcADAUQ-lcPZ3eG1XhX5_X-OX78SrmG8Bud_Io5UUkbzwzgDJ6JKT-HtG5eiFffiiPpuvhGW3DIqPlLQgvaX_U4L3bDpGikXEKy-hosW8BfnDX0TEZ8PjC42t4Kpp6BuZQMv_hJIRQjG1mPzwSods-AfPnhdkSRe-S_ijRiZKTfbaebPDeKp9yDE5wSul5fVCTVdCZIv7Go8WVBHldw_yoZohWW9L-KJnH5Qm505-JiFzOs90SQXOk-Rc7b-ir5PfbmBJDfPfLAG7Fzi1dbB__zGWOPL1QTCr9Q5RqX0bsJrTAJNZPv3g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3068080
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9C74 2 KB
1 KB 43ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y-FCdQAFQJwKGdMNAAjBPzYPnhSuiizqhY1lDw&u=%7CINwQN%2FSu0xL5XQU7FHfOzxLM%2F35PzlQATU5kZS1YIRw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_T-8Ox4EMl_-lXXOgG4hcrsNlbgLxpcO5Jm02GPbgUo9dZ6evzmMu2HDo-u-DQQOWHnpXNo5VAsGTwwCGXX4XgPUL9gxOLtNUe90arF3pNDnyRg8nRmVBtpgYbXp22r5_kJ5vXZZX9r8o5pkQR6SKpBbIGrCeLhOspBBya-mBj73b9quDiVND8Gi6v5zNNN-G6zAQ-dEOBVrRoMm78pEBQ3gwByLbU9gIUKVP7AnqdcValLfFotltZQ3CqPtrG83GiTqkudT7mGn26oTTJKC0oFwJB05fx9mDyi3-vE62WZTORNfcKzR1XCpdutsvjNU8RFvf63EbYvASQSlH4Cx8NBR9nu4-NWDeFxamvSEwT6_QdUaoW7RWRDQ2tBePNjbuxrT_Rm1MzpA3uQVlRtjGTAnjWeb96WM4x8AOTCRsnKg936_92cMgxxamFvgwcdma6cpIJ55d-YXEyHXr9Yo_QHyTez-l-bWBEQAajCxWfrS53Hvp6pLnCJLj9KW2SIyZU4JbDHljwS0bkuLNRttZbc2X39_DHWlQXEfsisk8f3_nR2RLa7EG1f0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqMO_dULhY5yBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEzgFP0FTr-M-oetIcclMgrpqqtKsqPZOg-iB1YgImYpY-lU2wpAh9xhxcxdFzj1IWktBDOjeDTMfvyO4HWzO58vLBvmhgMR7A-1vE5-QaxsC8LW8qG46xTCXDDh52I-8_jEiHGcxX8IC-XFSu3onDqv37rGhaTbsVKXC-V72ncnkYZmJe0jP9axmJcpJPy3yhZikV54YME03phQeHvqcGXH4ogmzjkP3YxnzKautM8sU6U3nhJ4ptOZmUTkYInrp_MkORdhbpa3AcMkSuOQpfIoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_10HmSSCW_rgFeRYQDWwhjaCcIvlA%26client%3Dca-pub-2065856232380703%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9C74 2 KB
1 KB 42ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9C74 308 B
636 B 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9C74 293 B
621 B 28ms
27ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9C74 43 B
347 B 144ms
18ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Nr0oTNf-d25BDl79y1zj0KUH4QUU480ZfMSA2yPz_1C12qE-odi50JWQTT3yTsfYKU_sGSfmjiOYFMHAWxzprCNEo_yo7n2fAvU9X0qo_UjzJ7o0Gun9T93w4cQldZKZ98ZDPB3d_8qG-X3wKOcAby4jb07uZqeIRI5JrHSC43Km3AHTh9BiLWJNNBVCXnUHz9TIXLFYptJtBc9QIZSb_epHrSzOjkTUJmXABnEw6YF7XhsIOnCpkQYepB00HRaIhL5D6NS6jgDnc2p_hcpdPS5MzkvEfiQBA7n-7WIa25pFnxlbBK_5a0ffbAuqkvj4y-ELN9RNeoGE4ijYvEnSZoi_c2xy_WK_o8Sx6uwFksBgL59fwBCdbN7VfAf_EV4iUXhMUC4YKiOFuqR8vhQGsJseJaE0f8bsDpmfv8tI2OJMiNpo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:09:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2899953
