urlscan.io logo urlscan.io
SecurityTrails logo

ar.theshookers.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ar.anonymate.live/a/sync-quiz/1iRn
Effective URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Submission: On April 15 via manual from DZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 4 countries across 23 domains to perform 203 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ar.theshookers.com.
TLS certificate: Issued by E1 on March 24th 2022. Valid for: 3 months.
This is the only time ar.theshookers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
20 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2600:9000:224... 16509 (AMAZON-02)
9 142.250.186.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 213.19.147.43 3356 (LEVEL3)
1 34.107.148.139 15169 (GOOGLE)
1 216.52.2.39 29791 (VOXEL-DOT...)
4 34.98.64.218 15169 (GOOGLE)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 147.75.38.124 54825 (PACKET)
3 7 185.33.221.52 29990 (ASN-APPNEX)
1 151.139.128.11 20446 (STACKPATH...)
1 3.131.80.50 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
11 14 172.217.23.98 15169 (GOOGLE)
9 15 23.35.236.247 16625 (AKAMAI-AS)
8 142.250.185.130 15169 (GOOGLE)
4 82.113.101.132 ()
2 104.111.242.245 ()
3 142.250.185.226 ()
203 31
1    2606:4700:3031::6815:2cec (United States)

ASN13335 (CLOUDFLARENET, US)
ar.anonymate.live
20    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
ar.theshookers.com
img.theshookers.com
1    2606:4700:3108::ac42:28a3 (United States)

ASN13335 (CLOUDFLARENET, US)
datacygnal.io
1    2600:9000:224a:7800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
9    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
www.googletagservices.com
3    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    213.19.147.43 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
targeting.unrulymedia.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
bcm-d.openx.net
u.openx.net
us-u.openx.net
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
serve.datacygnal.io
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
p2e9r4n9.stackpathcdn.com
1    3.131.80.50 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-80-50.us-east-2.compute.amazonaws.com
pfx.api.botman.ninja
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
37    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
61566f2135966656f464611df878c605.safeframe.googlesyndication.com
3    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
23    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
32    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
14    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
15    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
8    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
4    82.113.101.132 (None, )

ASN- ()
portal.o2online.de
2    104.111.242.245 (None, )

ASN- ()
sync.teads.tv
3    142.250.185.226 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
67 googlesyndication.com
61566f2135966656f464611df878c605.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
ade.googlesyndication.com
380 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
326 KB
32 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
1 MB
20 theshookers.com
ar.theshookers.com
img.theshookers.com
328 KB
15 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
13 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
2 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
12 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
56 KB
4 o2online.de
portal.o2online.de
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
145 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
www.google.de — Cisco Umbrella Rank: 5383
1 KB
4 openx.net
bcm-d.openx.net — Cisco Umbrella Rank: 72279
u.openx.net — Cisco Umbrella Rank: 709
us-u.openx.net
694 B
4 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 856
348 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
117 KB
2 teads.tv
sync.teads.tv
344 B
2 datacygnal.io
datacygnal.io — Cisco Umbrella Rank: 104029
serve.datacygnal.io — Cisco Umbrella Rank: 112358
73 KB
1 botman.ninja
pfx.api.botman.ninja — Cisco Umbrella Rank: 184227
279 B
1 stackpathcdn.com
p2e9r4n9.stackpathcdn.com — Cisco Umbrella Rank: 104520
6 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1173
349 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
749 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1206
286 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 565
5 KB
1 anonymate.live
ar.anonymate.live
616 B
203 23
Domain Requested by
36 pagead2.googlesyndication.com 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
ar.theshookers.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
32 s0.2mdn.net ar.theshookers.com
s0.2mdn.net
23 tpc.googlesyndication.com 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
ar.theshookers.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
18 ar.theshookers.com ar.theshookers.com
15 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
14 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
8 googleads4.g.doubleclick.net ar.theshookers.com
8 www.google.com 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
ar.theshookers.com
tpc.googlesyndication.com
8 googleads.g.doubleclick.net 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
ar.theshookers.com
7 ib.adnxs.com 3 redirects datacygnal.io
googleads.g.doubleclick.net
5 61566f2135966656f464611df878c605.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 securepubads.g.doubleclick.net ar.theshookers.com
securepubads.g.doubleclick.net
4 portal.o2online.de s0.2mdn.net
4 www.googletagservices.com 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
ar.theshookers.com
4 targeting.unrulymedia.com datacygnal.io
3 ade.googlesyndication.com
3 www.google.de ar.theshookers.com
3 stats.g.doubleclick.net www.google-analytics.com
3 www.googletagmanager.com ar.theshookers.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 img.theshookers.com ar.theshookers.com
1 u.openx.net ar.theshookers.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 pfx.api.botman.ninja p2e9r4n9.stackpathcdn.com
1 p2e9r4n9.stackpathcdn.com ar.theshookers.com
1 prebid.a-mo.net datacygnal.io
1 serve.datacygnal.io datacygnal.io
1 bcm-d.openx.net datacygnal.io
1 ap.lijit.com datacygnal.io
1 prebid.media.net datacygnal.io
1 static.adsafeprotected.com ar.theshookers.com
1 datacygnal.io ar.theshookers.com
1 ar.anonymate.live 1 redirects
203 36

This site contains links to these domains. Also see Links.

Domain
ara.lovemeter.me
www.facebook.com
www.instagram.com
twitter.com
Subject Issuer Validity Valid
*.theshookers.com
E1		 2022-03-24 -
2022-06-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.datacygnal.io
AlphaSSL CA - SHA256 - G2		 2021-11-26 -
2022-12-28		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-31 -
2022-05-31		 a year crt.sh
pfx.api.botman.ninja
Amazon		 2021-11-12 -
2022-12-11		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-11 -
2023-03-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh

This page contains 25 frames:

Primary Page: https://ar.theshookers.com/a/sync-quiz/1iRn
Frame ID: 0B252DB3ACE56191255FAC88411E43B8
Requests: 60 HTTP requests in this frame

Frame: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D49AC9949599C2578CD06B6583D9866B
Requests: 1 HTTP requests in this frame

Frame: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DB9AAE535FFB5C815C979E05608A95FD
Requests: 1 HTTP requests in this frame

Frame: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CDD9383F71DF01926D72454D7BE18C71
Requests: 16 HTTP requests in this frame

Frame: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E87C713C719968901EA3A661865167EE
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXDGS627ukWe-Sr2rIc4fHta3PH_9dR6gWDWmQO4C-091EcsnvwStTw5syoUKTHnlrmYy6a4UqoGlxjqU8mCcAqgX25UsjIfc6H7_QcBaQLzsAGhH_thP6bb2NUmfEvXJB5_DVXekkJq1osMVx-qh_CGAK0Q6gZiyDpq_m7udqdx-3YLkY
Frame ID: 77FB1CD7520AF358D726C0F946177F4A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWwZnIATAB&v=APEucNVsRDNXS3Yx7oesxOAt4uTJBQ5Ab_is3e7xLyz0NnEfrCO019IaAHaU-hT_LrIujmHzB0Rm4jbPjIa4Ps3QxzOsCO0R6yEHkj9XJgRbmAxT6Rw3j21ssz__XLJQCWQbpvu9cJwL_SZ8kTiPJMaMcc94ciOkPW0p9Z0HL94bjiNrp2qksYs
Frame ID: 732A64B1562EE4E2CCCDE70665FFC2F7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B__6EVbH_o1G-M20vs6sy9miDpKK4vdnVf53_usMDNrkDHpdkvdPhQI18S81t8dk6iRdK1mqKdB0H_Xg6kul1Z-Ew4dP7E_JLMOZNwzONl55r4crvazVghLc8hhcx4SW64pRYD6QDamKTmdY3Ko8dEpqmhXA&dbm_d=AKAmf-Aa-W5Ubq8HxTvm6vzUDQXzqTCslwknJYB6F4e0HE6soU9myBYOMTpRANWDipfd0FJtrF-UGCyqmkJwsh2_erdKPuYtw9vcLAC_q5mzbv4JG4dQ-knqpWUDBwP6Yit8tEZnJKz-NvujbAEJWPsYl7QBhHKsZHFs-q_cOI5zGZmS4z4Yxws6-a0EAf9Tshis9-0xqy-nt9x2wWLhgtndoiDVFMhsQgcw5TteLOBASLCwySz85I7-3Wtwiz06M2oZ-lcpzakQs-WxagJFrwTWuWgiSZT4bygQvziFwQkNnlZy8YkYf2Pc1UmClr0_jL6EQT2welcLNMdzUjnKeMMOS7nU2dqUnOsRgDCKI1YQt0I4srA6rCZff7yE8IWXRB2HegHu8bVdlQDIWxg3XYZ8XyNxSlWBy8IezzcHUapb3yXd9f0vOWi50iun_Uu_8qsqxv5lnLJVuUAlphs9jHaCLnAtlgKmZsWXnaLDMUbm5JwtG-YzSQWGBNw3PJTfcTI5XN4iQxPGE6-jLYmMIgjgPWhSAveFMU99ICsvBvqIZcZxD1SNlqGLWSynsHjhRkCIQ-lEy2kMNIgd86wNu7M8_yxOoF1aztqGaB4dQstg8SEt3T3eRnnnyLYA_sAeOkGsGniSJVpHQ8Ts4hmLgNMN1_0y-9hO6ffSj9z8VT9rHd-L_yoH1usMSpLacmhW4D8OKIzq3IV-W_Q30JinDVE9rT4BeUyVselrqGQLSi7lp_7tL5ZRWhwa6TcSO3NYsEMmUF7Kv0rNIENRd36-fowqIMA6e2VXP7bhLXq7zu-OxSufKjV4TS3os-eU6crEP8yQMH8uqxN6X1vcxylw9IwNEyuzV4d21FAoh5V93agdsiSjnJSnCoJCTfRBM5DxuwDnXxlg_O3laIOAzi-iFogGTPkIn4dDc49HnUoDQeeA9GbxdFkFwVWoOfnEZ-VjfjU9qNwg6-whVjyXWhyS1l0nlfjyerhjxA5LtTdx9LCao7olC1J8TMc1dL564wonCyICC-7D_OPvwOVc7Guh2vhh6o4AM2ZULvZIBWmjWWy5bTuduiQU5P3QXjRmi21pINgC3DNwXKMbzMBODWrsVPLbiklSu0G1k6bRuA5G-oSLnJMClBbmO20oDIsMb4QUUdl1GbqJOO6eQ6LQi989d5J9dO1Lhm7uR4fmEj6w-mKLiOPktDEUUMfoyvCGr6DNTrLUYD-v6WhJOOAuKrvOd4Dy28Ye5Vsua4ffte7D_jNyOQTenfHt4WYED-d7zGs1gdrk0VAZ-3SuxhmiYbyvWuQhtBvQD7_hIwW89X8V4J5PeSwZlF9Mmz4GUU5A7a8AdYkKvMZ09BzOmq8NSNj2F1jSs3i5EqupX9cEhF_wkfBzs-b7tnw9Jg4MUzzuysl-tr4PsnayjfN5uhXcRIdeOy0slza4zp-jKD7fGgeJuhX7IZpHPWJaaSdvuhXjjHYq2hD0Wpn_JPrnK2ZeGliEoMkR0hb5blY6Z55eBRccq78swnTWQ54SvoTZNhPXd0Nckeql87y3trvJzP3n0gCvxMO7OXa0m5CUwtHX3a_jjhpY_pt3VY73eGr1BrVDo1AsQJuLat7Yi10tyFDWEAKzg0cIQ8b6DK7SD_OVYejo5YHgtrBlJwlELgYwRheG-6AIcnsiXM_-eQsBaJnBlwjyAf3Sr4acbssv70_CjNGjLiXN8pJCjwpt_P-jkdr9nNILzhCXpydVYxyStFXtXAcwHy688Bgw_eaY4gHi4WPdy8ioh5USADa_HoGemGNwHEq8tbRcMVchigz4GFgREBqGFF42RJQe3bGNOtpPFK5_VwCBKPUDz5qh7OoeMXjHxim8xbNJSAO-b5-1Vi4w8W0YVCdXj3yMJfFzkvefHJIylGhvTdL2fHQ3XP_-A3wmPUZzKIFFRUjJ14O42n-GfJgAb6z0ftlgKxU_1909S8iXXsYQLDktEtc3c1QUO8JEmJJMuxXc_T5mthaGV6QDi8dqOSyV3W4CKuFkCUqIu7f8XVVVkFVciudBcnueBglkdR3SfT4B1y0RF_EuPMMjpPzzDwlWZff-o7ORh37nC4-SKLp0qEjkYS0a76nya2Iinf_YZsXKNcbmUvuOoOnDRbX7iHdBeX_jJX1d_KX4liQbHM0P7oORUDQfEnQ0nfN0d-UDqBHze6iYW4w6meP_f_Pmm5RYbKY9MTPYiz9fpMXT2tefQ1oX0K2JUoQnPLkJsSc1cTmFekQEr4jk0dzAHSMd9uoejhCVHDVdKPEYppwAu1PrepUN_nu3uqyZUEZohxUsej1XkguH4KQ_KdiFmvY_sEtCx3HMcrPZIm_lSJFu1ukjeP9y2Mxjvz_ArOIqbSFrqfkBV0oycxrGOfSJJRFgC05kDF5GM7zPjlrHKPSsLlNa8y1wdS8KuXcUa9i3kX09jIyQXiO6rWLgsc2tGDd1yUFhC1l_s3p6UXJr56YNYEG6SiUfugZe7DNQwKcWo273EebzkGWWrBzAdH8rMqI3xQA26jPzFutqZ5N_8Y3nXjJ9TtDRaAegT7sWjVMpOGleNYx2cLsZiSwbAREEZAnlth7nJiK8SDYrLSCaVeZtLCX9YdBfQ8USTs3zTrag4u5JShMZrG6UVsXycHiuINkqULGaBk2ax-XYvyG5luyGlp7LoyEVmevLVu3McFHgg4MszK6HJX4CBfL7k6ff5HBS9hlfzSjaJrbkC0HqRXMgAfr9gZ8uDfYD1ZUNuQPcNpx5c42m1HxISLGLaZolKqBRh85pztPCA0kN60uLoqE9ctZe6XO6eI6MLPO-7k_UXOJ96HKVjbA7p_0Y0PtU-LQxKqZsAeQr3QIHOzf9x8wELWl4Yr3ZSwhLaCar7FxmV-Bj8i88NxWUj5d6XFHMP1mVKSqRvaIYjnZz0wYn61Fj8StkcawDTezMG_J4JjpTGXNvrGs-RHIFTeu8GOtPv-KCL1pE4EtdP_h775k1DR-6UlSDhb8721ahwKjRv6pTSVZGk_CMXGji61zo7UIUFUQ4BwKiM82i8TTkT8eKMFLIWluwtZD0dI0cOyRCMG7XprVEv3VVZoGb9cbxHdQUSctwjlLfgiEXTpX0I22qQb3uWqkYd4_dMWxP429-3R1z3P_tImfnypvza2zNZyRnBYTDta1zF40TIt94hkphpKNYg-CYT1lcd7iccyenHOR_SVkqQ3jBKfsfP4IQ76LYHco19m7uTC3REW8ZfqzexxuM223lBhnWU1QAbDSrO9DKc3SNcoNIyUdr2DfThszuFFThqJyHzqR9ftmOu5bChTcouIUWPpQ_KeAMcJyJW5OXExJEQNHEz7tpVvmhGE-MPB8ChJ4OKfS-z5ohItMAcx76Yaj6rRf8Zer__tanrYTLZXBkHG1bl5kW5qBwnkhz8xGfPGKxpc6tiZa8Gk7TQxxwbA43in4v0CqMTcWanregnjMorvL3IYYujKm0s3xPMGDWrP_d_SHI9bVzlH9ZWr32CjYr2PkjeSJluRU8LXLFxpo1bn10LKKJx3KCMO4LssPZ1McMKJPqM1z9Lpvsvu28Fs-xkJNe3Lj2ZucvdcSkvutW8yFWP2-Ks6gqJboyG5VoTg9rYBIwbbu8-A&cid=CAASKORoV8rsgJAyOxmyAAoMlcU4PcmepiPhGz0nm7RmuC3Jmym1Bc2qirU&rfl=2%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Frame ID: D5CBE25879D1CD13B79915ADEDC0FF7C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNXGqr2RX93FOQAdvNVanH1E5P0tVAS81LYwPV5xE155nCKYRik627wtdU80HU0uCK4ZVKEGyL2ygmJrt_OhXG_X7XnsaDe-EoWFiSH1nlihvOiHdh-36P5TN_nwIBIA-GH9eCyB4pqsnx_WFsEsFQIRD8Z_2qFG0GeCZbNhDLJB453HB3Y
Frame ID: 868F7201F8E9B3C7CEFAD9C1048ADFD2
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Frame ID: 20E2D79C98610A3B61A7CEB773100B7A
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Frame ID: 5DFC54A18E266E8D85E43EFC065F1033
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
Frame ID: BAF9FAA311AFB05D476BFFF7E4976876
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2A05920A7D50BF2E05CCEED0F0B44B26
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F6B799A6A2B62C3774DE0A256C02557
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6EC21574EF2A2BDF6EC7A230B90E8196
Requests: 3 HTTP requests in this frame

Frame: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 82E1A479104C51DE32175C52A077B55E
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: 35926816B489578F71414B5B3A365567
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: 0D11323797AD56354DE9D5DE842B9A7D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: 24CA979604E2C1C9058674FA3A9D352E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNVdT52AN0EvI-L8XKf4f3647GHNubVzKttUfxeKQ5xzHZiF81eCFhDxkt5EZj4UlnXLAf1vClNlphcqrb_WXK5QCaGJHTOCRRNtYFgRnugK36FXipk9JMnGTde-oRkvOU4WrPjcvGztPq03gAX23yiM7ZV-qBicDaZKbEkRh1A9Ry3Qncs
Frame ID: 85A315EAC4D67841BD081D8860807666
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 28F3022D47ECB8E3B36B31D81F4F1E70
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89B5A6FB3BC88C7EDF9617AF80BDABF7
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Frame ID: D25287300BCE1FCB14C25395B3EF79A7
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1E55029BEA7719DCFC8B451F24C6DE0E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: BE88F743F1D3D6D048CD901A75560444
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

اعتراف بدون اسم 2020! ما هو رأي أصدقائك فيك؟

Page URL History Show full URLs

  1. https://ar.anonymate.live/a/sync-quiz/1iRn HTTP 302
    https://ar.theshookers.com/a/sync-quiz/1iRn Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

203
Requests

93 %
HTTPS

48 %
IPv6

23
Domains

36
Subdomains

31
IPs

4
Countries

2558 kB
Transfer

5969 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ar.anonymate.live/a/sync-quiz/1iRn HTTP 302
    https://ar.theshookers.com/a/sync-quiz/1iRn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Request Chain 92
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlmahjCqXYJON4RtVF3vHQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
Request Chain 94
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Request Chain 96
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlmahjCqXYJON4RtVF3vHQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
Request Chain 98
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Request Chain 100
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlmahjCqXYJON4RtVF3vHQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
Request Chain 102
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj56cg69vxCzVydg2yEJxs&google_cver=1
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEoiG5EQwzQ6le1RVq-3HyQ&google_cver=1