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 31CC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15bc3ebe2e03a403c147d74f3b05eca48348370a7e02cd61a253adf87e7fffa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 189F 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 08:35:56 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5D8F 12 KB
5 KB 36ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2159988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hErvUSiGDqbtVc49CmaAPIA6PrwmgxXn4fv5Dju2i9aDcpOsITO1hclpkXvs9Ga3EswdEYf8Os31mcDB8%2Fk8XQmtYpEYSQX95EPKuQDpTCMI9ct9Q%2B%2BGYANWulYt86zFjZxqboQxJFERbX%2Be7AkK9Gpp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7955d706cc719a0f-FRA
expires: Sat, 27 Jan 2024 18:09:58 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5D8F 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D8F 0
128 B 57ms
16ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=1l-LfYtB69BY7uGEgR8g7CEbhcdpK2FYa7Bmopfv2mznXyHUtxIwWj19RDOqMHW-glLsXKBKQJpt_eRcGtASwHMbFRd21wEcVBmIOeFocllAe_-7aLPOgCtBje_Ce0reqWUGxiYcPBmkPp8bln9HD3S-MIiuNpdeVx8igCzqzzCEehCbD15l9so2VZmXqJ9tBiopznqyc3xCtoyOK44fygZZ3xZZfa9rw12j4wYD__B6lahgOTSZxFXHUzquzHMkxEcG6Q&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5D8F 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5D8F 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame A053 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 08:35:56 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9C74 12 KB
5 KB 17ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2159988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2yj7snjV%2BfTTE68Db%2FZksHCIWYlzAObM2qfTW%2BLr0a%2BG07YxThdjtFn7IKsUMy3laMiyLNO%2Fw5z5hJGlgTHihuWdzMY206GHbhxSSGLFeerv1GYW%2BmjBW4BxfvmbWAa0VoB9%2BBG4E5iABjMILUkWN6Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7955d706dc7d9a0f-FRA
expires: Sat, 27 Jan 2024 18:09:58 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9C74 12 KB
6 KB 22ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9C74 0
127 B 40ms
17ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=IlZbA4tB69BY7uGECbUKyaN5V24eW0inqPFi9sD8MFw_t2U_B9rC1yDiExVkxrp-9MTIoJ6VZq3yJ4QRaN1Ri6dZbbGOeIFETTemhFuLCCALN7n4YNqh9ruoax799M8J5aHB-2uTxrPZ4y35Ar4RpsEDw_hH0VdlsWDmNux9iWTZvs5BIGZU8cH8H_38piuTcufW6N_5BsyGTrgXch7SQWJ--vOvouBsAjIkLM6aI4Pcf77Ar5se3Kv2a4I&sds=2&rev=84569&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9C74 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9C74 2 KB
1 KB 17ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:58 GMT