203 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1iRn
ar.theshookers.com/a/sync-quiz/
Redirect Chain
  • https://ar.anonymate.live/a/sync-quiz/1iRn
  • https://ar.theshookers.com/a/sync-quiz/1iRn
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd1612b067283062c0ffbd8624239631e99d829b0d996984acafbb7ee64cde7
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fc5fd4599ab59f5-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 15 Apr 2022 16:17:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzKNBafGzSPxcgGY1YnLZd4wJ2tVhxl1aRQfjjQGq48YDpI54FQyrD2zwiL7fhkKZOT2QTvxI659H6LDnxhOLBvtBnxR2KhoSuea4SqzwF7je4Ce1UMp3FLw%2FUq3Co88k1IImwxkPzeiyzXuf%2BM0JBc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-host
as-hi-99-web
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6fc5fd449a6d59e9-MXP
date
Fri, 15 Apr 2022 16:17:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://ar.theshookers.com/a/sync-quiz/1iRn
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R17Hn8xPJoZgiD7GE%2B2f7%2FUAagl5rbYGrVHr%2FBfwQ87DPpVI9Z8awUzGuDT6DJr9eQmBSuGA%2FvsnJzeVphvckIJjFCXqPaCzr28Z1EEWG8xG89XDYILH%2FYU22SyORmU%2B2BUqcT3Uyz0bCDK500s38g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
font-awesome.css
ar.theshookers.com/public/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/css/font-awesome.css?v=20220218
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4086f6b01ea01e73f42b352500e1ee3fc4a3dba5a50ecd41485f70d661dc30
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-60-web
date
Fri, 15 Apr 2022 16:17:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6016
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Nov 2019 07:46:49 GMT
server
cloudflare
etag
W/"706b6-91f5-5973591384c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awNayurOQKCCyBPZTiIl8pZGIblFI4esJ480%2F%2B%2B29cdvdHRbg%2FmwHGzWKrVsCdJGf62kwiN04WhZl2g5%2F3JFIVyRF7f33ZhE11kNJUItGFmigRAQJYnwBb2DT6ZMyXQY1of0WfKzEY5IY3amYLgY7N0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6fc5fd4a0f3359f5-MXP
bootstrap.css
ar.theshookers.com/public/css/ 		146 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/css/bootstrap.css?v=20220218
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37ddc4e7e30ec2675c6d2e628b57efee02b9f3ed430e7172946bf04c1744648
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-67-web
date
Fri, 15 Apr 2022 16:17:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6016
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 01 Oct 2021 09:01:32 GMT
server
cloudflare
etag
W/"70165-24960-5cd46cf3f7300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F7VdlZXW3tcImnwDEj4SzHSxDM2GZP1L4HKv8qOlDkk676X8CF4cBLwFnW%2BmLv%2FxFIakGVoYgNOP8ExBKfjDXosM%2Fs38%2FdeM6l87GWgbz%2FkSBcBh3a7rr2eCpw7JETTjwhc1PnDXwIoWgF5W0jJ%2FjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6fc5fd4a0f3859f5-MXP
style.css
ar.theshookers.com/public/css/confession/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/css/confession/style.css?v=20220218
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbfdfca3639dd0402643df456e9d250e1adf9329ffc2ab758ca4bed8a0443968
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-87-web
date
Fri, 15 Apr 2022 16:17:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2143
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Feb 2022 07:53:52 GMT
server
cloudflare
etag
W/"c8021-b809-5d7186f6aa400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXddvZ68k8W81qfn2HK0%2Fo9OGzPa5DjQ%2FNbtku5xxaZjYwymYgM4RgLPaWgxTJzhUVXz2HyjgQojuoX0XidkSxBq2lq00ucSCN%2Fzdo6toZMAoTrLM3hskMmf1o1HjAU32RVuySxoLhCh9dYQM4fbSHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6fc5fd4a0f3c59f5-MXP
ots-126-4502420995.js
datacygnal.io/ 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://datacygnal.io/ots-126-4502420995.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f70eaf9f33a4364baffa02d2ad27578af3e1a2f2cd4fd116b63757285d5a71e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Feb 2022 15:43:30 GMT
server
cloudflare
etag
W/"3cc93-5d70ae11d6c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzwZBhxEhCZgE2BDQ2d4XctYhzlJZzynit3DS%2BOOMFK4tqG%2F5ZJDUoPC3L1E5IoZg0zoUJyk6Tc5Chu5Rlh7nhovaXmxDBd9A8SQAmo5FMGgcVyZjMzxUpxvhIBboFdmhjIv9bRU1dL6Abw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc5fd4aab682355-ZRH
cf-polished
origSize=248979
cf-bgj
minify
iasADX.js
static.adsafeprotected.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/iasADX.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
S08nbEMSQBiWsSqdAKl6yaGPRyD0riRA
content-encoding
gzip
etag
W/"c700d1e14608af0f21adaf6e08ac2cf5"
age
247997
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 14 Feb 2022 12:59:56 GMT
server
AmazonS3
date
Tue, 12 Apr 2022 19:23:50 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
OQtOIL5HdgrQLNt8QN7S9-1t9wn-zg8MdWvz-uoGljMWPSUMb4_L3g==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
bcd6300c816590aa413b930bf7bc29d9bdaaef5cee0aef283d1c84c63c1e2eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28583
x-xss-protection
0
server
sffe
etag
"1187 / 433 of 1000 / last-modified: 1650021009"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Apr 2022 16:17:06 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-147732382-10
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
16df49c5495b8e9a2b055b207d724987f21bd27e9173564acf4d9f485e46d1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38602
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 16:17:06 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126527512-6
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c96e07ca6a36b5102310af11c2adfb0de6f4e199e11213d7f586b2e914bfe590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38610
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 16:17:06 GMT
logo.png
img.theshookers.com/public/site_content/quiz/ck_editor/images/meta/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/ck_editor/images/meta/logo.png
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdfe8eae92f925959252d4b650e8737eadfcf26a90fc4c578f11c53f5181ca60
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Fri, 15 Apr 2022 16:17:06 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3780
last-modified
Wed, 03 Jun 2020 14:57:43 GMT
server
cloudflare
etag
"d143c-ec4-5a72f400627c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzZKAZbNd%2B3kOpCrJp5JTXmzEHKMBBTKvcdr70gX9v0ttirpTlrbc5uAsT8A2jiMORlE18%2BKp%2FgylQjcMjoZVxD8BY%2BpBVLxoA0LqgunvZ%2BzziTjisDHzyMDPZH3%2Bycelz9U5NFfk%2F6zOi9yzCvDbrkO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fc5fd4fcf5259f5-MXP
language-globe.png
ar.theshookers.com/public/images/confession/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar.theshookers.com/public/images/confession/language-globe.png
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8a0f1d826f536af33591e1d7d655ec195591028125daa787ccfcc93e11d57f
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-41-web
date
Fri, 15 Apr 2022 16:17:06 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20446
last-modified
Tue, 18 Jan 2022 11:01:53 GMT
server
cloudflare
etag
"c800c-4fde-5d5d9325b0a40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EPutwPbujfyfdTs67EOZfToIusiFEdVMTbBaCFoQU2dxS%2F3%2BIvFkggN8xoD2ZM2qW8FXUM5i%2BBN2Z3FyPjelxBGv8p0tfVBVtzh3HHMdkVjL%2F7Y1Y5GPzhPWxMDZb7LVDMCm9jYgqHCxCpDI29IimU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fc5fd4f2c580f4e-MXP
CCT_arabic_ad.jpg
img.theshookers.com/public/site_content/quiz/ck_editor/images/Ads/New_Ads/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/ck_editor/images/Ads/New_Ads/CCT_arabic_ad.jpg
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fea4dffeb075ca522c307ffc38fc323fc7da7e926208852910fb2ebd6442daa
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Fri, 15 Apr 2022 16:17:06 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87458
last-modified
Mon, 28 Sep 2020 12:57:46 GMT
server
cloudflare
etag
"23809b-155a2-5b05f367b8680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QRBGl0gcocv5P%2BED8H41mvBZEpTxKYBxyohPmV2D%2BKwvUuxke%2FZ7OHvOoS%2B1O20d4tx2H9AphEO1Nt83%2Fp8C0H70W1J5BCtDonXUupwimkQiuOVLRCSJHtpEsM2aFusrlejLMq%2BRze7ZJXz7V9Pzr02"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fc5fd4fcf4c59f5-MXP
footer_fb.png
ar.theshookers.com/public/images/confession/ 		579 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar.theshookers.com/public/images/confession/footer_fb.png
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4de99bbdb87497f7e51a1338ac18c70763edee3cdd588563a88c516a385165
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-111-web
date
Fri, 15 Apr 2022 16:17:06 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
579
last-modified
Tue, 18 Jan 2022 11:01:53 GMT
server
cloudflare
etag
"c8007-243-5d5d9325b0a40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTk4BUQKI%2BacKWMGkztGNunVI%2BNysA6GQD37FA%2B1xhQreOQqJnLn5R6Q5%2FEWGlBv5HI511%2F%2BnjWFGwzUAuo24d0aLz1LXNdJQNrM0h7aAvwAo3ygkmp9L0c8kYwfShkHTvm0mTFFg7%2FBqFYMYMDCAzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fc5fd4f2c5a0f4e-MXP
footer_instagram.png
ar.theshookers.com/public/images/confession/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar.theshookers.com/public/images/confession/footer_instagram.png
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
476df8699000e7fcd11555e9f42a566f8daf58405ff71847b30c9cf6461bf8d5
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-178-web
date
Fri, 15 Apr 2022 16:17:06 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4816
last-modified
Tue, 18 Jan 2022 11:01:53 GMT
server
cloudflare
etag
"c8008-12d0-5d5d9325b0a40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWCZn1VgTiK8D5jbS24IRGffuh%2BF%2BY9R1BfcvC5MQwRWSmmn%2F0p1v3jEsTTqfRbtfN8eW7LZ0ly0h4l1C%2F5sRR7Klz6JIO0PwFIZbsW3Ttt7jX9zivwfA5FMIReR3q2r3jdhUa%2BGOlQSv%2FWPV%2F8psaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fc5fd4f2c5b0f4e-MXP
footer_twitter.png
ar.theshookers.com/public/images/confession/ 		855 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar.theshookers.com/public/images/confession/footer_twitter.png
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8a9db2f0b0d706d1a9e37721c2c2d883258b8e41a74159a58a2fc432151adc
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-239-web
date
Fri, 15 Apr 2022 16:17:06 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
855
last-modified
Tue, 18 Jan 2022 11:01:53 GMT
server
cloudflare
etag
"c8009-357-5d5d9325b0a40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVCotaiWy2mwu7iqVK8ohQto6KBLATRzSlUqJY7yCWT%2BvctvwfeI5Oq6ulJq4zJLwYzqpG92DgsXeQyJRN9ntymKjo1mB3qZca%2BKyG3NwzEzG%2Fsu6t4cRb9jARAAfxwY3rl%2BJ390hRETK5z8czcKDAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fc5fd4f2c5c0f4e-MXP
email-decode.min.js
ar.theshookers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:45 GMT
server
cloudflare
etag
W/"62555f9d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNaz%2BpW9SMGh8ghSZBLOk%2BrdwkPWPfbG4Hweh6zq7IqwvNWpQYMSaBazxXltZYQrwLqU%2F1ItMrII5aoIjdiQT6C%2BC9v8ZA5%2BVBsIv27l2EpXs4E6pZEUSr0HdhY%2BTYGzZmiShjcCHSRXSxMoMb0BsDg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fc5fd4abae60f4e-MXP
vary
Accept-Encoding
expires
Sun, 17 Apr 2022 16:17:05 GMT
jquery.min.js
ar.theshookers.com/public/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/jquery.min.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-102-web
date
Fri, 15 Apr 2022 16:17:05 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3409
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Nov 2019 07:46:49 GMT
server
cloudflare
etag
W/"7072c-176f8-5973591384c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dnQ9JwDoeHkMt7Lqec8LA4oZBqfHjeBC2l5VO90R4sCpq1kA2H0%2BJ1Da2HvBIbJzc%2FEnKC%2FTGPYP79%2FtnCvQDI2VHSw4U1FlTW6APtQ9KxAdbtEJKG19FnTqjdkrmXTtDfbzSipolw2tjwELLv5haQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4b1bcf0f4e-MXP
bootstrap.js
ar.theshookers.com/public/js/ 		65 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/bootstrap.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47bf6b2e0bb21849f205a4f2d90c8e40b2773f3fdf4c764471cd050ef0a87378
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-52-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 01 Oct 2021 09:01:32 GMT
server
cloudflare
etag
W/"7012a-104ac-5cd46cf3f7300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5UfHC9U8nu%2FHIXMCTY6GC7h9y8lwz1czqEodUn55PNCkqFriLWWIvMO5gK%2Bza7oOLA%2Fun8DAu4wyarpDYTLGS6yactzn%2FpNW1%2BYfQbPqT9N%2Ff0CTfYHgMZgbTAG%2BGUIMsDbXAHt7hZazujHfoJ8LhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4d99680f4e-MXP
angular.js
ar.theshookers.com/public/js/ 		114 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/angular.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72c5cdb8ee97ed1e23f49f9cc0884c795f9c70e85a566453d9701f12cebfe9f
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-28-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3410
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Nov 2019 07:46:49 GMT
server
cloudflare
etag
W/"70723-1c61c-5973591384c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H7eJ839GHQcbbg05M4o5uMdzQ5Pz51g6MJ%2BBXqUekdNI5mzEjFwgoYYZViZ7hdaPC4WFbxUDrErVC406VWOEpld%2BmapQy9TQ8gg61hNu4NkjoJfZaPKcEEpiF44IgK2xmEQ8ULtOFBAZ384nQrheC8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4e8b110f4e-MXP
angular-sanitize.js
ar.theshookers.com/public/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/angular-sanitize.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db668b70fd0021a224a50338fc80f62881fc5e678e84987ff62785d86ab3f320
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-67-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3410
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Jan 2022 11:01:54 GMT
server
cloudflare
etag
W/"7071e-5536-5d5d9326a4c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ejf9lely%2FIrzPO6BWSa9jSQA9uQc6HTFLD%2F04xzgaUxpXlqWBTt1suK0FHjPzuidqp9n12R33aXki9J0HbsQPfGi2xylfXzBGp9RFgChsqtc%2FHS7Gf7kMsUvcXUpZaI7NJjELcKxz5FT8zsQaBuuR5k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4ecb9e0f4e-MXP
site_api.js
ar.theshookers.com/public/js/ 		79 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/site_api.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5e6f7994c5f4b291424f145d1fede1bfb2793cac841138f0863fd954da721f
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-28-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3410
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 22 Dec 2021 08:15:58 GMT
server
cloudflare
etag
W/"70dd3-4f-5d3b7bb46ab80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzGf%2F7%2FR4lA%2B0FVVYO24jwjuBZ8yz166AKQzGqGrKZMAMUrrad%2FM6AAwKecL4c4bcyZeGR7UU1MKTv1Psb9XTSLxJgQ34VRt9hCeZS6Yla0dNVx4lzMIsFzEMWeU1HjFmdvm5bXEffRd8dzEiLmF8eM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4eebe00f4e-MXP
s_a_cont.js
ar.theshookers.com/public/js/ 		77 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/s_a_cont.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d28698b173d2d4ff929ff4be4a795921785b3311da33160adb4791d4e46086
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-67-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Jan 2022 11:01:54 GMT
server
cloudflare
etag
W/"70de2-1332d-5d5d9326a4c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oWw5wcgFUActvsQ3uof14Rlh2ff7JHpVp2wE%2B%2B8%2FC81ppsGaqEffuxIoHeHKwZf2o1WC7qAjKMFWa9T2QMlbskuosaVLSg2NbrNd6V5ZMsv%2BbPb4P6%2FYwtk0wsna0x0ScPacWKVSWC3HiUGwGUp%2Bfk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4efbf90f4e-MXP
s_a_ser.js
ar.theshookers.com/public/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/s_a_ser.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b93c82b31f94350aed274ec1f3f7bf3b0f561950cd72fe503e8b205de8fec8
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-67-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 18 Jan 2022 11:01:54 GMT
server
cloudflare
etag
W/"7072b-13eb-5d5d9326a4c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEpctU%2Fv8IR0V7goaxgm%2FDgRchLSjT9w2UlVlgsujXYRNMtwEf8mblfAFCl%2BGNp9FcGoIGOWkKnMyjoPhuugMYBBmCQBZ5tWj0%2Fyo%2FVApIPcPsubumX3F5F9IYGtzmLUd42RdTmG19PHiy9xkVxOtQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4efbfa0f4e-MXP
site.js
ar.theshookers.com/public/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/js/site.js?v=20220203
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e831a2e9fb0ec5cedbb064ec1f2e74d282148a33b04aaae6b1445269b0c34c2
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/a/sync-quiz/1iRn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-52-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 03 Feb 2022 07:53:52 GMT
server
cloudflare
etag
W/"70376-6dce-5d7186f6aa400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYihP4zpMC2%2F0y59FW1oxuvlHJcGT1d16WZPIOnz5GUQ73qYii3HFID2IkKfgZVpPyGAr9%2Fe7POjpF8jT6%2B9W9imCsewRZDb5MBkS8L5O4NyJOkqMPxqaCRYMT8dCELVDBDm1rRxV7B8MSIL1%2BAjM9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
6fc5fd4efbfc0f4e-MXP
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ar.theshookers.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ar.theshookers.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 15 Apr 2022 16:17:06 GMT
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ar.theshookers.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ar.theshookers.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 15 Apr 2022 16:17:06 GMT
server
Tengine
prebid
prebid.media.net/rtb/ 		32 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQHC56J
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
ap.lijit.com/rtb/ 		94 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.1.0-pre
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
ecb4452035557f6aed0a4ba9e19026708ca182308d89edbc28d65257228c3ba9

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Apr 2022 16:17:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://ar.theshookers.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ar.theshookers.com
pragma
no-cache
date
Fri, 15 Apr 2022 16:17:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
unruly_prebid
targeting.unrulymedia.com/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://ar.theshookers.com
pragma
no-cache
date
Fri, 15 Apr 2022 16:17:06 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
arj
bcm-d.openx.net/w/1.0/ 		74 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcm-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Far.theshookers.com%2Fa%2Fsync-quiz%2F1iRn&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=585480d2-5b94-4757-8e2e-9708d087911d%2Ce1cb6d3a-89dc-4493-a651-7a17b53c2ed7%2C8cf61151-009d-4edf-9db2-82db65e41d69&nocache=1650039426202&aus=728x90%7C728x90%7C728x90&divids=%252F21759293390%252Ftheshookers.com_desktop_atf1%2C%252F21759293390%252Ftheshookers.com_desktop_btf1%2C%252F21759293390%252Ftheshookers.com_footer_desktop&aucs=%2C%2C&auid=544111118%2C544111119%2C551301255
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
57196f0fa886af311198bdcd963b630eb5c6afd11bfc400ac5990073f6be3cc2

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ar.theshookers.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
hb
serve.datacygnal.io/ 		22 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://serve.datacygnal.io/hb?zone=152597&v=1.6
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:06 GMT
Server
nginx
Age
0
Access-Control-Allow-Origin
https://ar.theshookers.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
22
c
prebid.a-mo.net/a/ 		0
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ar.theshookers.com
date
Fri, 15 Apr 2022 16:17:05 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
98
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: datacygnal.io
URL: https://datacygnal.io/ots-126-4502420995.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4e820293e0dcc61368aeed9797f7a58782a7b2cbeac05f8da8425bf204010d70
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 15 Apr 2022 16:17:06 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0088b388-165c-495c-999e-4db7295b050b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ar.theshookers.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gtm.js
www.googletagmanager.com/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F8NWTV
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
577ec76568d7b32e96b38b2aadb03d20b93b6fc952f83ac456ec9747e39dfc08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42312
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 16:17:06 GMT
__pmon.min.js
p2e9r4n9.stackpathcdn.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p2e9r4n9.stackpathcdn.com/__pmon.min.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fd15dccc78b33bb29115461ac9504869f4af29b5bdc93111b8ecff5d58469206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
gzip
last-modified
Wed, 09 Mar 2022 13:58:37 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"4ba3-5d9c97e7e3e1f-gzip"
x-hw
1650039426.cds030.lo4.hn,1650039426.cds251.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, public
access-control-allow-credentials
true
accept-ranges
bytes
content-length
6398
fontawesome.woff
ar.theshookers.com/public/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ar.theshookers.com/public/fonts/fontawesome.woff?v=4.7.0
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/public/css/font-awesome.css?v=20220218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

Referer
https://ar.theshookers.com/public/css/font-awesome.css?v=20220218
Origin
https://ar.theshookers.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