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E74 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: www.yallashoots.live
URL: https://www.yallashoots.live/home/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207242
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 08:35:56 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 5D8F 46 KB
46 KB 77ms
47ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:59 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 9C74 46 KB
46 KB 58ms
29ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:59 GMT

GET
DATA 200
OK truncated
/ Frame AFA7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e2f84457fb535b35e747baf53a7892dce8c7a26611c2f3f9e6a566e97635fda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6013 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d033c71446831136de2dd1e5de0161bc9479481591d2f3cbd2fc96a2313bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 66ms
65ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230201&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3447de84359e661ca1edc930ed5c75a1c3b01be84224798368dbe84c68a908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11247
x-xss-protection: 0

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 5D8F 38 KB
38 KB 17ms
16ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:59 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 9C74 38 KB
38 KB 23ms
22ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:09:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 13 KB
13 KB 65ms
20ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=232&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Fb0b250c984464a249a26aee3a1a40377_blanco.png&v=3&w=356&s=ltUS3V8r9ocA1LJsSq8jOtxs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b1ca2cfe031876fed83e942aeec2f2611a68b5f188eb1ef99c4bd786f679499a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30457559
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13365
expires: Thu, 25 Jan 2024 06:35:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 107 KB
108 KB 87ms
42ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2Fadb1b255a8a44e859d22e584c7a782d4_img_square_1.jpg&v=3&w=1200&s=dfmKjUAEI6KYVdA_G-qXdkId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29759246
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Wed, 17 Jan 2024 04:37:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 28 KB
28 KB 102ms
58ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22251728-VzOeX0Gp.jpg&v=3&w=400&s=0AVkFLIu6KXugEIgeYVGoMvL&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

55e89a7904461d992c0361c5f31401b57913042cc5f7139db7d249ae089ad8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=222605
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28844
expires: Thu, 09 Feb 2023 08:00:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 51 KB
51 KB 124ms
80ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1637063020%2F21287327-c8vNy6A9.jpg&v=3&w=400&s=2Z5mlFeb7pmw_RRJDvSNidBy&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0e1bc5e86e5d3fdbc5b0d2b39a755e10d88a1fe89648a4b327a11a6d718d9bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=131142
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51750
expires: Wed, 08 Feb 2023 06:35:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 62 KB
62 KB 80ms
35ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1579699847%2F20022361-cAC7KhDd.jpg&v=3&w=400&s=_Hdif5D2iyY3M61Av5ipwCZB&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

68addd0974f9a1828b0ce931c3681d781683ef385d0bceb2f92fe82f068f0ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=93478
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63278
expires: Tue, 07 Feb 2023 20:07:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6013 0
18 B 72ms
71ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWZKGdULhY5uBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEywFP0M1F0KfxMiXyc9tShcFvEqnbxHSbnPS6UW8oCx0myMyUbEwCC-TJJxBkrkBTw1QUvUbgG4uPXLJs4ppEMBYvWQsA7zE4U82-FA7ti9Llka1OMq2GFxznwYNjS2IHicuJxhENgfG-4Rf-eYoFYPZJLjGYTTcb3W6-iwNSbd0wNGEzXW3g_aCFQUTk2_ShqzSRH3FP1t4sesYeN5fWM1zDruGMPcDNURaQjFwNO6Ck6-AYjqM0Gr1ESylVQSU33f16WApOlr0d-8JHlYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjA2NTg1NjIzMjM4MDcwMxgA&sigh=6JximgzPm1g&uach_m=[UACH]&cid=CAQSGwDUE5ymtUinzTLGUpg2le1dT5Eih52tX82pTBgB&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6013 0
126 B 64ms
21ms Image
text/plain 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMC-MLQB9AOdg2ICAgAAAEoKhegw1y4HEHRC4WOaood0i2hGqztVigASAAAKDkFRVUJBZ1lCQWdFQkFn&wp=Y-FCdQAFQJsKGdMNAAjBP2NJvILXlblj98Dt9g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 189196
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFA7 0
18 B 71ms
70ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQU6SdULhY5yBFY2mZ7-Co5AMyZ7SsVzVnZH3cMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi0yMDY1ODU2MjMyMzgwNzAzyAEJqQIvDOyJugyyPqgDAaoEywFP0FTr-M-oetIcclMgrpqqtKsqPZOg-iB1YgImYpY-lU2wpAh9xhxcxdFzj1IWktBDOjeDTMfvyO4HWzO58vLBvmhgMR7A-1vE5-QaxsC8LW8qG46xTCXDDh52I-8_jEiHGcxX8IC-XFSu3onDqv37rGhaTbsVKXC-V72ncnkYZmJe0jP9axmJcpJPy3yhZikV54YME03phQeHvqcGXH4ogmzjkP2axF1Y7WTQ4XqmR9oxGiyVMI2e-EwmhjjL-n43hKn3R2iZmMC9hoAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjA2NTg1NjIzMjM4MDcwMxgA&sigh=ohjthZnhFhM&uach_m=[UACH]&cid=CAQSGwDUE5ymtUinzTLGUpg2le1dT5Eih52tX82pTBgB&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Feb 2023 18:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame AFA7 0
125 B 192ms
156ms Image
text/plain 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMC-MLQB9AOdg2ICAgAAAEoKhegw1y4HEHRC4WObOwpxq9KtHiGwigASAAAKDkFRVUJBZ1lEQWdFQkFn&wp=Y-FCdQAFQJwKGdMNAAjBPzYPnhSuiizqhY1lDw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 151274
content-length: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 13 KB
13 KB 75ms
54ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b1ca2cfe031876fed83e942aeec2f2611a68b5f188eb1ef99c4bd786f679499a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30457559
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13365
expires: Thu, 25 Jan 2024 06:35:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 107 KB
108 KB 89ms
68ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29759246
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Wed, 17 Jan 2024 04:37:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 24 KB
24 KB 84ms
68ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22240119-G7bbZeSB.jpg&v=3&w=400&s=A2q2g9lZ-jMzlpYdyxDQDd4y&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f76accc5bfe44328a3a0b532ce8cac01d2d854a02bbd07d20b5a4c6f72fd4092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=221339
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24758
expires: Thu, 09 Feb 2023 07:38:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 25 KB
26 KB 91ms
75ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1668546001%2F22229710-2tY2r4XE.jpg&v=3&w=400&s=RCVZX2pVvmF7RXwI2EIMY66N&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