server-host
as-hi-74-web
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2866
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 13 Nov 2019 07:46:49 GMT
server
cloudflare
etag
W/"706cf-ad90-5973591384c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkUvfYNnUBawknm79O92woy%2BaE3AkKfOYvXu1tX%2Bxrva7qXzHpSWMINGgRfc0VQ9uX3kQe8lpR8ZP55cbLcPxojvvwQiNqRk4hwB%2FqPBUO5dg7ma59QiiOcaPnLn3LDBk6Lw5rSlLRSDqfZj1DFVCTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cache-control
max-age=14400
cf-ray
6fc5fd50e8200f4e-MXP
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 12:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Apr 2023 12:05:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		102 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ar.theshookers.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
97e72b7828d141a43e58d771117835740a4c0e51417473de6dcd8238a476d425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
x-xss-protection
0
expires
Fri, 15 Apr 2022 16:17:06 GMT
dip.html
pfx.api.botman.ninja/ 		55 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pfx.api.botman.ninja/dip.html?ak=f8fe1ae5c2968a9d211e3fdad4e6be1ede137ae5&m=PFX&module=JSTAG&f=SCR&vis=8&ifp=0&burl=https%3A%2F%2Far.theshookers.com%2Fa%2Fsync-quiz%2F1iRn&uq=Mhf35MJh9eR6&ac=null&purl=&ih=1200&iw=1600&ow=1600&oh=1200&plf=Linux%20x86_64&cpu=undefined&lst=234lj4kl4dXfsDfkJitY323f6d3&aver=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/100.0.4896.75%20Safari/537.36&uagt=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F100.0.4896.75%20Safari%2F537.36&cen=UTF-8&aname=Netscape&acod=Mozilla&cd=24&zi=undefined&nlang=en-US&ndrv=false&win=true&dnt=8&hco=4&plg=true&layer=0&nmt=0&nbo=Etc/Unknown&fsa=false&ch=1200&cw=1600&sh=1200&sw=1600&bld=24&actv=visible&acc=Intel%20Iris%20OpenGL%20Engine&gyro=undefined&pop=false&brl=0&brt=1200&brh=2&brb=1202&als=Intel%20Inc.&cam=undefined&bt=undefined&ce=true&dlmax=9.7&ntype=4g&ofw=2&ofh=2&s1=NA&s2=NA&s3=NA&s4=NA&s5=NA&s6=NA&hless=false&s7=NA&s8=NA&s9=NA&s10=NA&s11=NA&s12=NA&s13=NA&s14=NA&s15=NA&s16=NA&s17=NA&s18=NA&s19=NA&s20=NA
Requested by
Host: p2e9r4n9.stackpathcdn.com
URL: https://p2e9r4n9.stackpathcdn.com/__pmon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.80.50 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-80-50.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9a73ec51d0e62c2fdb04d631b841b43d1d61a18fd1c09ffc243db565ef05bbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:07 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 10:43:55 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"618cf3eb-37"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147732382-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7196
date
Fri, 15 Apr 2022 14:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 15 Apr 2022 16:17:11 GMT
optimize.js
www.google-analytics.com/gtm/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-NFKTGG5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F8NWTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97a635aa8d6d50a3994650de5bf3bb558bafd2cdfe7e7c58144087115cec3a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36606
x-xss-protection
0
last-modified
Fri, 15 Apr 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Apr 2022 16:17:07 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ar.theshookers.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ar.theshookers.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2193760508766933&correlator=310520696254735&eid=31065714%2C31067090%2C31064226&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=21759293390%2Ctheshookers.com_desktop_atf1%2Ctheshookers.com_desktop_btf1%2Ctheshookers.com_footer_desktop&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C728x90%2C728x90&ifi=1&adks=4186764061%2C2814768999%2C3487201439&sfv=1-0-38&ecs=20220415&fsapi=false&prev_scp=%7Chb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D27cfc1fcedbb45%26hb_bidder_appnexus%3Dappnexus%26hb_cn%3Dpbjs%26hb_pb%3D0.00%26hb_adid%3D27cfc1fcedbb45%26hb_bidder%3Dappnexus%7C&eri=1&cust_params=page%3Dsync_quiz&sc=1&cookie_enabled=1&abxe=1&dt=1650039427576&lmt=1650039427&dlt=1650039425454&idt=1810&biw=1600&bih=1200&adxs=436%2C436%2C-9&adys=74%2C675%2C-9&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Far.theshookers.com%2Fa%2Fsync-quiz%2F1iRn&frm=20&vis=1&scr_x=0&scr_y=0&psz=748x0%7C748x0%7C0x-1&msz=748x0%7C748x0%7C0x-1&fws=0%2C0%2C2&ohw=0%2C0%2C0&ga_vid=868130615.1650039428&ga_sid=1650039428&ga_hid=106837148&ga_fc=false&btvi=0%7C0%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8d641e503600a9171f0f5fbc722e4fc07985459dbac6ddec96126656a9c66499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16001
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2193760508766933&correlator=310520696254735&eid=31065714%2C31067090%2C31064226&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=38924784%2Cshookers_728x90_ATF%2Cshookers_728x90_BTF%2Cshooker_320x50_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C728x90%2C320x50&ifi=4&adks=3123464060%2C2216903215%2C819652461&sfv=1-0-38&ecs=20220415&fsapi=false&eri=1&cust_params=page%3Dsync_quiz&sc=1&cookie_enabled=1&abxe=1&dt=1650039427607&lmt=1650039427&dlt=1650039425454&idt=1810&biw=1600&bih=1200&adxs=-9%2C-9%2C640&adys=-9%2C-9%2C1150&ucis=4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Far.theshookers.com%2Fa%2Fsync-quiz%2F1iRn&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C320x-1&msz=0x-1%7C0x-1%7C320x-1&fws=2%2C2%2C512&ohw=0%2C0%2C0&ga_vid=868130615.1650039428&ga_sid=1650039428&ga_hid=106837148&ga_fc=false&btvi=-1%7C-1%7C0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
db312eb4a191bdf32f58e1123627cfaecc896975076c917887d8219b963e23b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18273
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D49A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:07 GMT
expires
Sat, 15 Apr 2023 16:17:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=106837148&t=pageview&_s=1&dl=https%3A%2F%2Far.theshookers.com%2Fa%2Fsync-quiz%2F1iRn&ul=en-us&de=UTF-8&dt=%D8%A7%D8%B9%D8%AA%D8%B1%D8%A7%D9%81%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%A7%D8%B3%D9%85%202020!%20%D9%85%D8%A7%20%D9%87%D9%88%20%D8%B1%D8%A3%D9%8A%20%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A6%D9%83%20%D9%81%D9%8A%D9%83%D8%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABQAAAAC~&jid=361582299&gjid=1956418144&cid=868130615.1650039428&tid=UA-147732382-10&_gid=1804049367.1650039428&_r=1&gtm=2ou4d0&z=984191743
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=106837148&t=pageview&_s=1&dl=https%3A%2F%2Far.theshookers.com%2Fa%2Fsync-quiz%2F1iRn&ul=en-us&de=UTF-8&dt=%D8%A7%D8%B9%D8%AA%D8%B1%D8%A7%D9%81%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%A7%D8%B3%D9%85%202020!%20%D9%85%D8%A7%20%D9%87%D9%88%20%D8%B1%D8%A3%D9%8A%20%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A6%D9%83%20%D9%81%D9%8A%D9%83%D8%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABQAAAAC~&jid=7289615&gjid=840609894&cid=868130615.1650039428&tid=UA-126527512-6&_gid=1804049367.1650039428&_r=1&gtm=2ou4d0&z=285467374
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=106837148&t=pageview&_s=1&dl=https%3A%2F%2Far.theshookers.com%2Fa%2Fsync-quiz%2F1iRn&ul=en-us&de=UTF-8&dt=%D8%A7%D8%B9%D8%AA%D8%B1%D8%A7%D9%81%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%A7%D8%B3%D9%85%202020!%20%D9%85%D8%A7%20%D9%87%D9%88%20%D8%B1%D8%A3%D9%8A%20%D8%A3%D8%B5%D8%AF%D9%82%D8%A7%D8%A6%D9%83%20%D9%81%D9%8A%D9%83%D8%9F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABQAAAAC~&jid=608289005&gjid=2122442179&cid=868130615.1650039428&tid=UA-126527512-6&_gid=1804049367.1650039428&_r=1&gtm=2wg4d05F8NWTV&z=1783308519
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB9A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:07 GMT
expires
Sat, 15 Apr 2023 16:17:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-147732382-10&cid=868130615.1650039428&jid=361582299&gjid=1956418144&_gid=1804049367.1650039428&_u=YAhAAUAAQAAAAC~&z=106460623
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Apr 2022 16:17:08 GMT
content-type
text/plain
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CDD9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:07 GMT
expires
Sat, 15 Apr 2023 16:17:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E87C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:07 GMT
expires
Sat, 15 Apr 2023 16:17:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126527512-6&cid=868130615.1650039428&jid=7289615&gjid=840609894&_gid=1804049367.1650039428&_u=YAjAAUABQAAAAC~&z=463893843
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Apr 2022 16:17:08 GMT
content-type
text/plain
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126527512-6&cid=868130615.1650039428&jid=608289005&gjid=2122442179&_gid=1804049367.1650039428&_u=aAjAAUABQAAAAC~&z=390792603
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 15 Apr 2022 16:17:08 GMT
content-type
text/plain
access-control-allow-origin
https://ar.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 77FB 		624 B
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXDGS627ukWe-Sr2rIc4fHta3PH_9dR6gWDWmQO4C-091EcsnvwStTw5syoUKTHnlrmYy6a4UqoGlxjqU8mCcAqgX25UsjIfc6H7_QcBaQLzsAGhH_thP6bb2NUmfEvXJB5_DVXekkJq1osMVx-qh_CGAK0Q6gZiyDpq_m7udqdx-3YLkY
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:09 GMT
expires
Fri, 15 Apr 2022 16:17:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame E87C 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Albos8RZPeq_02mi1JcMJU6HM_gsvHpJxr50nOG7Gi3JvfX0XTlnosyRR6ZgVYBCg2pLX995JhBaC0T56z-SGgZCwdF7UV9UlpSgVbQiC_owoIhVzQzFR9B6K4yi_YDqwqh2kYvhtxsyLb6tMhQmcQlrPhhQ&dbm_d=AKAmf-ADCIplvwsgqgDipLXmoCqNuxlznuci-VQtafB9bfWf8dnuUaMTE1n6_G6OJOnyt3vySKNt2PYfMZZ5qzuYrMZS0sLsIpaK4ebNuVLCMex7n873bgaM8GadphuTz4gICB8LSEuzEgXjeAE0p8Fj0_o_5qBDHQr59B2ISyteTnbcoUXxXY7fZmHb69gBc7lAIBR5M1YXlHB0VNX5xNVsl4q73xqR-VuD0hDaGPKYor-Y5GC8QXDR9NDouHVMFvbpgao-E_SHh7YwTTS0TDk4zy1cE9Yv8yvqK_KHLNBnV-T6R_q2bTcGyJxc3_Ey1FKvfJvy8gvsn5Dwg3-D9KSGwuWy1AaRf2KmDrMXkt88O0rWuwyKwyal9JkZbxF9qBef6QReWxcc8hlw-LQh05gWH_hSawiVvx22r-9LJ3S4aevELPRAvOUzSRbWwPOoO2pckTr6oz4rimE7wEQoy9s8mpG6FRZUH6xV6pahgnvzmbXcMdrSu0hCyuG82NL5FruRSaVpr324uegvhHwCegLaLmPWtNxC5iG2iRJdXb6JrXeIJqIgjAlBzX6E-pMBIQJGBGhJJmxSIoRoFl547RZF7_tZHQuuK8yW_t8cR9P3_etgjccUgWdgcIStN9fiJIAdXFGAvp-hbMQrEZJ7Dliau4s0xyvvenkgHzqT5c7oJqO-dbvIjZxGAez5R8IND1RoxhsIN4ikJvEz--j5YPyTDkFRJzk7JTt2l_2jR3B75Vi_Fq20XS-ofXdXOXhNV0UW6OAGzJJpv20LR3uEOAcf1WjUrhj9lrBXXm1SitYbbcioZW-rbPgg7ug-kMzUktYL92mvW6tI5TV2JxQbEgtSGUugf45OhvI1tE5hFSrs7YufitMb_HnvuVRcg72FrLMkywj8QMBKS6X0AHMDkAOGYM9o94K1RS-lKl-erxQz1QZSXHDdUKWf9RRmFlP-V-NyIa0GdBtdNAZH0toq1qvOc0V2O-3IIJiY6ME_jloW5RX72yMH0moO103MZfnrvVzsHeWq5FM62X7ViLf7G42sjAlkrh7ul8eAYHYV2ZIjan3vdBaLx9EMQm69AiF6_qy4JIQI07cL_4nNrY2pWykoxJLXSo4LN9bYeYwtHLAt3Hl6mfKdYgrnbnJpA65SRae3rW4cF03N4-sM5Obafur8rEVJJlit-xIoUqLP5lzhENqSmn0TZWWIlzrE7Fl09HEEoQqzHs-A3DDhL9KVUzXRvdi8VOUDKWw36j9PNKMqNBxOpFedZ5Cs7ZRt6WTHo-MDgy9w6ddVGe9rBEAEV61ckgkpm9eftWVyKkYHNsLt61fnjYX92UVad6yEdHZVPODpN_cl5JfU9Hg3G012tJe4wYs8vV11tJEVBDJTOaetFN0vmak0-BasINAWAG9c8ilYx6tRu2PFV_c7t3ZEJ6zO1sg4NAosavydBqQVvk3n_jN9I_G7wO3gW4WZfX-Q9WXQHeqSkxL2aq0qqyTlbOW8uZlzwatcaVfRaCh0hhZr7GitzVkJ6c9JQLl4tEH5Djpa0ByOHRHNkeFCdFN-5uuVDxJ6d0uO6s6SGle3_J2JPrZ8tsBVZoHWbpNmZ5qAbgjHhj4Z9Ob1swG_NUNSVpBXL2ZXVYfED-OMkiiscuVOh4IzDIvhymktr2MfsnPIscXdqC_POpN_ZCpP3aomsHxV1CusunE1Sr5o8eyDkFaCtiFZAF-xiW-s_b8owGrkEctJxC631uKMctD0lf6Br8e4HbBC23j3a6TR24dlzcGwAauVivVaP26-ON3SiGr7yvNGTjQdyIaTaw4XFiFOXlaCpK0IxjDQQSCJZK1-NVYffeEMox89jqj61_Tqzoy-WKZzObwwkZwxIrBm6S_jH02R579L-j4YTi8YkM2MzdCUY7IlpQpq5Rt9wXSTxENBvU3PAo10S65hzHldyL4xKWBum0eMCjy6ZX64hOtVt04HP8mUW65QorszekcNVId-wQy_pifDvGHyQkq30F3G9m_0Lm2Tq9pYS-heGSu5QHkwCbKZ0fgpnb_5kwhRFbrFKBZBQuJRPGIs44fh_PW8TCZSHkD2Cjel_-mKREa-Kyw6D_38OSkik4PtjDCCFhnj24T4bIbBD8ZrS5bOHQWKnIx1EaPxLho5rBzTmpUkKxuvKIV0UvBbK2ycqtMWKB2M6iZtmsRzfjnvhwtWNkiVZsIQWHeLOmcJ6vSAoi9mXCZCgWco0lMdATg8If44SKErhsk558AvbiqeKzMndsfxWwv4xbg8qWU_NIaznQbma28Qac_k9KJsLf-DtYqLEP6S0VLeLAbquKfs3V_s-Uxq08aySA63hLUnM_gvEspDZr53P79GXFnYjBLG63Cr0KtvdrZCYsvqRG003xAc8UHz_aDMIaa3UehNoQ8mpBl1lkzdeXLeYOzIdllG1uE9ohy852S_joDJuqhP9MzaDHQKX5fvJFoZDu8Cd3gurwpP4HKy1PvuSy9zuxpZ__txIi6YfNYhTaFkZniwLFJL0qwksfGyee-sCK9xEgtFDxHCvsD3LKttTACIz2GEw9UBx1Egr95-YckUhdO3w1sPF0G2Ni6BJsJMDOEg1Fr0gwgGdPYA9myHfY7vRIWS8qEx97xoX93N3rKQ57kP0lzu7JDj7Qd_WYPg43A5MbT9Wmd7Wk5wH4pH6WDHQ03nnd-xrHHkY3lGa0LH5OFK8xieBTlOtUfbTDkkk_Ws_8p-se9aHdCE3vRmmiI7ecWn41tPFeJ5Z59epB5UZ7v2Q2AFT9kxLARxZjYRdgvfuB99gtxmE5Kd8sM5irkpRmrTS34QCyN4dBySBgfPWa4ITLzvaP27gYEpYDynvPipXj1gFb5RW0mDOQzM1Ht_kmRXNT_iYoJpfIPgAmyhBZKiA_yHgLH5O06RsEOTxaKRPW0eAx19fdXcCLzzxxj8MM0aqGQS3a5AV3XGFVeFN_wIRZ6GWOIm9KnrGJhTj875xPc9MeRke3bg8NUiMCqThGiCPRHSiwhuspTcXHT-g-HWwTuD5psO1JImfE4fPxidocU1XS6Lo1hnm51NI9rr1GK4NUn73fiIkuR3pw8KhNhsXEzK37yAQPIn5G2WORQe7d3bFUuYg62jJBk_yckyNzHH9_NpwzdnwaL5VX8221E9XJyXEbtnH4wDanC8r-CAig&cid=CAASJ-Rokw4I5P00cg84yg9phsCaccRawpz-D2Vv-L5Cfam9klv4Ddoffg&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e611a895177fdfe2ec9849cf9e93c757f6e8c043cc86a97545f713229fe5093
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33827