49226c622b0055e869ff54af23c5d3077360cb46e9ee10f3896f6108f229f3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=223095
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25948
expires: Thu, 09 Feb 2023 08:08:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 26 KB
26 KB 95ms
78ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20266421-SFFeKXd4.jpg&v=3&w=400&s=pDUTbeGSX7guL1Uy7IrgBgd0&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=71049
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26196
expires: Tue, 07 Feb 2023 13:54:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1371ms
1369ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 18:10:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 13 KB
13 KB 62ms
62ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b1ca2cfe031876fed83e942aeec2f2611a68b5f188eb1ef99c4bd786f679499a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30457559
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13365
expires: Thu, 25 Jan 2024 06:35:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 13 KB
13 KB 28ms
28ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b1ca2cfe031876fed83e942aeec2f2611a68b5f188eb1ef99c4bd786f679499a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30457559
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 13365
expires: Thu, 25 Jan 2024 06:35:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 28 KB
28 KB 24ms
24ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

55e89a7904461d992c0361c5f31401b57913042cc5f7139db7d249ae089ad8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=222604
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28844
expires: Thu, 09 Feb 2023 08:00:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 24 KB
24 KB 15ms
15ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f76accc5bfe44328a3a0b532ce8cac01d2d854a02bbd07d20b5a4c6f72fd4092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=221339
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24758
expires: Thu, 09 Feb 2023 07:38:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 25 KB
26 KB 20ms
19ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

49226c622b0055e869ff54af23c5d3077360cb46e9ee10f3896f6108f229f3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=223095
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25948
expires: Thu, 09 Feb 2023 08:08:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 26 KB
26 KB 18ms
17ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=71049
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26196
expires: Tue, 07 Feb 2023 13:54:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 107 KB
108 KB 19ms
17ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29759246
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Wed, 17 Jan 2024 04:37:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 62 KB
62 KB 18ms
16ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

68addd0974f9a1828b0ce931c3681d781683ef385d0bceb2f92fe82f068f0ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=93478
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63278
expires: Tue, 07 Feb 2023 20:07:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C74 51 KB
51 KB 20ms
19ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