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E87C 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmY5oXFEIoqdcxSQjm9bYCruMcZahdfdVEMxTIGc2n_IQljnH1ACJI1xutiQs1ZPF906lgMPQ9M_pTQF1yj6IRC7OJJ8ga-RUzXFHa5bRTWE9SIRo
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame E87C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:09:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E87C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame E87C 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:15:41 GMT
l
www.google.com/ads/measurement/ Frame E87C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaREkVTjvkmuFfCvofW0yFrkvZdXYmo6TFsScR2ebTe1DOxQE02-Ne6o0RUXMWm2f1G9d96Lb1vsMTgRTItk3zBHM1z-zg
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 732A 		624 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWwZnIATAB&v=APEucNVsRDNXS3Yx7oesxOAt4uTJBQ5Ab_is3e7xLyz0NnEfrCO019IaAHaU-hT_LrIujmHzB0Rm4jbPjIa4Ps3QxzOsCO0R6yEHkj9XJgRbmAxT6Rw3j21ssz__XLJQCWQbpvu9cJwL_SZ8kTiPJMaMcc94ciOkPW0p9Z0HL94bjiNrp2qksYs
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:09 GMT
expires
Fri, 15 Apr 2022 16:17:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D5CB 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B__6EVbH_o1G-M20vs6sy9miDpKK4vdnVf53_usMDNrkDHpdkvdPhQI18S81t8dk6iRdK1mqKdB0H_Xg6kul1Z-Ew4dP7E_JLMOZNwzONl55r4crvazVghLc8hhcx4SW64pRYD6QDamKTmdY3Ko8dEpqmhXA&dbm_d=AKAmf-Aa-W5Ubq8HxTvm6vzUDQXzqTCslwknJYB6F4e0HE6soU9myBYOMTpRANWDipfd0FJtrF-UGCyqmkJwsh2_erdKPuYtw9vcLAC_q5mzbv4JG4dQ-knqpWUDBwP6Yit8tEZnJKz-NvujbAEJWPsYl7QBhHKsZHFs-q_cOI5zGZmS4z4Yxws6-a0EAf9Tshis9-0xqy-nt9x2wWLhgtndoiDVFMhsQgcw5TteLOBASLCwySz85I7-3Wtwiz06M2oZ-lcpzakQs-WxagJFrwTWuWgiSZT4bygQvziFwQkNnlZy8YkYf2Pc1UmClr0_jL6EQT2welcLNMdzUjnKeMMOS7nU2dqUnOsRgDCKI1YQt0I4srA6rCZff7yE8IWXRB2HegHu8bVdlQDIWxg3XYZ8XyNxSlWBy8IezzcHUapb3yXd9f0vOWi50iun_Uu_8qsqxv5lnLJVuUAlphs9jHaCLnAtlgKmZsWXnaLDMUbm5JwtG-YzSQWGBNw3PJTfcTI5XN4iQxPGE6-jLYmMIgjgPWhSAveFMU99ICsvBvqIZcZxD1SNlqGLWSynsHjhRkCIQ-lEy2kMNIgd86wNu7M8_yxOoF1aztqGaB4dQstg8SEt3T3eRnnnyLYA_sAeOkGsGniSJVpHQ8Ts4hmLgNMN1_0y-9hO6ffSj9z8VT9rHd-L_yoH1usMSpLacmhW4D8OKIzq3IV-W_Q30JinDVE9rT4BeUyVselrqGQLSi7lp_7tL5ZRWhwa6TcSO3NYsEMmUF7Kv0rNIENRd36-fowqIMA6e2VXP7bhLXq7zu-OxSufKjV4TS3os-eU6crEP8yQMH8uqxN6X1vcxylw9IwNEyuzV4d21FAoh5V93agdsiSjnJSnCoJCTfRBM5DxuwDnXxlg_O3laIOAzi-iFogGTPkIn4dDc49HnUoDQeeA9GbxdFkFwVWoOfnEZ-VjfjU9qNwg6-whVjyXWhyS1l0nlfjyerhjxA5LtTdx9LCao7olC1J8TMc1dL564wonCyICC-7D_OPvwOVc7Guh2vhh6o4AM2ZULvZIBWmjWWy5bTuduiQU5P3QXjRmi21pINgC3DNwXKMbzMBODWrsVPLbiklSu0G1k6bRuA5G-oSLnJMClBbmO20oDIsMb4QUUdl1GbqJOO6eQ6LQi989d5J9dO1Lhm7uR4fmEj6w-mKLiOPktDEUUMfoyvCGr6DNTrLUYD-v6WhJOOAuKrvOd4Dy28Ye5Vsua4ffte7D_jNyOQTenfHt4WYED-d7zGs1gdrk0VAZ-3SuxhmiYbyvWuQhtBvQD7_hIwW89X8V4J5PeSwZlF9Mmz4GUU5A7a8AdYkKvMZ09BzOmq8NSNj2F1jSs3i5EqupX9cEhF_wkfBzs-b7tnw9Jg4MUzzuysl-tr4PsnayjfN5uhXcRIdeOy0slza4zp-jKD7fGgeJuhX7IZpHPWJaaSdvuhXjjHYq2hD0Wpn_JPrnK2ZeGliEoMkR0hb5blY6Z55eBRccq78swnTWQ54SvoTZNhPXd0Nckeql87y3trvJzP3n0gCvxMO7OXa0m5CUwtHX3a_jjhpY_pt3VY73eGr1BrVDo1AsQJuLat7Yi10tyFDWEAKzg0cIQ8b6DK7SD_OVYejo5YHgtrBlJwlELgYwRheG-6AIcnsiXM_-eQsBaJnBlwjyAf3Sr4acbssv70_CjNGjLiXN8pJCjwpt_P-jkdr9nNILzhCXpydVYxyStFXtXAcwHy688Bgw_eaY4gHi4WPdy8ioh5USADa_HoGemGNwHEq8tbRcMVchigz4GFgREBqGFF42RJQe3bGNOtpPFK5_VwCBKPUDz5qh7OoeMXjHxim8xbNJSAO-b5-1Vi4w8W0YVCdXj3yMJfFzkvefHJIylGhvTdL2fHQ3XP_-A3wmPUZzKIFFRUjJ14O42n-GfJgAb6z0ftlgKxU_1909S8iXXsYQLDktEtc3c1QUO8JEmJJMuxXc_T5mthaGV6QDi8dqOSyV3W4CKuFkCUqIu7f8XVVVkFVciudBcnueBglkdR3SfT4B1y0RF_EuPMMjpPzzDwlWZff-o7ORh37nC4-SKLp0qEjkYS0a76nya2Iinf_YZsXKNcbmUvuOoOnDRbX7iHdBeX_jJX1d_KX4liQbHM0P7oORUDQfEnQ0nfN0d-UDqBHze6iYW4w6meP_f_Pmm5RYbKY9MTPYiz9fpMXT2tefQ1oX0K2JUoQnPLkJsSc1cTmFekQEr4jk0dzAHSMd9uoejhCVHDVdKPEYppwAu1PrepUN_nu3uqyZUEZohxUsej1XkguH4KQ_KdiFmvY_sEtCx3HMcrPZIm_lSJFu1ukjeP9y2Mxjvz_ArOIqbSFrqfkBV0oycxrGOfSJJRFgC05kDF5GM7zPjlrHKPSsLlNa8y1wdS8KuXcUa9i3kX09jIyQXiO6rWLgsc2tGDd1yUFhC1l_s3p6UXJr56YNYEG6SiUfugZe7DNQwKcWo273EebzkGWWrBzAdH8rMqI3xQA26jPzFutqZ5N_8Y3nXjJ9TtDRaAegT7sWjVMpOGleNYx2cLsZiSwbAREEZAnlth7nJiK8SDYrLSCaVeZtLCX9YdBfQ8USTs3zTrag4u5JShMZrG6UVsXycHiuINkqULGaBk2ax-XYvyG5luyGlp7LoyEVmevLVu3McFHgg4MszK6HJX4CBfL7k6ff5HBS9hlfzSjaJrbkC0HqRXMgAfr9gZ8uDfYD1ZUNuQPcNpx5c42m1HxISLGLaZolKqBRh85pztPCA0kN60uLoqE9ctZe6XO6eI6MLPO-7k_UXOJ96HKVjbA7p_0Y0PtU-LQxKqZsAeQr3QIHOzf9x8wELWl4Yr3ZSwhLaCar7FxmV-Bj8i88NxWUj5d6XFHMP1mVKSqRvaIYjnZz0wYn61Fj8StkcawDTezMG_J4JjpTGXNvrGs-RHIFTeu8GOtPv-KCL1pE4EtdP_h775k1DR-6UlSDhb8721ahwKjRv6pTSVZGk_CMXGji61zo7UIUFUQ4BwKiM82i8TTkT8eKMFLIWluwtZD0dI0cOyRCMG7XprVEv3VVZoGb9cbxHdQUSctwjlLfgiEXTpX0I22qQb3uWqkYd4_dMWxP429-3R1z3P_tImfnypvza2zNZyRnBYTDta1zF40TIt94hkphpKNYg-CYT1lcd7iccyenHOR_SVkqQ3jBKfsfP4IQ76LYHco19m7uTC3REW8ZfqzexxuM223lBhnWU1QAbDSrO9DKc3SNcoNIyUdr2DfThszuFFThqJyHzqR9ftmOu5bChTcouIUWPpQ_KeAMcJyJW5OXExJEQNHEz7tpVvmhGE-MPB8ChJ4OKfS-z5ohItMAcx76Yaj6rRf8Zer__tanrYTLZXBkHG1bl5kW5qBwnkhz8xGfPGKxpc6tiZa8Gk7TQxxwbA43in4v0CqMTcWanregnjMorvL3IYYujKm0s3xPMGDWrP_d_SHI9bVzlH9ZWr32CjYr2PkjeSJluRU8LXLFxpo1bn10LKKJx3KCMO4LssPZ1McMKJPqM1z9Lpvsvu28Fs-xkJNe3Lj2ZucvdcSkvutW8yFWP2-Ks6gqJboyG5VoTg9rYBIwbbu8-A&cid=CAASKORoV8rsgJAyOxmyAAoMlcU4PcmepiPhGz0nm7RmuC3Jmym1Bc2qirU&rfl=2%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d4f5b285c3ea23e01411750305074aadd1bfe5aaab498b29a97d6cdb9152d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame D5CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:09:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D5CB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame D5CB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:15:41 GMT
l
www.google.com/ads/measurement/ Frame D5CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRj2Ow8RbtoIy3iYlpUQxHRfITc0c_l-G63aqD8Yb0h_CQPuE9iuDrDg62_hHkK_1kTENIYlcCqMEA0hju-XAT9FnphvA
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame D5CB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjdIyJIy_dZKeJ18Gxh0TPbNNsfxjsVvTyrqP9uhNEqy9iqbhd_sHxDDP8fTXW2EPX4b9SokGJVkm9pXEo2jtjEJIy2xlrEBX13e9UAqYI0nl_LsY
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 868F 		624 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNXGqr2RX93FOQAdvNVanH1E5P0tVAS81LYwPV5xE155nCKYRik627wtdU80HU0uCK4ZVKEGyL2ygmJrt_OhXG_X7XnsaDe-EoWFiSH1nlihvOiHdh-36P5TN_nwIBIA-GH9eCyB4pqsnx_WFsEsFQIRD8Z_2qFG0GeCZbNhDLJB453HB3Y
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:09 GMT
expires
Fri, 15 Apr 2022 16:17:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CDD9 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_yyiEIx8L_QlRi7gDNKNVWcJdwrrrKt6Tuae37iT2VGLEfLlZ7iv5Mn0cHnBDdG2hoDFT9G89L0zS32tIlIGhXR7B5-fn3LNzq9tyr6v9nLNFVQb5ac1VwMF3b7I_YT2Zvia6e9pBsxzvjlP-hgIU3iFBKw&dbm_d=AKAmf-CP7QHZMbgTPyWpD9qLT7qkoQbFnUejgOr7W1Yu8YhXwplxXa3ILbWDkGME95FGzJy6Q5yMDVcIe3925je-IRaZybMWrTqAmY79rpO3dq7luHBrG3M8MHX_vtNuS35c_sMKUWWWg600tJwjZakeVw-YDK_KOPAWlpZRc9cDFhzq1G4fWxnV8US-XivRcOzvz7OSEsHjPKtqAPTL25FDCy-WmGZ_0yeurPJ-ypoH_doWNRQET5ijOPsgmUaCVBj2Ij9JYrlBta3MohCsYn10VrbatIC3f0x5IST1pY59CYSUKhCYO0IRzhI4jYTPgwEUOIEYdkKzNNwbdZF_Z3iZF82XaTCHz0yAHd_9STL-VQCtQl5IaiFCrnvGBDrqbo-w56zAMXbgtqpVg2xqdPqYCd6n_hn5jbRoPH0sHfvdf49YQRTu6guqwrUd-IXh5Aau4cvXZvjRiu5jLPK1_uh-a3AG2BjoKxiYTHW8N14pCfnbSh3Zjzp89E1SPhHJl8Ty34wu4Rjm4K3hFmgBAQtCJinoGy8Dy5QpPDgzYcP12N9JJ3Z4J5JcK5DM6ekIhw46yW1cv1-Pa9_2dfJseUjp-6_odRvaf1uGEnwSg6uozpiPb9xe5NxNRvtzIel1JlKWWhhx4uYkVM4zcI1zjWJaHWb51epI4HVj8jQDXvXN3D9ZKgaVEdD4gVC80Px7f5c2EcPPHYuWhXiUfRKE0JJ68GK-Sp3oDmkXmF-3e9sldosfrPjVlM2q_zV6pE4gdAQ_G_Aac9qFwxLll0XDj4o_wXWIn4Btd0UvKpMmTkROAgiPiPnBBN0KkOjY7loffAv1laQvyVDiyrlUwv45yBY6QCj5k_Rs6RE4MgX6P_Vx4s01Kag8ZlpsKwbCfTo3tI2eIHSo99Ds-R9ehi3pli3OvUq-pjHcWrxOZV82nDQrhfwCzN4AWGsK2TuUogE6RNCMSDCERYSDmCbzvLu7TKYQhvVVgIhEGk_37QDpeCHSsE9clNYxc0bjtIWZiE_eGnphuSh8Yt_dN-nvG9f3Y4Vv6lOJ_tYpqKjEV__M_MJ3b4cRTt_MBFdgameiMkb86WvvjVVyVpD2WErr2OHHVIPIQulska-8Tsx8ZRWF_nmtOHLziJZWKLCRPfUL0K5RI3Bzg1NwD1csPPZ0G6cALnqqCV_xCGuqxwjDgVRtDlIr4Qe-dQdzw8VIIMzYQ8CM-WyFyNBkrV1WPMpZkT_ly-ORzg6XvsdDx5ujqsI2CVL9yGN4D3oIPdiOEYUr6NV6Qr6ujiQK56b13Xu_6JBCOKGAi4B4DDlvHxmhCqCIG7WVAZqTe77z2juIpQwCWt_Uxc8ZxpgN2IZAP81QPc82bes3llilwQMUBfZrAvxVBHBIKworYQv_eU0xRQUk0PJy4rT8kLRuENNtKub-qMYO7IxVJIF_8ynaQuY9PznHejFtVnaQentws4FmJa_I_8rZbbaE_FytVeZaEBn89FkiXwUcpAdHrgS_y4B0LlKKW6L8TSOeoVchdpeGOCJRW6C3XWolHCyq-AYlQxKqznL48sk3TliYHJ9TLfzEW1P0K5bf_dBNIwsu0ETftungwT4lC3sM1oHbz0Pyy0fsei-B2ncjnM74_eP37wmoLCre56p3GpYzjER80agQGK855-hRb4kZNekf3lfB5FKxsachVqViFqvMh2wccmd4zZ3rvDJL0aYyYlfUA6w-byB0WLCf9mol9hZjbfcroSxQttoo0g3YrO58Fn9aCm_fFByCBL4lkCBANjWuToO7NWJsFr9F-7ChVxIZcIA9UaVjFTLgulofLVcPQzY2CQptKfaENgVKFDh35X-ELHliUGgZ_x210pndoDt7s0m03607_dkrnBVi1Uqoo5mSvuwZbWWWvdieEx-vbt15cROSQSSR8cociFHf7_792Mr9PacxSFpjoMihLsWI-RCrMFf7r6FlztupFweuro5P4opvxz1GjPDEcC6nKUzjG0AY6GxUiWqwFBtqBWR9-ZWJ1bUfi-f1g8ykod_IAwYSLGP7WdI7Nx_7mCRKOuYomq1k5XwjnYtTAavjGctVDy0TLc5FtCw8wA6ZntDHwkgsyiYdduY0L_rKGxZABLhBlxaCGMLpYKmc-GrJQ3mtgUijEPVG2QxSRv1sDguIRdPESaPijYukgFkEIKM0VMrgHQsXYCQBgANusPKR_9atPCe-vqT74NKLi8yqp1vD3jfyQvkhFAPybkGX4fRAa6EOxkquFYYptigvi2-MqvZYGUTWcSSn6MymOhstPo48ZiSYYX8BCM-FmY7bsQYp5PyCDcptAe98qOMefwS_g_kguLIH0tOYDEEtpwAqc7njbRNByzDRCBBuL8AQtFbGJctOAba47g-NE_AhUYVfjTK8j1pl2Fjv0l6ZhKzLqGKPkYpkFrj4MrTXfF69q_UAn32e_jR0mvQsCbOsH5NmGnjEIsEnC4ysk3X-sRFV9te_AyWMrOS2ExeViPp4erDnmdvYnyJCZLpQDyyqCRCctI_RaX1XIXDKHHw31ETGkqfNRy0CXOpsqo3F3qVA9GS4lyqmZAG5qLvL8udZ45R6imwoyubkIJ9luqh9wOnJxwaZ2QEjVw_BoHXZNtHul5iQwwYoNIcxay8T-j2tN1UWWuT4K9Ql9u9sLsWFil2oFWVfAcLLiCyqW0P4clIzf9deq1LvUzTi9ttNGHP_NuMDZE_OdiT5DSpVPVHARXbp6xYrDEWYkXnVmbVt6k_rte0d4Xe2oVeLF_3FdRfjYcyditr4g83MqIktioc_XJV3O-00Hi5yuNKZBSCd1pJ0mzdae0CK1eVOFtXithrVeAF4CtY5hBsL_ph8vrnVlVigxklqmqqMQWV5YjQlEdfGXw4Em4xlY4WIkRG8zs5pxwyYmveBuVHPC-XMtQccuPIoCY7XDidJ0j3fkwyj84GmDtIQ24D2SsV3Wkn-oLc7t8q_zOjbS5d4v-OQK-pmmpAV3g8UR2Bz6e3FcvLbt4cxAjfS9NXXX3rVlH0YGmhCGbmZ7-Y55Va2ZDLeP_xhBXmSDuwDxAHbrMCtMBfcxwyo1w6bQIuVZfAZt7oQvuB2CSJ95WZzLcsywKjmvl_Vto9DUeCR3l1fE430a-1QGaKCeQIq_9IOhWLaeNRHX78TwmKrGvYFIcqQbKGLwQ3hVbDfRHBaV_hVwCmXsqtAJWblChGBKM3qfnS4a5dYpcCJnogP5Vd8gPKWiP44cyMvTlKk5hWOxzbGYGzmZHgPHb3DtIcbYXCFAlZtHA5CwZuPCIx3hd9-XQ7LjODxsHNZnD2Ujssnvg0E1MbQEUqiU9klys5bDCtWJiTg70mLgdjdxkYKHEeA56_tb6UnPQS6pu8X4e_N1yUIy1w_HohQKGuWazeSN41c-RWlfVlSO_MUP1CUEMp_YEolVMNtIIF_JDAJVK0B4FsYduT-xgqDFegbqJO-Aub2EOLKdUjLEzqMT2ozgvKY7lKpGfXlsYL6NVXlw5J7uVcvQ-I1ZcXcXR2_u-iT2byFtDG1f6kBt6xTsJVD26wptt3Vv5t3Mkr3CGFQ_CWaulucd3MPXzm3hwl7AX38jVaXyjzN&cid=CAASJ-RoBm76mJ9ZOqx83Y9QZ0iSLnzn9Gf67tJsA-wJRV89yagmXi0gYg&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94c774aed78361387e6735161c842ef3fdaf129ed2efded05690fba32758a6bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33833
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDD9 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlrmUpVh1cwTVoOGfVG5wX8qXd54GxEZX_jH9TaHcsopxHiOUVUfht21s-no3yZMb6A16QnHb08tV7CHPgfsawqA8Usj4SukTt-mtnVF9kBrIMyHs
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CDD9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:09:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDD9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame CDD9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:15:41 GMT
l
www.google.com/ads/measurement/ Frame CDD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9rKzfcHGFsHhb2S0lYFsC2zVTrYD7cSxBVtIGDX5pSmWbpblwvEzL58LzuAcNMjHSYkWHM1b0MxPAnzf7Htv2Ac3Kwg
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147732382-10&cid=868130615.1650039428&jid=361582299&_u=YAhAAUAAQAAAAC~&z=22741991
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147732382-10&cid=868130615.1650039428&jid=361582299&_u=YAhAAUAAQAAAAC~&z=22741991
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126527512-6&cid=868130615.1650039428&jid=7289615&_u=YAjAAUABQAAAAC~&z=690342657
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126527512-6&cid=868130615.1650039428&jid=7289615&_u=YAjAAUABQAAAAC~&z=690342657
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126527512-6&cid=868130615.1650039428&jid=608289005&_u=aAjAAUABQAAAAC~&z=1123692118
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126527512-6&cid=868130615.1650039428&jid=608289005&_u=aAjAAUABQAAAAC~&z=1123692118
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D5CB 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Origin
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:19:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:19:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame D5CB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B__6EVbH_o1G-M20vs6sy9miDpKK4vdnVf53_usMDNrkDHpdkvdPhQI18S81t8dk6iRdK1mqKdB0H_Xg6kul1Z-Ew4dP7E_JLMOZNwzONl55r4crvazVghLc8hhcx4SW64pRYD6QDamKTmdY3Ko8dEpqmhXA&dbm_d=AKAmf-Aa-W5Ubq8HxTvm6vzUDQXzqTCslwknJYB6F4e0HE6soU9myBYOMTpRANWDipfd0FJtrF-UGCyqmkJwsh2_erdKPuYtw9vcLAC_q5mzbv4JG4dQ-knqpWUDBwP6Yit8tEZnJKz-NvujbAEJWPsYl7QBhHKsZHFs-q_cOI5zGZmS4z4Yxws6-a0EAf9Tshis9-0xqy-nt9x2wWLhgtndoiDVFMhsQgcw5TteLOBASLCwySz85I7-3Wtwiz06M2oZ-lcpzakQs-WxagJFrwTWuWgiSZT4bygQvziFwQkNnlZy8YkYf2Pc1UmClr0_jL6EQT2welcLNMdzUjnKeMMOS7nU2dqUnOsRgDCKI1YQt0I4srA6rCZff7yE8IWXRB2HegHu8bVdlQDIWxg3XYZ8XyNxSlWBy8IezzcHUapb3yXd9f0vOWi50iun_Uu_8qsqxv5lnLJVuUAlphs9jHaCLnAtlgKmZsWXnaLDMUbm5JwtG-YzSQWGBNw3PJTfcTI5XN4iQxPGE6-jLYmMIgjgPWhSAveFMU99ICsvBvqIZcZxD1SNlqGLWSynsHjhRkCIQ-lEy2kMNIgd86wNu7M8_yxOoF1aztqGaB4dQstg8SEt3T3eRnnnyLYA_sAeOkGsGniSJVpHQ8Ts4hmLgNMN1_0y-9hO6ffSj9z8VT9rHd-L_yoH1usMSpLacmhW4D8OKIzq3IV-W_Q30JinDVE9rT4BeUyVselrqGQLSi7lp_7tL5ZRWhwa6TcSO3NYsEMmUF7Kv0rNIENRd36-fowqIMA6e2VXP7bhLXq7zu-OxSufKjV4TS3os-eU6crEP8yQMH8uqxN6X1vcxylw9IwNEyuzV4d21FAoh5V93agdsiSjnJSnCoJCTfRBM5DxuwDnXxlg_O3laIOAzi-iFogGTPkIn4dDc49HnUoDQeeA9GbxdFkFwVWoOfnEZ-VjfjU9qNwg6-whVjyXWhyS1l0nlfjyerhjxA5LtTdx9LCao7olC1J8TMc1dL564wonCyICC-7D_OPvwOVc7Guh2vhh6o4AM2ZULvZIBWmjWWy5bTuduiQU5P3QXjRmi21pINgC3DNwXKMbzMBODWrsVPLbiklSu0G1k6bRuA5G-oSLnJMClBbmO20oDIsMb4QUUdl1GbqJOO6eQ6LQi989d5J9dO1Lhm7uR4fmEj6w-mKLiOPktDEUUMfoyvCGr6DNTrLUYD-v6WhJOOAuKrvOd4Dy28Ye5Vsua4ffte7D_jNyOQTenfHt4WYED-d7zGs1gdrk0VAZ-3SuxhmiYbyvWuQhtBvQD7_hIwW89X8V4J5PeSwZlF9Mmz4GUU5A7a8AdYkKvMZ09BzOmq8NSNj2F1jSs3i5EqupX9cEhF_wkfBzs-b7tnw9Jg4MUzzuysl-tr4PsnayjfN5uhXcRIdeOy0slza4zp-jKD7fGgeJuhX7IZpHPWJaaSdvuhXjjHYq2hD0Wpn_JPrnK2ZeGliEoMkR0hb5blY6Z55eBRccq78swnTWQ54SvoTZNhPXd0Nckeql87y3trvJzP3n0gCvxMO7OXa0m5CUwtHX3a_jjhpY_pt3VY73eGr1BrVDo1AsQJuLat7Yi10tyFDWEAKzg0cIQ8b6DK7SD_OVYejo5YHgtrBlJwlELgYwRheG-6AIcnsiXM_-eQsBaJnBlwjyAf3Sr4acbssv70_CjNGjLiXN8pJCjwpt_P-jkdr9nNILzhCXpydVYxyStFXtXAcwHy688Bgw_eaY4gHi4WPdy8ioh5USADa_HoGemGNwHEq8tbRcMVchigz4GFgREBqGFF42RJQe3bGNOtpPFK5_VwCBKPUDz5qh7OoeMXjHxim8xbNJSAO-b5-1Vi4w8W0YVCdXj3yMJfFzkvefHJIylGhvTdL2fHQ3XP_-A3wmPUZzKIFFRUjJ14O42n-GfJgAb6z0ftlgKxU_1909S8iXXsYQLDktEtc3c1QUO8JEmJJMuxXc_T5mthaGV6QDi8dqOSyV3W4CKuFkCUqIu7f8XVVVkFVciudBcnueBglkdR3SfT4B1y0RF_EuPMMjpPzzDwlWZff-o7ORh37nC4-SKLp0qEjkYS0a76nya2Iinf_YZsXKNcbmUvuOoOnDRbX7iHdBeX_jJX1d_KX4liQbHM0P7oORUDQfEnQ0nfN0d-UDqBHze6iYW4w6meP_f_Pmm5RYbKY9MTPYiz9fpMXT2tefQ1oX0K2JUoQnPLkJsSc1cTmFekQEr4jk0dzAHSMd9uoejhCVHDVdKPEYppwAu1PrepUN_nu3uqyZUEZohxUsej1XkguH4KQ_KdiFmvY_sEtCx3HMcrPZIm_lSJFu1ukjeP9y2Mxjvz_ArOIqbSFrqfkBV0oycxrGOfSJJRFgC05kDF5GM7zPjlrHKPSsLlNa8y1wdS8KuXcUa9i3kX09jIyQXiO6rWLgsc2tGDd1yUFhC1l_s3p6UXJr56YNYEG6SiUfugZe7DNQwKcWo273EebzkGWWrBzAdH8rMqI3xQA26jPzFutqZ5N_8Y3nXjJ9TtDRaAegT7sWjVMpOGleNYx2cLsZiSwbAREEZAnlth7nJiK8SDYrLSCaVeZtLCX9YdBfQ8USTs3zTrag4u5JShMZrG6UVsXycHiuINkqULGaBk2ax-XYvyG5luyGlp7LoyEVmevLVu3McFHgg4MszK6HJX4CBfL7k6ff5HBS9hlfzSjaJrbkC0HqRXMgAfr9gZ8uDfYD1ZUNuQPcNpx5c42m1HxISLGLaZolKqBRh85pztPCA0kN60uLoqE9ctZe6XO6eI6MLPO-7k_UXOJ96HKVjbA7p_0Y0PtU-LQxKqZsAeQr3QIHOzf9x8wELWl4Yr3ZSwhLaCar7FxmV-Bj8i88NxWUj5d6XFHMP1mVKSqRvaIYjnZz0wYn61Fj8StkcawDTezMG_J4JjpTGXNvrGs-RHIFTeu8GOtPv-KCL1pE4EtdP_h775k1DR-6UlSDhb8721ahwKjRv6pTSVZGk_CMXGji61zo7UIUFUQ4BwKiM82i8TTkT8eKMFLIWluwtZD0dI0cOyRCMG7XprVEv3VVZoGb9cbxHdQUSctwjlLfgiEXTpX0I22qQb3uWqkYd4_dMWxP429-3R1z3P_tImfnypvza2zNZyRnBYTDta1zF40TIt94hkphpKNYg-CYT1lcd7iccyenHOR_SVkqQ3jBKfsfP4IQ76LYHco19m7uTC3REW8ZfqzexxuM223lBhnWU1QAbDSrO9DKc3SNcoNIyUdr2DfThszuFFThqJyHzqR9ftmOu5bChTcouIUWPpQ_KeAMcJyJW5OXExJEQNHEz7tpVvmhGE-MPB8ChJ4OKfS-z5ohItMAcx76Yaj6rRf8Zer__tanrYTLZXBkHG1bl5kW5qBwnkhz8xGfPGKxpc6tiZa8Gk7TQxxwbA43in4v0CqMTcWanregnjMorvL3IYYujKm0s3xPMGDWrP_d_SHI9bVzlH9ZWr32CjYr2PkjeSJluRU8LXLFxpo1bn10LKKJx3KCMO4LssPZ1McMKJPqM1z9Lpvsvu28Fs-xkJNe3Lj2ZucvdcSkvutW8yFWP2-Ks6gqJboyG5VoTg9rYBIwbbu8-A&cid=CAASKORoV8rsgJAyOxmyAAoMlcU4PcmepiPhGz0nm7RmuC3Jmym1Bc2qirU&rfl=2%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:13:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame D5CB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B__6EVbH_o1G-M20vs6sy9miDpKK4vdnVf53_usMDNrkDHpdkvdPhQI18S81t8dk6iRdK1mqKdB0H_Xg6kul1Z-Ew4dP7E_JLMOZNwzONl55r4crvazVghLc8hhcx4SW64pRYD6QDamKTmdY3Ko8dEpqmhXA&dbm_d=AKAmf-Aa-W5Ubq8HxTvm6vzUDQXzqTCslwknJYB6F4e0HE6soU9myBYOMTpRANWDipfd0FJtrF-UGCyqmkJwsh2_erdKPuYtw9vcLAC_q5mzbv4JG4dQ-knqpWUDBwP6Yit8tEZnJKz-NvujbAEJWPsYl7QBhHKsZHFs-q_cOI5zGZmS4z4Yxws6-a0EAf9Tshis9-0xqy-nt9x2wWLhgtndoiDVFMhsQgcw5TteLOBASLCwySz85I7-3Wtwiz06M2oZ-lcpzakQs-WxagJFrwTWuWgiSZT4bygQvziFwQkNnlZy8YkYf2Pc1UmClr0_jL6EQT2welcLNMdzUjnKeMMOS7nU2dqUnOsRgDCKI1YQt0I4srA6rCZff7yE8IWXRB2HegHu8bVdlQDIWxg3XYZ8XyNxSlWBy8IezzcHUapb3yXd9f0vOWi50iun_Uu_8qsqxv5lnLJVuUAlphs9jHaCLnAtlgKmZsWXnaLDMUbm5JwtG-YzSQWGBNw3PJTfcTI5XN4iQxPGE6-jLYmMIgjgPWhSAveFMU99ICsvBvqIZcZxD1SNlqGLWSynsHjhRkCIQ-lEy2kMNIgd86wNu7M8_yxOoF1aztqGaB4dQstg8SEt3T3eRnnnyLYA_sAeOkGsGniSJVpHQ8Ts4hmLgNMN1_0y-9hO6ffSj9z8VT9rHd-L_yoH1usMSpLacmhW4D8OKIzq3IV-W_Q30JinDVE9rT4BeUyVselrqGQLSi7lp_7tL5ZRWhwa6TcSO3NYsEMmUF7Kv0rNIENRd36-fowqIMA6e2VXP7bhLXq7zu-OxSufKjV4TS3os-eU6crEP8yQMH8uqxN6X1vcxylw9IwNEyuzV4d21FAoh5V93agdsiSjnJSnCoJCTfRBM5DxuwDnXxlg_O3laIOAzi-iFogGTPkIn4dDc49HnUoDQeeA9GbxdFkFwVWoOfnEZ-VjfjU9qNwg6-whVjyXWhyS1l0nlfjyerhjxA5LtTdx9LCao7olC1J8TMc1dL564wonCyICC-7D_OPvwOVc7Guh2vhh6o4AM2ZULvZIBWmjWWy5bTuduiQU5P3QXjRmi21pINgC3DNwXKMbzMBODWrsVPLbiklSu0G1k6bRuA5G-oSLnJMClBbmO20oDIsMb4QUUdl1GbqJOO6eQ6LQi989d5J9dO1Lhm7uR4fmEj6w-mKLiOPktDEUUMfoyvCGr6DNTrLUYD-v6WhJOOAuKrvOd4Dy28Ye5Vsua4ffte7D_jNyOQTenfHt4WYED-d7zGs1gdrk0VAZ-3SuxhmiYbyvWuQhtBvQD7_hIwW89X8V4J5PeSwZlF9Mmz4GUU5A7a8AdYkKvMZ09BzOmq8NSNj2F1jSs3i5EqupX9cEhF_wkfBzs-b7tnw9Jg4MUzzuysl-tr4PsnayjfN5uhXcRIdeOy0slza4zp-jKD7fGgeJuhX7IZpHPWJaaSdvuhXjjHYq2hD0Wpn_JPrnK2ZeGliEoMkR0hb5blY6Z55eBRccq78swnTWQ54SvoTZNhPXd0Nckeql87y3trvJzP3n0gCvxMO7OXa0m5CUwtHX3a_jjhpY_pt3VY73eGr1BrVDo1AsQJuLat7Yi10tyFDWEAKzg0cIQ8b6DK7SD_OVYejo5YHgtrBlJwlELgYwRheG-6AIcnsiXM_-eQsBaJnBlwjyAf3Sr4acbssv70_CjNGjLiXN8pJCjwpt_P-jkdr9nNILzhCXpydVYxyStFXtXAcwHy688Bgw_eaY4gHi4WPdy8ioh5USADa_HoGemGNwHEq8tbRcMVchigz4GFgREBqGFF42RJQe3bGNOtpPFK5_VwCBKPUDz5qh7OoeMXjHxim8xbNJSAO-b5-1Vi4w8W0YVCdXj3yMJfFzkvefHJIylGhvTdL2fHQ3XP_-A3wmPUZzKIFFRUjJ14O42n-GfJgAb6z0ftlgKxU_1909S8iXXsYQLDktEtc3c1QUO8JEmJJMuxXc_T5mthaGV6QDi8dqOSyV3W4CKuFkCUqIu7f8XVVVkFVciudBcnueBglkdR3SfT4B1y0RF_EuPMMjpPzzDwlWZff-o7ORh37nC4-SKLp0qEjkYS0a76nya2Iinf_YZsXKNcbmUvuOoOnDRbX7iHdBeX_jJX1d_KX4liQbHM0P7oORUDQfEnQ0nfN0d-UDqBHze6iYW4w6meP_f_Pmm5RYbKY9MTPYiz9fpMXT2tefQ1oX0K2JUoQnPLkJsSc1cTmFekQEr4jk0dzAHSMd9uoejhCVHDVdKPEYppwAu1PrepUN_nu3uqyZUEZohxUsej1XkguH4KQ_KdiFmvY_sEtCx3HMcrPZIm_lSJFu1ukjeP9y2Mxjvz_ArOIqbSFrqfkBV0oycxrGOfSJJRFgC05kDF5GM7zPjlrHKPSsLlNa8y1wdS8KuXcUa9i3kX09jIyQXiO6rWLgsc2tGDd1yUFhC1l_s3p6UXJr56YNYEG6SiUfugZe7DNQwKcWo273EebzkGWWrBzAdH8rMqI3xQA26jPzFutqZ5N_8Y3nXjJ9TtDRaAegT7sWjVMpOGleNYx2cLsZiSwbAREEZAnlth7nJiK8SDYrLSCaVeZtLCX9YdBfQ8USTs3zTrag4u5JShMZrG6UVsXycHiuINkqULGaBk2ax-XYvyG5luyGlp7LoyEVmevLVu3McFHgg4MszK6HJX4CBfL7k6ff5HBS9hlfzSjaJrbkC0HqRXMgAfr9gZ8uDfYD1ZUNuQPcNpx5c42m1HxISLGLaZolKqBRh85pztPCA0kN60uLoqE9ctZe6XO6eI6MLPO-7k_UXOJ96HKVjbA7p_0Y0PtU-LQxKqZsAeQr3QIHOzf9x8wELWl4Yr3ZSwhLaCar7FxmV-Bj8i88NxWUj5d6XFHMP1mVKSqRvaIYjnZz0wYn61Fj8StkcawDTezMG_J4JjpTGXNvrGs-RHIFTeu8GOtPv-KCL1pE4EtdP_h775k1DR-6UlSDhb8721ahwKjRv6pTSVZGk_CMXGji61zo7UIUFUQ4BwKiM82i8TTkT8eKMFLIWluwtZD0dI0cOyRCMG7XprVEv3VVZoGb9cbxHdQUSctwjlLfgiEXTpX0I22qQb3uWqkYd4_dMWxP429-3R1z3P_tImfnypvza2zNZyRnBYTDta1zF40TIt94hkphpKNYg-CYT1lcd7iccyenHOR_SVkqQ3jBKfsfP4IQ76LYHco19m7uTC3REW8ZfqzexxuM223lBhnWU1QAbDSrO9DKc3SNcoNIyUdr2DfThszuFFThqJyHzqR9ftmOu5bChTcouIUWPpQ_KeAMcJyJW5OXExJEQNHEz7tpVvmhGE-MPB8ChJ4OKfS-z5ohItMAcx76Yaj6rRf8Zer__tanrYTLZXBkHG1bl5kW5qBwnkhz8xGfPGKxpc6tiZa8Gk7TQxxwbA43in4v0CqMTcWanregnjMorvL3IYYujKm0s3xPMGDWrP_d_SHI9bVzlH9ZWr32CjYr2PkjeSJluRU8LXLFxpo1bn10LKKJx3KCMO4LssPZ1McMKJPqM1z9Lpvsvu28Fs-xkJNe3Lj2ZucvdcSkvutW8yFWP2-Ks6gqJboyG5VoTg9rYBIwbbu8-A&cid=CAASKORoV8rsgJAyOxmyAAoMlcU4PcmepiPhGz0nm7RmuC3Jmym1Bc2qirU&rfl=2%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:10:12 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame CDD9 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Origin
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 11:47:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame CDD9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_yyiEIx8L_QlRi7gDNKNVWcJdwrrrKt6Tuae37iT2VGLEfLlZ7iv5Mn0cHnBDdG2hoDFT9G89L0zS32tIlIGhXR7B5-fn3LNzq9tyr6v9nLNFVQb5ac1VwMF3b7I_YT2Zvia6e9pBsxzvjlP-hgIU3iFBKw&dbm_d=AKAmf-CP7QHZMbgTPyWpD9qLT7qkoQbFnUejgOr7W1Yu8YhXwplxXa3ILbWDkGME95FGzJy6Q5yMDVcIe3925je-IRaZybMWrTqAmY79rpO3dq7luHBrG3M8MHX_vtNuS35c_sMKUWWWg600tJwjZakeVw-YDK_KOPAWlpZRc9cDFhzq1G4fWxnV8US-XivRcOzvz7OSEsHjPKtqAPTL25FDCy-WmGZ_0yeurPJ-ypoH_doWNRQET5ijOPsgmUaCVBj2Ij9JYrlBta3MohCsYn10VrbatIC3f0x5IST1pY59CYSUKhCYO0IRzhI4jYTPgwEUOIEYdkKzNNwbdZF_Z3iZF82XaTCHz0yAHd_9STL-VQCtQl5IaiFCrnvGBDrqbo-w56zAMXbgtqpVg2xqdPqYCd6n_hn5jbRoPH0sHfvdf49YQRTu6guqwrUd-IXh5Aau4cvXZvjRiu5jLPK1_uh-a3AG2BjoKxiYTHW8N14pCfnbSh3Zjzp89E1SPhHJl8Ty34wu4Rjm4K3hFmgBAQtCJinoGy8Dy5QpPDgzYcP12N9JJ3Z4J5JcK5DM6ekIhw46yW1cv1-Pa9_2dfJseUjp-6_odRvaf1uGEnwSg6uozpiPb9xe5NxNRvtzIel1JlKWWhhx4uYkVM4zcI1zjWJaHWb51epI4HVj8jQDXvXN3D9ZKgaVEdD4gVC80Px7f5c2EcPPHYuWhXiUfRKE0JJ68GK-Sp3oDmkXmF-3e9sldosfrPjVlM2q_zV6pE4gdAQ_G_Aac9qFwxLll0XDj4o_wXWIn4Btd0UvKpMmTkROAgiPiPnBBN0KkOjY7loffAv1laQvyVDiyrlUwv45yBY6QCj5k_Rs6RE4MgX6P_Vx4s01Kag8ZlpsKwbCfTo3tI2eIHSo99Ds-R9ehi3pli3OvUq-pjHcWrxOZV82nDQrhfwCzN4AWGsK2TuUogE6RNCMSDCERYSDmCbzvLu7TKYQhvVVgIhEGk_37QDpeCHSsE9clNYxc0bjtIWZiE_eGnphuSh8Yt_dN-nvG9f3Y4Vv6lOJ_tYpqKjEV__M_MJ3b4cRTt_MBFdgameiMkb86WvvjVVyVpD2WErr2OHHVIPIQulska-8Tsx8ZRWF_nmtOHLziJZWKLCRPfUL0K5RI3Bzg1NwD1csPPZ0G6cALnqqCV_xCGuqxwjDgVRtDlIr4Qe-dQdzw8VIIMzYQ8CM-WyFyNBkrV1WPMpZkT_ly-ORzg6XvsdDx5ujqsI2CVL9yGN4D3oIPdiOEYUr6NV6Qr6ujiQK56b13Xu_6JBCOKGAi4B4DDlvHxmhCqCIG7WVAZqTe77z2juIpQwCWt_Uxc8ZxpgN2IZAP81QPc82bes3llilwQMUBfZrAvxVBHBIKworYQv_eU0xRQUk0PJy4rT8kLRuENNtKub-qMYO7IxVJIF_8ynaQuY9PznHejFtVnaQentws4FmJa_I_8rZbbaE_FytVeZaEBn89FkiXwUcpAdHrgS_y4B0LlKKW6L8TSOeoVchdpeGOCJRW6C3XWolHCyq-AYlQxKqznL48sk3TliYHJ9TLfzEW1P0K5bf_dBNIwsu0ETftungwT4lC3sM1oHbz0Pyy0fsei-B2ncjnM74_eP37wmoLCre56p3GpYzjER80agQGK855-hRb4kZNekf3lfB5FKxsachVqViFqvMh2wccmd4zZ3rvDJL0aYyYlfUA6w-byB0WLCf9mol9hZjbfcroSxQttoo0g3YrO58Fn9aCm_fFByCBL4lkCBANjWuToO7NWJsFr9F-7ChVxIZcIA9UaVjFTLgulofLVcPQzY2CQptKfaENgVKFDh35X-ELHliUGgZ_x210pndoDt7s0m03607_dkrnBVi1Uqoo5mSvuwZbWWWvdieEx-vbt15cROSQSSR8cociFHf7_792Mr9PacxSFpjoMihLsWI-RCrMFf7r6FlztupFweuro5P4opvxz1GjPDEcC6nKUzjG0AY6GxUiWqwFBtqBWR9-ZWJ1bUfi-f1g8ykod_IAwYSLGP7WdI7Nx_7mCRKOuYomq1k5XwjnYtTAavjGctVDy0TLc5FtCw8wA6ZntDHwkgsyiYdduY0L_rKGxZABLhBlxaCGMLpYKmc-GrJQ3mtgUijEPVG2QxSRv1sDguIRdPESaPijYukgFkEIKM0VMrgHQsXYCQBgANusPKR_9atPCe-vqT74NKLi8yqp1vD3jfyQvkhFAPybkGX4fRAa6EOxkquFYYptigvi2-MqvZYGUTWcSSn6MymOhstPo48ZiSYYX8BCM-FmY7bsQYp5PyCDcptAe98qOMefwS_g_kguLIH0tOYDEEtpwAqc7njbRNByzDRCBBuL8AQtFbGJctOAba47g-NE_AhUYVfjTK8j1pl2Fjv0l6ZhKzLqGKPkYpkFrj4MrTXfF69q_UAn32e_jR0mvQsCbOsH5NmGnjEIsEnC4ysk3X-sRFV9te_AyWMrOS2ExeViPp4erDnmdvYnyJCZLpQDyyqCRCctI_RaX1XIXDKHHw31ETGkqfNRy0CXOpsqo3F3qVA9GS4lyqmZAG5qLvL8udZ45R6imwoyubkIJ9luqh9wOnJxwaZ2QEjVw_BoHXZNtHul5iQwwYoNIcxay8T-j2tN1UWWuT4K9Ql9u9sLsWFil2oFWVfAcLLiCyqW0P4clIzf9deq1LvUzTi9ttNGHP_NuMDZE_OdiT5DSpVPVHARXbp6xYrDEWYkXnVmbVt6k_rte0d4Xe2oVeLF_3FdRfjYcyditr4g83MqIktioc_XJV3O-00Hi5yuNKZBSCd1pJ0mzdae0CK1eVOFtXithrVeAF4CtY5hBsL_ph8vrnVlVigxklqmqqMQWV5YjQlEdfGXw4Em4xlY4WIkRG8zs5pxwyYmveBuVHPC-XMtQccuPIoCY7XDidJ0j3fkwyj84GmDtIQ24D2SsV3Wkn-oLc7t8q_zOjbS5d4v-OQK-pmmpAV3g8UR2Bz6e3FcvLbt4cxAjfS9NXXX3rVlH0YGmhCGbmZ7-Y55Va2ZDLeP_xhBXmSDuwDxAHbrMCtMBfcxwyo1w6bQIuVZfAZt7oQvuB2CSJ95WZzLcsywKjmvl_Vto9DUeCR3l1fE430a-1QGaKCeQIq_9IOhWLaeNRHX78TwmKrGvYFIcqQbKGLwQ3hVbDfRHBaV_hVwCmXsqtAJWblChGBKM3qfnS4a5dYpcCJnogP5Vd8gPKWiP44cyMvTlKk5hWOxzbGYGzmZHgPHb3DtIcbYXCFAlZtHA5CwZuPCIx3hd9-XQ7LjODxsHNZnD2Ujssnvg0E1MbQEUqiU9klys5bDCtWJiTg70mLgdjdxkYKHEeA56_tb6UnPQS6pu8X4e_N1yUIy1w_HohQKGuWazeSN41c-RWlfVlSO_MUP1CUEMp_YEolVMNtIIF_JDAJVK0B4FsYduT-xgqDFegbqJO-Aub2EOLKdUjLEzqMT2ozgvKY7lKpGfXlsYL6NVXlw5J7uVcvQ-I1ZcXcXR2_u-iT2byFtDG1f6kBt6xTsJVD26wptt3Vv5t3Mkr3CGFQ_CWaulucd3MPXzm3hwl7AX38jVaXyjzN&cid=CAASJ-RoBm76mJ9ZOqx83Y9QZ0iSLnzn9Gf67tJsA-wJRV89yagmXi0gYg&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:13:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame CDD9 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_yyiEIx8L_QlRi7gDNKNVWcJdwrrrKt6Tuae37iT2VGLEfLlZ7iv5Mn0cHnBDdG2hoDFT9G89L0zS32tIlIGhXR7B5-fn3LNzq9tyr6v9nLNFVQb5ac1VwMF3b7I_YT2Zvia6e9pBsxzvjlP-hgIU3iFBKw&dbm_d=AKAmf-CP7QHZMbgTPyWpD9qLT7qkoQbFnUejgOr7W1Yu8YhXwplxXa3ILbWDkGME95FGzJy6Q5yMDVcIe3925je-IRaZybMWrTqAmY79rpO3dq7luHBrG3M8MHX_vtNuS35c_sMKUWWWg600tJwjZakeVw-YDK_KOPAWlpZRc9cDFhzq1G4fWxnV8US-XivRcOzvz7OSEsHjPKtqAPTL25FDCy-WmGZ_0yeurPJ-ypoH_doWNRQET5ijOPsgmUaCVBj2Ij9JYrlBta3MohCsYn10VrbatIC3f0x5IST1pY59CYSUKhCYO0IRzhI4jYTPgwEUOIEYdkKzNNwbdZF_Z3iZF82XaTCHz0yAHd_9STL-VQCtQl5IaiFCrnvGBDrqbo-w56zAMXbgtqpVg2xqdPqYCd6n_hn5jbRoPH0sHfvdf49YQRTu6guqwrUd-IXh5Aau4cvXZvjRiu5jLPK1_uh-a3AG2BjoKxiYTHW8N14pCfnbSh3Zjzp89E1SPhHJl8Ty34wu4Rjm4K3hFmgBAQtCJinoGy8Dy5QpPDgzYcP12N9JJ3Z4J5JcK5DM6ekIhw46yW1cv1-Pa9_2dfJseUjp-6_odRvaf1uGEnwSg6uozpiPb9xe5NxNRvtzIel1JlKWWhhx4uYkVM4zcI1zjWJaHWb51epI4HVj8jQDXvXN3D9ZKgaVEdD4gVC80Px7f5c2EcPPHYuWhXiUfRKE0JJ68GK-Sp3oDmkXmF-3e9sldosfrPjVlM2q_zV6pE4gdAQ_G_Aac9qFwxLll0XDj4o_wXWIn4Btd0UvKpMmTkROAgiPiPnBBN0KkOjY7loffAv1laQvyVDiyrlUwv45yBY6QCj5k_Rs6RE4MgX6P_Vx4s01Kag8ZlpsKwbCfTo3tI2eIHSo99Ds-R9ehi3pli3OvUq-pjHcWrxOZV82nDQrhfwCzN4AWGsK2TuUogE6RNCMSDCERYSDmCbzvLu7TKYQhvVVgIhEGk_37QDpeCHSsE9clNYxc0bjtIWZiE_eGnphuSh8Yt_dN-nvG9f3Y4Vv6lOJ_tYpqKjEV__M_MJ3b4cRTt_MBFdgameiMkb86WvvjVVyVpD2WErr2OHHVIPIQulska-8Tsx8ZRWF_nmtOHLziJZWKLCRPfUL0K5RI3Bzg1NwD1csPPZ0G6cALnqqCV_xCGuqxwjDgVRtDlIr4Qe-dQdzw8VIIMzYQ8CM-WyFyNBkrV1WPMpZkT_ly-ORzg6XvsdDx5ujqsI2CVL9yGN4D3oIPdiOEYUr6NV6Qr6ujiQK56b13Xu_6JBCOKGAi4B4DDlvHxmhCqCIG7WVAZqTe77z2juIpQwCWt_Uxc8ZxpgN2IZAP81QPc82bes3llilwQMUBfZrAvxVBHBIKworYQv_eU0xRQUk0PJy4rT8kLRuENNtKub-qMYO7IxVJIF_8ynaQuY9PznHejFtVnaQentws4FmJa_I_8rZbbaE_FytVeZaEBn89FkiXwUcpAdHrgS_y4B0LlKKW6L8TSOeoVchdpeGOCJRW6C3XWolHCyq-AYlQxKqznL48sk3TliYHJ9TLfzEW1P0K5bf_dBNIwsu0ETftungwT4lC3sM1oHbz0Pyy0fsei-B2ncjnM74_eP37wmoLCre56p3GpYzjER80agQGK855-hRb4kZNekf3lfB5FKxsachVqViFqvMh2wccmd4zZ3rvDJL0aYyYlfUA6w-byB0WLCf9mol9hZjbfcroSxQttoo0g3YrO58Fn9aCm_fFByCBL4lkCBANjWuToO7NWJsFr9F-7ChVxIZcIA9UaVjFTLgulofLVcPQzY2CQptKfaENgVKFDh35X-ELHliUGgZ_x210pndoDt7s0m03607_dkrnBVi1Uqoo5mSvuwZbWWWvdieEx-vbt15cROSQSSR8cociFHf7_792Mr9PacxSFpjoMihLsWI-RCrMFf7r6FlztupFweuro5P4opvxz1GjPDEcC6nKUzjG0AY6GxUiWqwFBtqBWR9-ZWJ1bUfi-f1g8ykod_IAwYSLGP7WdI7Nx_7mCRKOuYomq1k5XwjnYtTAavjGctVDy0TLc5FtCw8wA6ZntDHwkgsyiYdduY0L_rKGxZABLhBlxaCGMLpYKmc-GrJQ3mtgUijEPVG2QxSRv1sDguIRdPESaPijYukgFkEIKM0VMrgHQsXYCQBgANusPKR_9atPCe-vqT74NKLi8yqp1vD3jfyQvkhFAPybkGX4fRAa6EOxkquFYYptigvi2-MqvZYGUTWcSSn6MymOhstPo48ZiSYYX8BCM-FmY7bsQYp5PyCDcptAe98qOMefwS_g_kguLIH0tOYDEEtpwAqc7njbRNByzDRCBBuL8AQtFbGJctOAba47g-NE_AhUYVfjTK8j1pl2Fjv0l6ZhKzLqGKPkYpkFrj4MrTXfF69q_UAn32e_jR0mvQsCbOsH5NmGnjEIsEnC4ysk3X-sRFV9te_AyWMrOS2ExeViPp4erDnmdvYnyJCZLpQDyyqCRCctI_RaX1XIXDKHHw31ETGkqfNRy0CXOpsqo3F3qVA9GS4lyqmZAG5qLvL8udZ45R6imwoyubkIJ9luqh9wOnJxwaZ2QEjVw_BoHXZNtHul5iQwwYoNIcxay8T-j2tN1UWWuT4K9Ql9u9sLsWFil2oFWVfAcLLiCyqW0P4clIzf9deq1LvUzTi9ttNGHP_NuMDZE_OdiT5DSpVPVHARXbp6xYrDEWYkXnVmbVt6k_rte0d4Xe2oVeLF_3FdRfjYcyditr4g83MqIktioc_XJV3O-00Hi5yuNKZBSCd1pJ0mzdae0CK1eVOFtXithrVeAF4CtY5hBsL_ph8vrnVlVigxklqmqqMQWV5YjQlEdfGXw4Em4xlY4WIkRG8zs5pxwyYmveBuVHPC-XMtQccuPIoCY7XDidJ0j3fkwyj84GmDtIQ24D2SsV3Wkn-oLc7t8q_zOjbS5d4v-OQK-pmmpAV3g8UR2Bz6e3FcvLbt4cxAjfS9NXXX3rVlH0YGmhCGbmZ7-Y55Va2ZDLeP_xhBXmSDuwDxAHbrMCtMBfcxwyo1w6bQIuVZfAZt7oQvuB2CSJ95WZzLcsywKjmvl_Vto9DUeCR3l1fE430a-1QGaKCeQIq_9IOhWLaeNRHX78TwmKrGvYFIcqQbKGLwQ3hVbDfRHBaV_hVwCmXsqtAJWblChGBKM3qfnS4a5dYpcCJnogP5Vd8gPKWiP44cyMvTlKk5hWOxzbGYGzmZHgPHb3DtIcbYXCFAlZtHA5CwZuPCIx3hd9-XQ7LjODxsHNZnD2Ujssnvg0E1MbQEUqiU9klys5bDCtWJiTg70mLgdjdxkYKHEeA56_tb6UnPQS6pu8X4e_N1yUIy1w_HohQKGuWazeSN41c-RWlfVlSO_MUP1CUEMp_YEolVMNtIIF_JDAJVK0B4FsYduT-xgqDFegbqJO-Aub2EOLKdUjLEzqMT2ozgvKY7lKpGfXlsYL6NVXlw5J7uVcvQ-I1ZcXcXR2_u-iT2byFtDG1f6kBt6xTsJVD26wptt3Vv5t3Mkr3CGFQ_CWaulucd3MPXzm3hwl7AX38jVaXyjzN&cid=CAASJ-RoBm76mJ9ZOqx83Y9QZ0iSLnzn9Gf67tJsA-wJRV89yagmXi0gYg&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:10:12 