0e1bc5e86e5d3fdbc5b0d2b39a755e10d88a1fe89648a4b327a11a6d718d9bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:58 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=131142
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 51750
expires: Wed, 08 Feb 2023 06:35:42 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 41CF 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnNoz_iKGo6747zYtL7yruGqWZaWVdE49akxnXskydrAchVzOt6RZflsmjSAm_ZNB3aK9-9eIUTa0XgTrfxg_rhKtJV4Dj5vnQ46dBtjeVfFxkoEfH-jVpcYj74C4dYmsHX7sW9g&sai=AMfl-YTOBOi7govXTwTxIs_4qv5pAhXHeVQJFpVWCcJIJ9SNxC9PdlRhO1pj7k8BtdcUztau3vJKLRjrtM8Q&sig=Cg0ArKJSzMG1xp2GnaW5EAE&cid=CAQSGwDUE5ymseJB44omvEl2QFGCtLRkIpbCFaq1DhgB&id=lidar2&mcvt=1002&p=0,0,280,1100&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=0.37&if=1&vu=1&app=0&itpl=22&adk=3749226152&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675706997327&rpt=952&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 5D8F 107 KB
108 KB 16ms
15ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29759246
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 110076
expires: Wed, 17 Jan 2024 04:37:25 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 54E2 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpB6egX9xahtZY-yYwd7ILiR3etNek8kKKfuVDfhuoFga3-M86pPz98uw_4N4fqZ-pQLrexSY-Ck1G3UTQZ8kW6qBufz0kAcHzrc9kaD8P3S3kgC3EfejJugAU0MN15X6k_SKN9w&sai=AMfl-YTelZGki7R1xYtJAt95bwS34wDI-AtfnplFXL7a1OxT8SY-rBnDobOpjMXFMdhUsQelBtw7TUC7vjZN&sig=Cg0ArKJSzGOtY1lBLPK1EAE&cid=CAQSGwDUE5ym8IR8VkKzxSwVb1kSTpCjYmIAu0scchgB&id=lidar2&mcvt=1000&p=0,0,280,1100&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2655117408&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675706997312&rpt=1486&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 31CC 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDVt5CoA8sMWzCkYOg53-OVyjf2iQ5g3-pdRVi5ETZsNeYLU6M_3FXYHWTUdYfaRjeec2IKhNNkTdb7X0mvpHJjt6H-F09UlAYVUDXlJP1YHzA2oTPZKKLO375hD2Yo6-qY9yYxA&sai=AMfl-YRK9QLckSeoloeAJsc8RIsduOYiSy8HYt4SZ2LZbX8SjsAJbs-bXTNnFrim34-AtCogJzSlANiv4q4R&sig=Cg0ArKJSzOSeKkFEQhbvEAE&cid=CAQSGwDUE5ymtUinzTLGUpg2le1dT5Eih52tX82pTBgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=390,1002,1002,1002,1002&tos=390,612,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675706998158&rpt=626&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1868 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDeUhHHia35_oZn9U5yU3ct7X8s7C3CcGSSOxeWSi1U9vLMEl-KohKJ0-md2sWXQLqZAf3HIoqwARJORr6I1BYnjgqhC0eEAQE6stxCGvG3s3x1NfwhIjqGOCaYtPkPEaj-Nqygw&sai=AMfl-YSucoxYe2tYVMH-ZEl1-rQ8GvT47ZcPpyj2CwQYxbmhdfPw4XR23a1XtbYmT7zw663s-RX9IoHC68os&sig=Cg0ArKJSzOIHH4pMlfJ9EAE&cid=CAQSGwDUE5ymIhP_hdf0YmotEpnEyOztMi7KPbcIbBgB&id=lidar2&mcvt=1004&p=0,0,90,1100&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4177220252&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675706997319&rpt=1493&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:09:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D8F 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 18:10:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 9C74 0
127 B 15ms
15ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 06 Feb 2023 18:09:59 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6013 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvMx8D4ZQ6hxv4RVZlX4DsIDVqE2-j8ny0FfGqdEzojYiDFkJgf4-wWNxmZaI4Hc1GLccjK6jLAO_CcL3eK7Q8rWc&sig=Cg0ArKJSzAw-c7fAndoWEAE&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675706998155&rpt=515&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:10:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFA7 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5BKsOMY1e4q_OZlr6c-7FiUmmwYOlMMn22OVrv6W29shLYHAylFRSqYsOy8hqv76s8AzJ8Sh9-2XgTTDRRDIc2Ho&sig=Cg0ArKJSzPO2OV3m89BfEAE&id=lidar2&mcvt=1002&p=0,0,500,180&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675706998157&rpt=546&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 18:10:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2BDC 13 KB
5 KB 17ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 17:30:57 GMT
expires: Tue, 06 Feb 2024 17:30:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8E3B 783 B
971 B 23ms
23ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8cc1b2afae58a008ba534f84905044fdc554daa854301cadac4aa720de7e98a1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-08XwVH6KwbwdUn3kPnVNWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.yallashoots.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-08XwVH6KwbwdUn3kPnVNWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 18:10:00 GMT
expires: Mon, 06 Feb 2023 18:10:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8E3B 0
0 47ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230201&jk=989882057808755&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BDC 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/enP75FOAOR6Dv0_xbsOpJb6_RhPRjbOZFZcWOHt7fp4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 08:35:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14413
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 08:35:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2BDC 0
10 B 16ms
15ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uGv5Og
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:10:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
49ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230201&jk=989882057808755&bg=!gYKlgsbNAAaq5O5FiuQ7ACkAdvg8WhypfZVCFq2T74zMrWb9nO6y3SRiHmToTGlq5x_ClEyLAGYvcAIAAABTUgAAAAxoAQcKAC1j_ZesE5x0wsJP_GT6yL5d3vhiNAHc6cnc7x-vKHs0ZNVRa7OS0N8cCYPA6nuZArLrrdPKyj8qXVKwi-5RyZT6Xa3Cj4U2G1kQ8W5XEPDQouvlgrg8otueJG_YbgeIINtlPequ9JUKC4WgW8g7sm0Nsk2YsvlyObdxf-Ul84mInR8JkqgM-KFWinGk9toF9Te_uOZketdBwOoj2uewy5ikdSx8XY4bBSbbhlw3OxNMbWFtrs1LGShl11Q_N1pTjXpAWKCtoUvd0Af8qK8wPOsGWlWZlY0enUdo2UI2yVeV4S4gKRZj9WXsl05bDjA0Z8gBq3IEKfTNQCEgxI6JdBZ9U365XH_1BdGrl5srWQWw6nAnW4r7w7QumqyTpvlpA47oIVvvC5s3B1J3y9i-5Y9gjSne6nWVMPbBUbwuf9_zk9P_o21XaNjwS1-mMQ70PifLU22Q5xc00ubN4-CaWxJMh-IGmeAVDeCKWiA3FX185UlgKgqTUHM30bWLq9S1OC9UwGdN7ODAo7Ft5DSKZ1vlrieEHlUzC7ajUKSzaXhpcRuHXiJ6AWMD7lJP-x-tV4vpPL6e4B_hBTxvTK6dUN-S-DqUJVf4mDlm0FQy0dKTdJXHXam97PUF3x_MKNuVj7MnAZj9ZINzDN_oBYvMKWTG1EFKdhZiafr4MP5NPnCthfFVv9DDxahUsMJUKZoQ6DOsijBntFjVWCi0sfD7Vce5Wgu5tpFBWHiRCmR028kg9cNVAyJ0SWdSs_6w3LYpxUlIk_E4WFrabRRKBBVZ3xgybL1YmbWue47y5RsFWl9GYUn1i99dNULgb6CtJj5QlGI86AeMGRHIITqagmNWxaafEGPAgAWmsUwp6VFwYyYXrzaV2vCubXqBh12o0gSDIRlRWDSGYIHS7FU7koaypoNuC7WNw9uU0GOGmUYjHMJoInf2NVxga7gij3RPEDBvrKBu6ovQjRnwU3FXtDRohaPtiMw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.yallashoots.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yallashoots.live/	1970-01-20 19:04:26	Name: _ga Value: GA1.2.2023091984.1675706997
.yallashoots.live/	1970-01-20 09:29:53	Name: _gid Value: GA1.2.1062445197.1675706997
.yallashoots.live/	1970-01-20 09:28:27	Name: _gat Value: 1
.yallashoots.live/	1970-01-20 18:50:02	Name: __gads Value: ID=95f0341c5e244e93-22e876eca2db00e5:T=1675706997:RT=1675706997:S=ALNI_MZTqHisPEjn1FqGNQmKl9dSO8rxmg
.yallashoots.live/	1970-01-20 18:50:02	Name: __gpi Value: UID=00000bb11f1ac025:T=1675706997:RT=1675706997:S=ALNI_MaPIZCMvyZaa8C42192JEED42ShHg
.semasio.net/	1970-01-20 18:14:02	Name: SEUNCY Value: 4A27E458D79B5276
.doubleclick.net/	1970-01-20 18:50:02	Name: IDE Value: AHWqTUkLdI5zDMEmr_SmaXz8NzC712H8AMCXyP7_283tar2HgogRq6OM68VLlqsFFA0
.doubleclick.net/	1970-01-20 09:28:30	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.yallashoots.live/home/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230201/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdn.foxpush.net
cdnjs.cloudflare.com
csm.eu.criteo.net
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
json.foxpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
uip.semasio.net
www.foxpush.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.yallashoots.live
178.250.2.148
2606:4700:20::681a:45d
2606:4700:20::681a:55d
2606:4700:20::ac43:48f4
2606:4700:3034::ac43:b8f9
2606:4700:3036::6815:5c11
2606:4700::6811:190e
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400d:808::200a
2a00:1450:400d:808::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::200e
2a02:2638:1::17
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638:1::8
77.243.60.138
0729d2a1b220efef3752aff646c92051b2c141a176204006047c9400118e4c25
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
08f2d31a40425077915dff1cbdffe77c69cac7a3645ad859da9e8b881cf5bd1c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0e1bc5e86e5d3fdbc5b0d2b39a755e10d88a1fe89648a4b327a11a6d718d9bdc
141075c29836431a9e319dec9f54db57aaa3ecb6e3df714bf8f525749653a17f
15bc3ebe2e03a403c147d74f3b05eca48348370a7e02cd61a253adf87e7fffa2
1683af271ada9748c2664596e50e565bfa3f72dac60cdf1a0a083e8a684f88b3
17422c5ac5387f3589d540b8cc2ce798d649d4c451ae77833498d9a752d9a5fa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1f88e7d8dd4e591753d25373558607b591fa8f1da3ad4a15a7cb0988f6249937
22fbbe9eb30c318e496c02229662da3a2d050356be82db0b6b518835152ba2dd
26f019a79b9a0291a04fbcd0b926e4660380cdc9fc47838f565a40971112bc0b
28c2fea583668d5a5a3b7f6631cfb7db22ec31b2ac6de5c7fb67c1e15305a773
2907602c2763bbb8f5b2bdcf6265ac10844606a2f2704c396afb8bb5cc33ac42
291dd8d074134af2ebb249247aed29765ceb1067c6f1a90d02684ac60db5f14e
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39ff157b3453e030a1281012441cae61b4c53cecebd740e475ef9f2e597adc62
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
49226c622b0055e869ff54af23c5d3077360cb46e9ee10f3896f6108f229f3bd
4967497bf203ce180a348826931b796a26b57b94b0f67567bbc210b4fb07063e
49a9f0383dab15c31b4bec64d461096746d9e435dec972ccac97e3b6822013b9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e89a7904461d992c0361c5f31401b57913042cc5f7139db7d249ae089ad8c8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e2f84457fb535b35e747baf53a7892dce8c7a26611c2f3f9e6a566e97635fda
5fbfde5dea08b3f8444e8cf41979f899f2497fb76c9061698a3daf719d57a6e8
6088cd865c8a13c0b7a448bc6d10f35b8a069abaeda72a16c5966df0ced2d659
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
675575eb734b5114526cdc1cc9116bea0e2189e9351700944375af81e226f62d
68addd0974f9a1828b0ce931c3681d781683ef385d0bceb2f92fe82f068f0ced
68ade2a623409a12d9b2eb3117d90c9813b6f0eabc63d4b23fd5ad5dd9b76c39
6a139d63dde5c652d8cea9f21d504cbdf3ca942bffb54681582d4a671dc76a55
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
757742d81ac20d61d8c340927cc6ff23ac98d3b3207876aebcbe27bee8ad6b9d