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame E87C 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Origin
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16208
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 11:47:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame E87C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Albos8RZPeq_02mi1JcMJU6HM_gsvHpJxr50nOG7Gi3JvfX0XTlnosyRR6ZgVYBCg2pLX995JhBaC0T56z-SGgZCwdF7UV9UlpSgVbQiC_owoIhVzQzFR9B6K4yi_YDqwqh2kYvhtxsyLb6tMhQmcQlrPhhQ&dbm_d=AKAmf-ADCIplvwsgqgDipLXmoCqNuxlznuci-VQtafB9bfWf8dnuUaMTE1n6_G6OJOnyt3vySKNt2PYfMZZ5qzuYrMZS0sLsIpaK4ebNuVLCMex7n873bgaM8GadphuTz4gICB8LSEuzEgXjeAE0p8Fj0_o_5qBDHQr59B2ISyteTnbcoUXxXY7fZmHb69gBc7lAIBR5M1YXlHB0VNX5xNVsl4q73xqR-VuD0hDaGPKYor-Y5GC8QXDR9NDouHVMFvbpgao-E_SHh7YwTTS0TDk4zy1cE9Yv8yvqK_KHLNBnV-T6R_q2bTcGyJxc3_Ey1FKvfJvy8gvsn5Dwg3-D9KSGwuWy1AaRf2KmDrMXkt88O0rWuwyKwyal9JkZbxF9qBef6QReWxcc8hlw-LQh05gWH_hSawiVvx22r-9LJ3S4aevELPRAvOUzSRbWwPOoO2pckTr6oz4rimE7wEQoy9s8mpG6FRZUH6xV6pahgnvzmbXcMdrSu0hCyuG82NL5FruRSaVpr324uegvhHwCegLaLmPWtNxC5iG2iRJdXb6JrXeIJqIgjAlBzX6E-pMBIQJGBGhJJmxSIoRoFl547RZF7_tZHQuuK8yW_t8cR9P3_etgjccUgWdgcIStN9fiJIAdXFGAvp-hbMQrEZJ7Dliau4s0xyvvenkgHzqT5c7oJqO-dbvIjZxGAez5R8IND1RoxhsIN4ikJvEz--j5YPyTDkFRJzk7JTt2l_2jR3B75Vi_Fq20XS-ofXdXOXhNV0UW6OAGzJJpv20LR3uEOAcf1WjUrhj9lrBXXm1SitYbbcioZW-rbPgg7ug-kMzUktYL92mvW6tI5TV2JxQbEgtSGUugf45OhvI1tE5hFSrs7YufitMb_HnvuVRcg72FrLMkywj8QMBKS6X0AHMDkAOGYM9o94K1RS-lKl-erxQz1QZSXHDdUKWf9RRmFlP-V-NyIa0GdBtdNAZH0toq1qvOc0V2O-3IIJiY6ME_jloW5RX72yMH0moO103MZfnrvVzsHeWq5FM62X7ViLf7G42sjAlkrh7ul8eAYHYV2ZIjan3vdBaLx9EMQm69AiF6_qy4JIQI07cL_4nNrY2pWykoxJLXSo4LN9bYeYwtHLAt3Hl6mfKdYgrnbnJpA65SRae3rW4cF03N4-sM5Obafur8rEVJJlit-xIoUqLP5lzhENqSmn0TZWWIlzrE7Fl09HEEoQqzHs-A3DDhL9KVUzXRvdi8VOUDKWw36j9PNKMqNBxOpFedZ5Cs7ZRt6WTHo-MDgy9w6ddVGe9rBEAEV61ckgkpm9eftWVyKkYHNsLt61fnjYX92UVad6yEdHZVPODpN_cl5JfU9Hg3G012tJe4wYs8vV11tJEVBDJTOaetFN0vmak0-BasINAWAG9c8ilYx6tRu2PFV_c7t3ZEJ6zO1sg4NAosavydBqQVvk3n_jN9I_G7wO3gW4WZfX-Q9WXQHeqSkxL2aq0qqyTlbOW8uZlzwatcaVfRaCh0hhZr7GitzVkJ6c9JQLl4tEH5Djpa0ByOHRHNkeFCdFN-5uuVDxJ6d0uO6s6SGle3_J2JPrZ8tsBVZoHWbpNmZ5qAbgjHhj4Z9Ob1swG_NUNSVpBXL2ZXVYfED-OMkiiscuVOh4IzDIvhymktr2MfsnPIscXdqC_POpN_ZCpP3aomsHxV1CusunE1Sr5o8eyDkFaCtiFZAF-xiW-s_b8owGrkEctJxC631uKMctD0lf6Br8e4HbBC23j3a6TR24dlzcGwAauVivVaP26-ON3SiGr7yvNGTjQdyIaTaw4XFiFOXlaCpK0IxjDQQSCJZK1-NVYffeEMox89jqj61_Tqzoy-WKZzObwwkZwxIrBm6S_jH02R579L-j4YTi8YkM2MzdCUY7IlpQpq5Rt9wXSTxENBvU3PAo10S65hzHldyL4xKWBum0eMCjy6ZX64hOtVt04HP8mUW65QorszekcNVId-wQy_pifDvGHyQkq30F3G9m_0Lm2Tq9pYS-heGSu5QHkwCbKZ0fgpnb_5kwhRFbrFKBZBQuJRPGIs44fh_PW8TCZSHkD2Cjel_-mKREa-Kyw6D_38OSkik4PtjDCCFhnj24T4bIbBD8ZrS5bOHQWKnIx1EaPxLho5rBzTmpUkKxuvKIV0UvBbK2ycqtMWKB2M6iZtmsRzfjnvhwtWNkiVZsIQWHeLOmcJ6vSAoi9mXCZCgWco0lMdATg8If44SKErhsk558AvbiqeKzMndsfxWwv4xbg8qWU_NIaznQbma28Qac_k9KJsLf-DtYqLEP6S0VLeLAbquKfs3V_s-Uxq08aySA63hLUnM_gvEspDZr53P79GXFnYjBLG63Cr0KtvdrZCYsvqRG003xAc8UHz_aDMIaa3UehNoQ8mpBl1lkzdeXLeYOzIdllG1uE9ohy852S_joDJuqhP9MzaDHQKX5fvJFoZDu8Cd3gurwpP4HKy1PvuSy9zuxpZ__txIi6YfNYhTaFkZniwLFJL0qwksfGyee-sCK9xEgtFDxHCvsD3LKttTACIz2GEw9UBx1Egr95-YckUhdO3w1sPF0G2Ni6BJsJMDOEg1Fr0gwgGdPYA9myHfY7vRIWS8qEx97xoX93N3rKQ57kP0lzu7JDj7Qd_WYPg43A5MbT9Wmd7Wk5wH4pH6WDHQ03nnd-xrHHkY3lGa0LH5OFK8xieBTlOtUfbTDkkk_Ws_8p-se9aHdCE3vRmmiI7ecWn41tPFeJ5Z59epB5UZ7v2Q2AFT9kxLARxZjYRdgvfuB99gtxmE5Kd8sM5irkpRmrTS34QCyN4dBySBgfPWa4ITLzvaP27gYEpYDynvPipXj1gFb5RW0mDOQzM1Ht_kmRXNT_iYoJpfIPgAmyhBZKiA_yHgLH5O06RsEOTxaKRPW0eAx19fdXcCLzzxxj8MM0aqGQS3a5AV3XGFVeFN_wIRZ6GWOIm9KnrGJhTj875xPc9MeRke3bg8NUiMCqThGiCPRHSiwhuspTcXHT-g-HWwTuD5psO1JImfE4fPxidocU1XS6Lo1hnm51NI9rr1GK4NUn73fiIkuR3pw8KhNhsXEzK37yAQPIn5G2WORQe7d3bFUuYg62jJBk_yckyNzHH9_NpwzdnwaL5VX8221E9XJyXEbtnH4wDanC8r-CAig&cid=CAASJ-Rokw4I5P00cg84yg9phsCaccRawpz-D2Vv-L5Cfam9klv4Ddoffg&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:13:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame E87C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Albos8RZPeq_02mi1JcMJU6HM_gsvHpJxr50nOG7Gi3JvfX0XTlnosyRR6ZgVYBCg2pLX995JhBaC0T56z-SGgZCwdF7UV9UlpSgVbQiC_owoIhVzQzFR9B6K4yi_YDqwqh2kYvhtxsyLb6tMhQmcQlrPhhQ&dbm_d=AKAmf-ADCIplvwsgqgDipLXmoCqNuxlznuci-VQtafB9bfWf8dnuUaMTE1n6_G6OJOnyt3vySKNt2PYfMZZ5qzuYrMZS0sLsIpaK4ebNuVLCMex7n873bgaM8GadphuTz4gICB8LSEuzEgXjeAE0p8Fj0_o_5qBDHQr59B2ISyteTnbcoUXxXY7fZmHb69gBc7lAIBR5M1YXlHB0VNX5xNVsl4q73xqR-VuD0hDaGPKYor-Y5GC8QXDR9NDouHVMFvbpgao-E_SHh7YwTTS0TDk4zy1cE9Yv8yvqK_KHLNBnV-T6R_q2bTcGyJxc3_Ey1FKvfJvy8gvsn5Dwg3-D9KSGwuWy1AaRf2KmDrMXkt88O0rWuwyKwyal9JkZbxF9qBef6QReWxcc8hlw-LQh05gWH_hSawiVvx22r-9LJ3S4aevELPRAvOUzSRbWwPOoO2pckTr6oz4rimE7wEQoy9s8mpG6FRZUH6xV6pahgnvzmbXcMdrSu0hCyuG82NL5FruRSaVpr324uegvhHwCegLaLmPWtNxC5iG2iRJdXb6JrXeIJqIgjAlBzX6E-pMBIQJGBGhJJmxSIoRoFl547RZF7_tZHQuuK8yW_t8cR9P3_etgjccUgWdgcIStN9fiJIAdXFGAvp-hbMQrEZJ7Dliau4s0xyvvenkgHzqT5c7oJqO-dbvIjZxGAez5R8IND1RoxhsIN4ikJvEz--j5YPyTDkFRJzk7JTt2l_2jR3B75Vi_Fq20XS-ofXdXOXhNV0UW6OAGzJJpv20LR3uEOAcf1WjUrhj9lrBXXm1SitYbbcioZW-rbPgg7ug-kMzUktYL92mvW6tI5TV2JxQbEgtSGUugf45OhvI1tE5hFSrs7YufitMb_HnvuVRcg72FrLMkywj8QMBKS6X0AHMDkAOGYM9o94K1RS-lKl-erxQz1QZSXHDdUKWf9RRmFlP-V-NyIa0GdBtdNAZH0toq1qvOc0V2O-3IIJiY6ME_jloW5RX72yMH0moO103MZfnrvVzsHeWq5FM62X7ViLf7G42sjAlkrh7ul8eAYHYV2ZIjan3vdBaLx9EMQm69AiF6_qy4JIQI07cL_4nNrY2pWykoxJLXSo4LN9bYeYwtHLAt3Hl6mfKdYgrnbnJpA65SRae3rW4cF03N4-sM5Obafur8rEVJJlit-xIoUqLP5lzhENqSmn0TZWWIlzrE7Fl09HEEoQqzHs-A3DDhL9KVUzXRvdi8VOUDKWw36j9PNKMqNBxOpFedZ5Cs7ZRt6WTHo-MDgy9w6ddVGe9rBEAEV61ckgkpm9eftWVyKkYHNsLt61fnjYX92UVad6yEdHZVPODpN_cl5JfU9Hg3G012tJe4wYs8vV11tJEVBDJTOaetFN0vmak0-BasINAWAG9c8ilYx6tRu2PFV_c7t3ZEJ6zO1sg4NAosavydBqQVvk3n_jN9I_G7wO3gW4WZfX-Q9WXQHeqSkxL2aq0qqyTlbOW8uZlzwatcaVfRaCh0hhZr7GitzVkJ6c9JQLl4tEH5Djpa0ByOHRHNkeFCdFN-5uuVDxJ6d0uO6s6SGle3_J2JPrZ8tsBVZoHWbpNmZ5qAbgjHhj4Z9Ob1swG_NUNSVpBXL2ZXVYfED-OMkiiscuVOh4IzDIvhymktr2MfsnPIscXdqC_POpN_ZCpP3aomsHxV1CusunE1Sr5o8eyDkFaCtiFZAF-xiW-s_b8owGrkEctJxC631uKMctD0lf6Br8e4HbBC23j3a6TR24dlzcGwAauVivVaP26-ON3SiGr7yvNGTjQdyIaTaw4XFiFOXlaCpK0IxjDQQSCJZK1-NVYffeEMox89jqj61_Tqzoy-WKZzObwwkZwxIrBm6S_jH02R579L-j4YTi8YkM2MzdCUY7IlpQpq5Rt9wXSTxENBvU3PAo10S65hzHldyL4xKWBum0eMCjy6ZX64hOtVt04HP8mUW65QorszekcNVId-wQy_pifDvGHyQkq30F3G9m_0Lm2Tq9pYS-heGSu5QHkwCbKZ0fgpnb_5kwhRFbrFKBZBQuJRPGIs44fh_PW8TCZSHkD2Cjel_-mKREa-Kyw6D_38OSkik4PtjDCCFhnj24T4bIbBD8ZrS5bOHQWKnIx1EaPxLho5rBzTmpUkKxuvKIV0UvBbK2ycqtMWKB2M6iZtmsRzfjnvhwtWNkiVZsIQWHeLOmcJ6vSAoi9mXCZCgWco0lMdATg8If44SKErhsk558AvbiqeKzMndsfxWwv4xbg8qWU_NIaznQbma28Qac_k9KJsLf-DtYqLEP6S0VLeLAbquKfs3V_s-Uxq08aySA63hLUnM_gvEspDZr53P79GXFnYjBLG63Cr0KtvdrZCYsvqRG003xAc8UHz_aDMIaa3UehNoQ8mpBl1lkzdeXLeYOzIdllG1uE9ohy852S_joDJuqhP9MzaDHQKX5fvJFoZDu8Cd3gurwpP4HKy1PvuSy9zuxpZ__txIi6YfNYhTaFkZniwLFJL0qwksfGyee-sCK9xEgtFDxHCvsD3LKttTACIz2GEw9UBx1Egr95-YckUhdO3w1sPF0G2Ni6BJsJMDOEg1Fr0gwgGdPYA9myHfY7vRIWS8qEx97xoX93N3rKQ57kP0lzu7JDj7Qd_WYPg43A5MbT9Wmd7Wk5wH4pH6WDHQ03nnd-xrHHkY3lGa0LH5OFK8xieBTlOtUfbTDkkk_Ws_8p-se9aHdCE3vRmmiI7ecWn41tPFeJ5Z59epB5UZ7v2Q2AFT9kxLARxZjYRdgvfuB99gtxmE5Kd8sM5irkpRmrTS34QCyN4dBySBgfPWa4ITLzvaP27gYEpYDynvPipXj1gFb5RW0mDOQzM1Ht_kmRXNT_iYoJpfIPgAmyhBZKiA_yHgLH5O06RsEOTxaKRPW0eAx19fdXcCLzzxxj8MM0aqGQS3a5AV3XGFVeFN_wIRZ6GWOIm9KnrGJhTj875xPc9MeRke3bg8NUiMCqThGiCPRHSiwhuspTcXHT-g-HWwTuD5psO1JImfE4fPxidocU1XS6Lo1hnm51NI9rr1GK4NUn73fiIkuR3pw8KhNhsXEzK37yAQPIn5G2WORQe7d3bFUuYg62jJBk_yckyNzHH9_NpwzdnwaL5VX8221E9XJyXEbtnH4wDanC8r-CAig&cid=CAASJ-Rokw4I5P00cg84yg9phsCaccRawpz-D2Vv-L5Cfam9klv4Ddoffg&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:10:12 GMT
rum
dsum-sec.casalemedia.com/ Frame 77FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXDGS627ukWe-Sr2rIc4fHta3PH_9dR6gWDWmQO4C-091EcsnvwStTw5syoUKTHnlrmYy6a4UqoGlxjqU8mCcAqgX25UsjIfc6H7_QcBaQLzsAGhH_thP6bb2NUmfEvXJB5_DVXekkJq1osMVx-qh_CGAK0Q6gZiyDpq_m7udqdx-3YLkY
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 16:17:10 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 15 Apr 2022 16:17:10 GMT
rum
dsum-sec.casalemedia.com/ Frame 77FB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlmahjCqXYJON4RtVF3vHQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXDGS627ukWe-Sr2rIc4fHta3PH_9dR6gWDWmQO4C-091EcsnvwStTw5syoUKTHnlrmYy6a4UqoGlxjqU8mCcAqgX25UsjIfc6H7_QcBaQLzsAGhH_thP6bb2NUmfEvXJB5_DVXekkJq1osMVx-qh_CGAK0Q6gZiyDpq_m7udqdx-3YLkY
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 16:17:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 77FB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXDGS627ukWe-Sr2rIc4fHta3PH_9dR6gWDWmQO4C-091EcsnvwStTw5syoUKTHnlrmYy6a4UqoGlxjqU8mCcAqgX25UsjIfc6H7_QcBaQLzsAGhH_thP6bb2NUmfEvXJB5_DVXekkJq1osMVx-qh_CGAK0Q6gZiyDpq_m7udqdx-3YLkY
Protocol
HTTP/1.1
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:09 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
77fa1d3c-0b79-41d1-b376-afdd5cbed38c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 77FB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiYtJnIATAB&v=APEucNXDGS627ukWe-Sr2rIc4fHta3PH_9dR6gWDWmQO4C-091EcsnvwStTw5syoUKTHnlrmYy6a4UqoGlxjqU8mCcAqgX25UsjIfc6H7_QcBaQLzsAGhH_thP6bb2NUmfEvXJB5_DVXekkJq1osMVx-qh_CGAK0Q6gZiyDpq_m7udqdx-3YLkY
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:09 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dd21f8d7-a878-40f2-abfa-9fdada51f28c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 868F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNXGqr2RX93FOQAdvNVanH1E5P0tVAS81LYwPV5xE155nCKYRik627wtdU80HU0uCK4ZVKEGyL2ygmJrt_OhXG_X7XnsaDe-EoWFiSH1nlihvOiHdh-36P5TN_nwIBIA-GH9eCyB4pqsnx_WFsEsFQIRD8Z_2qFG0GeCZbNhDLJB453HB3Y
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 16:17:11 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 15 Apr 2022 16:17:10 GMT
rum
dsum-sec.casalemedia.com/ Frame 868F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlmahjCqXYJON4RtVF3vHQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNXGqr2RX93FOQAdvNVanH1E5P0tVAS81LYwPV5xE155nCKYRik627wtdU80HU0uCK4ZVKEGyL2ygmJrt_OhXG_X7XnsaDe-EoWFiSH1nlihvOiHdh-36P5TN_nwIBIA-GH9eCyB4pqsnx_WFsEsFQIRD8Z_2qFG0GeCZbNhDLJB453HB3Y
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 16:17:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 868F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNXGqr2RX93FOQAdvNVanH1E5P0tVAS81LYwPV5xE155nCKYRik627wtdU80HU0uCK4ZVKEGyL2ygmJrt_OhXG_X7XnsaDe-EoWFiSH1nlihvOiHdh-36P5TN_nwIBIA-GH9eCyB4pqsnx_WFsEsFQIRD8Z_2qFG0GeCZbNhDLJB453HB3Y
Protocol
HTTP/1.1
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:09 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b1ccf28c-a14f-4d2b-b490-d37a4ab296e5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 868F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNXGqr2RX93FOQAdvNVanH1E5P0tVAS81LYwPV5xE155nCKYRik627wtdU80HU0uCK4ZVKEGyL2ygmJrt_OhXG_X7XnsaDe-EoWFiSH1nlihvOiHdh-36P5TN_nwIBIA-GH9eCyB4pqsnx_WFsEsFQIRD8Z_2qFG0GeCZbNhDLJB453HB3Y
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:09 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ca95ae5a-e0a8-494a-874f-7d4d65f0263e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 732A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWwZnIATAB&v=APEucNVsRDNXS3Yx7oesxOAt4uTJBQ5Ab_is3e7xLyz0NnEfrCO019IaAHaU-hT_LrIujmHzB0Rm4jbPjIa4Ps3QxzOsCO0R6yEHkj9XJgRbmAxT6Rw3j21ssz__XLJQCWQbpvu9cJwL_SZ8kTiPJMaMcc94ciOkPW0p9Z0HL94bjiNrp2qksYs
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 16:17:11 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 15 Apr 2022 16:17:10 GMT