77a2cfbd4fabe90158d2d593ff51dcc11fa4648c88ac7995d7a92167a1e002a9
7a73fbe45380391e83bf4ff16ec3a925bebf4613d18db399159716387b7b7e9e
7a7b4dba6509e352c492a5f2f4055420280bbfab752ae45864c82ce9d8c6c32b
7b2d18422accb6d7a46924653152b16cc21d372b0985e4221131566fad9bc209
84d033c71446831136de2dd1e5de0161bc9479481591d2f3cbd2fc96a2313bf5
8521252fc3f4448a051e19592c2d6547d52bfce0e7f71bbec072b2b034c9762c
8a2830bdb37d519f86563ffe63daee20904ac82d3542f9f6eeb821613de68572
8cc1b2afae58a008ba534f84905044fdc554daa854301cadac4aa720de7e98a1
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8e7a602e420b13bf0ec8bc909755748532f62765968b211fc33c1b15f5b12a8e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92bdbb30e7b2101729611ed48679aeb38281c61e7914d5b5d2076313c76c566e
9874045db9867c98b24785dbc2eeeb0905d4a1581a846fbea2075701218b9579
98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a33b94fbbd8a352b2c828c68434a4913d483f5d46c4708f92c8e42353f612115
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ad2d84aef45fdd228c374c5fdf0ffbdd9267fcac12c27896c237a9460b05d794
aea725121ed9cbaa2978e5eb02d104dc461ea0af39ed3b67e196d19aa6cc1fe6
aeb8fb895f03c433a3b60f8710b634d46512a88560f23fa46810f4276b8ebd17
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1ca2cfe031876fed83e942aeec2f2611a68b5f188eb1ef99c4bd786f679499a
b8c1ffafa4cfd35df4f7a3b7c640a87515cc88202d806f824b85d2d0e7e73e02
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c08288c02179dd3339e2f05a4cad135d9fbe9d05d9ec73d7fc5abbdf5bcd6b27
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c76a2350fdd3e78da04d7f64760050546d2dcd1b9badd7fb097bbf1d08c337fe
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
caa3291280c6817ef3716377f85cead6dac8b80db67a70d2a8069f996889d128
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cf35de10aa844df804632324ff8b198d2915b0f89acc223a84ff12770d72ac43
d02d1d3854b0a453e7bcf6e55172b1bbe2943b202f18918b460c76c2b777facf
d64d7427374b22f80ff8dda7353a1ba3598e6076d5ae70114d0be0a34b977508
dd3f79224fc798b7982453693bfacfca820dd956ccd2b323e849684f577feb46
dd7710dad4ccd2e33543576da3d279f3aaf0d3010384791d6b691a34cece42bf
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
dfd98b47d6465bb1423742dc70d3a23ea3994f999cefd6809449df1f7440df43
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e748d47e0930e87a515df7e2a11e9d797dd670598254900fdbd654593f001a9a
e831551f91e8522867f5574a3202d5f5a04a9cc2ec435a510f23aa974a8e925b
eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18
eee5e26206caa6d728cbf23a6c5146bc0966daa3df8b440116479b3cb325403e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efda7eb50949d6879d9ceb1c5588d3e6e203b58d81d86db3f99141e02af0595a
f09e90db9705ba29dc70fe7d3fa364ea7afff6c3dc7fe594bd04a4385dfd8cc2
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f76accc5bfe44328a3a0b532ce8cac01d2d854a02bbd07d20b5a4c6f72fd4092
f9635364ea8b3a26d92df2fa7e6e052443fe7164f2e6e5307c06e55675cee1ee
fa3447de84359e661ca1edc930ed5c75a1c3b01be84224798368dbe84c68a908

www.yallashoots.live Open in urlscan Pro 2606:4700:3036::6815:5c11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

99 %HTTPS

93 %IPv6

16 Domains

27 Subdomains

28 IPs

5 Countries

3073 kBTransfer

5799 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.yallashoots.live Open in urlscan Pro
2606:4700:3036::6815:5c11 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

99 %
HTTPS

93 %
IPv6

16
Domains

27
Subdomains

28
IPs

5
Countries

3073 kB
Transfer

5799 kB
Size

8
Cookies

189 HTTP transactions
20 data transactions