rum
dsum-sec.casalemedia.com/ Frame 732A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlmahjCqXYJON4RtVF3vHQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWwZnIATAB&v=APEucNVsRDNXS3Yx7oesxOAt4uTJBQ5Ab_is3e7xLyz0NnEfrCO019IaAHaU-hT_LrIujmHzB0Rm4jbPjIa4Ps3QxzOsCO0R6yEHkj9XJgRbmAxT6Rw3j21ssz__XLJQCWQbpvu9cJwL_SZ8kTiPJMaMcc94ciOkPW0p9Z0HL94bjiNrp2qksYs
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 15 Apr 2022 16:17:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0ck1-K5eQeJlCWCKRR4f4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 732A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWwZnIATAB&v=APEucNVsRDNXS3Yx7oesxOAt4uTJBQ5Ab_is3e7xLyz0NnEfrCO019IaAHaU-hT_LrIujmHzB0Rm4jbPjIa4Ps3QxzOsCO0R6yEHkj9XJgRbmAxT6Rw3j21ssz__XLJQCWQbpvu9cJwL_SZ8kTiPJMaMcc94ciOkPW0p9Z0HL94bjiNrp2qksYs
Protocol
HTTP/1.1
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:10 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0ec7f4c6-f00e-40f5-902c-ec7cb3271a4b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJvv-kC4wNa5f_eEdDJLb3M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 732A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWwZnIATAB&v=APEucNVsRDNXS3Yx7oesxOAt4uTJBQ5Ab_is3e7xLyz0NnEfrCO019IaAHaU-hT_LrIujmHzB0Rm4jbPjIa4Ps3QxzOsCO0R6yEHkj9XJgRbmAxT6Rw3j21ssz__XLJQCWQbpvu9cJwL_SZ8kTiPJMaMcc94ciOkPW0p9Z0HL94bjiNrp2qksYs
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Apr 2022 16:17:09 GMT
X-Proxy-Origin
193.27.14.10; 193.27.14.10; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
db58a562-cf0e-4494-aaa8-cc09a388522a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYxOTcyNjI3NTk5NzQzMjU2Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D5CB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 14:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 14:24:01 GMT
truncated
/ Frame D5CB 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
882249e095e0f7bc8e032e1d6e7b9ec5c53e9ba51ad05dbded99fec922cd7f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CDD9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 14:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 14:24:01 GMT
300x050.html
s0.2mdn.net/sadbundle/2596258836322975744/ Frame 20E2 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71bd2c00a8e0d92f57751d493e0fb95b85dea5f27724d768b02da77b02051cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:10 GMT
expires
Sat, 15 Apr 2023 16:17:10 GMT
last-modified
Fri, 23 Jul 2021 06:16:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D5CB 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskfBysrSjAEva0eICQB7MwT0peIUyUd5nIf6e-A19iYNlHNQ34Ble4pdQ7EMMCwVH8NGUNwjC7twNs23wf-ro07qAdTp0gn4yFvN2yaE-s0zFwaPlYDYjV6Rq-tiJRUADDRiOyokV5GAn603yucLd7lWinmHhFteyk87kFGCtZI-DxiTdgkSN9aaCEMTEjRD71xdcM6MbRYQdjcANBuyQSUmsNZkHUigI9YCAu2rti9T7M7HV5MSxaSxwvDsAY0Umt08knld4r2jl_bPiPFX7CsruFvR9gMEoGq7FDBoAJv5iKdAFrFNWqRaNgEmcE4VitGHA5wwnhNal7LVGZeOp08Inpy-UiWeujSKdU0bQq-Xv_RgvHKmRbfFJYtv8Ld_QJZsI7CDAF2SXwuYMO6z6uJRuZC5N1ybk8hZVF35672WwWa0xsMrFD8Xb_0bgnf5vcNjrRCJGJRbkFaatf5ZzSyQjg3ANbMTzkcvWZ9i2loiJoi6xT1jY20edaDtWQx9F20hHX19Y2SsRFMjWtDNymzfEcfEZf5Ay4zA77EaTBDcciOa2CyJV56NAox1UgegV7gmZ5-u7WnF3f-nwZQ5ax1zHqcXWWPUABom3rBuWpJLvnbLI3UELi7ddLDfnrH1AJ4XX7eLYsLjkTX3qiiK-oq2dvyX0zJla8aYAbvoWrBKUkcJTBUstVOqAoHrrtqKMS6qEBXQuuq2jodelUZP4nP8MVSDXkvUTiA1TK7chxBjnUehz7y9Kkk53Hwzw9tJoP-Wx3NWHN6YZokgW_y9yc8QLeTEtddmZHFeqdUE6LyTMdqiaWEhNERAy2wogcyUH5U6jcqV1RBYPAc_a2jM_FZ50bJ5EjkG9CM-dr1qRKiM_udr4FSGUwk4rYvaLNHjtvcPICVMBBHihNr7LCt8ViZhG-jHpK5LoxVuEIqWWRXUwXa4uB9WA3O3w7NG1fBy1PWmPO-b-bj7BLOWfAdaueWjEos4A_dvOQQnTmBurknJJFK3dvjkpU_I46I8_qjcqPH7FONx7_Uh-CyAiRrtQ4hfPNwl4stNQkHWLrru8-C-KesHEWWNVjkWk0Hc40c9gqo85uQXLNwE4YbIriOsKBy_Kav__jH_Zh-VnJOaSkXpEz_obpuSl7mfdQKkHGHeyQptnVL2W3F1ZcGHegCPY5GdhMAVHjIa7_NerMAzzcpuUl2FXsGIqVcdTpWaktyFCNXNazoSCi_68DhGYriA&sai=AMfl-YS4UJk4QF9OkQ085YmfGVg25hteHEy9YnArw7HvxVPerbxWsUsqCvotKrMoJ83OKj1IoT1hkSxj4lv0aQR2OuHqCKII_TzQR2NyizQeUpca3FJf-I3g2PI_0eaOlGK4lGDM_prZKw9X5ra89kRQq3vQO0eNgZduDrCK2cFOd2ntKkX7O6DaFexO1a7rKmif4f6dEOv7uDJ713xdPmEgPYX1w8qY5l5zyA&sig=Cg0ArKJSzAnmhRc1cF2gEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=504&cbvp=1&cstd=485&cisv=r20220413.64703&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Apr 2022 16:17:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame CDD9 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f8821baaee21b05b51a78063534051c84188e06cbb6c0fde9529165fd089a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E87C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 14:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 14:24:01 GMT
728x090.html
s0.2mdn.net/sadbundle/8865269517622706176/ Frame 5DFC 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44ca59252ffebbcc9864376cfb9f4c0ef3c8ca09e58fd889f610611058bbcc8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:10 GMT
expires
Sat, 15 Apr 2023 16:17:10 GMT
last-modified
Fri, 23 Jul 2021 06:16:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CDD9 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstm9QTENNb-0mosSlz5cCS5tLXGSASOuWlPMSTza4yvMFAqgSu9NbxG05L_EvUIOFeyCKOU5XFcVQM6PDXda0NXr_l2X1VOYiPYQ3S1nyHA1nyRluUv-qIm5ZoyoE0GaVoFUHDieeYKfrzmn5cm7CaeK5Ey-bCsjz2qBNw6Ch__WhYhPbkDe4S4pkq09mjKntZRCiGcZcrkUEYVSJ2y5aVXD2Jvd4_XabZgrCJnh3S0dbRaI68ykICSpCIhSxghuE8-dzHO-kle3CJwunB-Yzn7-kASo4rIcvtAuIhL2CanvUfVNhCyyA4u02YDO1HVq-CG-ls3ZjBRL-h19WvebP4whEg4IyzXd9O829ughmPG8NkMOlBlS8TbrWJhLgABXBQS8zd1Vylx_1Vhs6QAiRYSZbzTalIewt1wZTe4s9d9jnSDU5SpzZ4sPN7paWejxcmFHtF1j77gAWMSySEl3NRRibEDfPoAHinkLfiXT_X5Tf2EHWlfVv_AU3i0f2TK02x_dYvTPQ-6ozQdMBdlBZbPAxQcnMbeBBZrwc_hEdZloS-eyDLXcl0uIC3hsAq_YDjIKO5sqalJtzB6D3tXz7gVXQvdSaA53jMtgnk-b8m2lnPCbsIhdnZEJD2xIUNuGNqGcObRchvR58eQIEERbt_XkTdK9LnVLUVKOon1c5dSqzuJY33egMTQI8O88WZXMPnzBKM9tqGxLGbYSU7dklJewoFUeA1m8470GAhmbTe-XDkiyxx-AwYL8jIFonPdLtve1rbSjQUae8qIxEHsh4CREN-xV9Hq5027sEsPA9FudbdnRi1qUUlzY9T6NO98n1xD7T8ZsAHkiB4FQCouQggFIh1YtdQgOAEqqBO23NAzdPRGO6FdF4YWhJLWWmr7epzaVdTsQDZW0iaeR31cvsxlGfoTRG-jGc84e8hWTwjGXcLgc8AMRMbTC5gkpNYqAtPwvSGarAL7ZuGFwfOvNfQuuDJTCf0Tar0YjaHXEEvyDY5G6xdUZCnfhGWX0kWloRvJngJc1j8eDhJxKCdKoApW5z_gPmy927c9K0_-McwWneDUsSSeuEfdJVGYROYGRrlRrs9G39A9aqGMTVgEZ9Xl0QO-YMoqBo6GCLuszbb6z47tosT1WFURxvbyofAfmaHDidlMYqZ4C1Bd3NgxjzPQk2_1Zb_YXidgAnljU6E_l80lcFPjEGwa9rK0c-J7u7vT-lOPwgfQfcfn&sai=AMfl-YTROw_578TOlGlCosBdCbyaGzmkEEZZi01kG5X4zCNUi5xR3usHcfDrbRT2h5GrBdKHEuXn15dDdAIwGMvAzNC1kQU3QAXJexJT5tUTD5rbmEf3xHXfLipjgJmBXLN0xozZrwr1-Iz6wT-pXSDB3t8YDnogSXbRb7-SfSE7c3BOlgAom0magfBwZwnuGKbhUc2LeTBVB7V0yz0AZ3xh1CnYBdtmdOSZKg&sig=Cg0ArKJSzFnyi0qgpRC6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&cbvp=1&cstd=395&cisv=r20220413.94807&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Apr 2022 16:17:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame E87C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a715a56850ba899ada246d578e0cadd0a9fb3ae245c7864760c1a402c44c2ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
728x090.html
s0.2mdn.net/sadbundle/8865269517622706176/ Frame BAF9 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44ca59252ffebbcc9864376cfb9f4c0ef3c8ca09e58fd889f610611058bbcc8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:10 GMT
expires
Sat, 15 Apr 2023 16:17:10 GMT
last-modified
Fri, 23 Jul 2021 06:16:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E87C 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPVi7heywGYCWOgmkmtiEFskTN2QMsdK3B70v9zjJ3_1Ckeot4Y5Nv8iTHyFDkFQi2Jf6YFZIIMGsIR4D4RY4g1J1wFvBHypmof-vkdlMxczRvZYX-Yt-icANjZK969zlMwSXNYNKaCg4VqyMTYCc5itW4MrGmPDrKH7PIcixrDg0PypZ7xJ8MKs4qdiNtCtQYUyOT0kI5D5Z2u7ooZt3EWtHfoJJ48cEZZRLnE_cl2R6GW9qx2y7lmGnTD0zgC7KlleVNVu6JU7PCLdqemcofk5uriRrgfcqalHkULFNUoCSdhFSncW-6g4mEn2jglhqEu7CjlAg1mvHWGX5QNsnf1fkYuwdgH1aGWYWK7S5G_cEhMWsw77LKIlPJj4cRsNUsXemt1vXksKvy58DP0oVNcBkTm4p8f5gi-GT0-kqPoUHxs9Qs0MCPQlHDkqLd0ZvaFPlhXKoqZPSkWvzrUnA5D-enK6FF1f-xmE1BoB-xzC7GyAXVfgDZ4MxfCeobU8nVv9LYfJDM_gPI4SCV_8g4Y7k-SPq6GTqPu3VVr7g6uNx9TrmUfVqaLFCk_dIs6LtXhkjWGj-Tx2Jfyb2i9mgUFooLKd6g6JNgc11J5fP49ZNSPwukwXyBJu1ZIVrAACvhNsROKjBxXnj8TvuFNkdwQpT34oOKueeBC7PXJzeTZ3iquJ0QkY2DT2pSJmT5wmrktpf6UfZmCyPya6xj5tf-DlNE5i2hh3WWBLWUFqEf_AeSrmB-TkaS4BTkJtR_i6bdWcli3DfAVCvsqmgjDoRGvW9PpUc7KKJbqsWOwgfK3QgplCCEFnfdgU0fpQot54i9ix9w8b6tF0OOQTMXZlREk1fyBwImYktf-ZH4vVn6CDfEhYrFXbUWbaqHyP20fDC-1gK6yaqOT51tcvYL4pcJ3910eHCX5iVQ600bNnNIb81kVCkcV5LNgC-dzcXJ3CqMAVGk-myYWAeFx_EHY4URanpWSt1uHt61kcCXUV5ObcJzmqmcQBSAywSrDT24_SJBxaBXFjnYUmcY1s1BZAShvY-9HtIMrJIT5GvWk5arR8R5vMyp125QfvSPh8Rdg9IBHEjVwCDq6EsTGIaE6hldqzsaWR5W3WtF6W66D7_uD5t1h1Ux02QihEj5WqGCHrKKSsD2X0BHrUbRsWlN54dlqJNEDrRv2ybme4Ytbm1nyxdiPS7rjtGEPqTLmjYZ3qdXQA-DEg6bo7KtEJzeDTo&sai=AMfl-YQX2d7liwEmPVHQmf95AbwhrH4_Zki56hia4n7w0HI39VV1ciSKfHbYNivLnggC09KddAH2kyZ5J5zNF4_2xnccNa6pCAl2Cs6xbRBEFhfrc-QvCh1CUmkxhEZSG2RW7-wok4wwsx64V4ODSLs4R_V2Z8lCA5V9OKWgKN8NRf_HrUryVSiJl1fbe7jLOJAk-IAnypqB3ar5g989raTDzgVARkS-NbG7Wg&sig=Cg0ArKJSzFEdKSaaAbDEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=439&cbvp=1&cstd=427&cisv=r20220413.52129&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Apr 2022 16:17:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pd
u.openx.net/w/1.0/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:10 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2A05 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
93189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 14:24:01 GMT
expires
Fri, 14 Apr 2023 14:24:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2F6B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
93189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 14:24:01 GMT
expires
Fri, 14 Apr 2023 14:24:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6EC2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
93189
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 14:24:01 GMT
expires
Fri, 14 Apr 2023 14:24:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D5CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYngIlwYygtPKMJi8yCCQeF2WMW4aVbrJphX6d_Se-nPSfckA641wO2Gesc0itbVqTS-sxjJTuR9CcLmXSMomfyo9cAUr5vsMgwamkR7Leu9mF46Cenw&sai=AMfl-YR22uBwESG7m5mbbIeu9GukpnX_7JVR42Qsg2dURaNk15W1wbwss0cGiRpQ9oymvhM__sbLTUv5on3gMQpxZ0xXn9f4K_WltdhaO5rM_b3xwxvrUTvxFmqXA6peLdn6&sig=Cg0ArKJSzD1S2F1F9H0mEAE&cid=CAASKORoV8rsgJAyOxmyAAoMlcU4PcmepiPhGz0nm7RmuC3Jmym1Bc2qirU&id=lidar2&mcvt=1000&p=1150,640,1200,940&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=819652461&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650039428924&rpt=795&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame BAF9 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 11:23:14 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame BAF9 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:17:10 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 20E2 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 11:23:14 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 20E2 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:17:10 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 2A05 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 5DFC 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 11:23:14 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5DFC 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:17:10 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CDD9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTaFw6DoaYJUiV1hzDinxaUPUgmo-xIE061d2YmL5HmcXAB7ZOHn36WpNgb7S62a5dAtdlJfNgDtKJntq4VttoCF4TBBU6vwLLOx58cK9jo8r1O5XVxg&sai=AMfl-YQpIhZGnm9KbKwvq8xm9_u3j4s8T0cdDs5YXs4BrUVmH3YGb9Bv5_QtsN10-wVFKZWMLjTPVcTs9NY5j8x7c1cZBQO3nSPYWhaNnTSnIntztsWplewRH8D8rMHF9Xs&sig=Cg0ArKJSzBWEMg6Ep5J-EAE&cid=CAASJ-RoBm76mJ9ZOqx83Y9QZ0iSLnzn9Gf67tJsA-wJRV89yagmXi0gYg&id=lidar2&mcvt=1011&p=74,436,164,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4186764061&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650039428144&rpt=1653&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 2F6B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 6EC2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E87C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQZQ6c0QmlY7GcKIKbb_oF4Y9i74wMUZXZQd7a90tiZRZNA70iX3tOcGweEaw_ez8qm16dykqZSx_ftpLVhAX8NY7kp9OLxDsFQbJeTId0b5HSQcpvlA&sai=AMfl-YS40QXPzaPCWWkgf9oU3iWwZobk5qoXqw2mGgSnrvGZQFm8fF24BGddeaDLtGGBqKNYUmlYgAxRuJ382Lvao7bMhDKu6v0EZMNrMCopq_GT5KaZOoolv_FQPWva2NE&sig=Cg0ArKJSzGDECl933Rm7EAE&cid=CAASJ-Rokw4I5P00cg84yg9phsCaccRawpz-D2Vv-L5Cfam9klv4Ddoffg&id=lidar2&mcvt=1000&p=696,436,786,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2814768999&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650039428151&rpt=1744&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E87C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvPVi7heywGYCWOgmkmtiEFskTN2QMsdK3B70v9zjJ3_1Ckeot4Y5Nv8iTHyFDkFQi2Jf6YFZIIMGsIR4D4RY4g1J1wFvBHypmof-vkdlMxczRvZYX-Yt-icANjZK969zlMwSXNYNKaCg4VqyMTYCc5itW4MrGmPDrKH7PIcixrDg0PypZ7xJ8MKs4qdiNtCtQYUyOT0kI5D5Z2u7ooZt3EWtHfoJJ48cEZZRLnE_cl2R6GW9qx2y7lmGnTD0zgC7KlleVNVu6JU7PCLdqemcofk5uriRrgfcqalHkULFNUoCSdhFSncW-6g4mEn2jglhqEu7CjlAg1mvHWGX5QNsnf1fkYuwdgH1aGWYWK7S5G_cEhMWsw77LKIlPJj4cRsNUsXemt1vXksKvy58DP0oVNcBkTm4p8f5gi-GT0-kqPoUHxs9Qs0MCPQlHDkqLd0ZvaFPlhXKoqZPSkWvzrUnA5D-enK6FF1f-xmE1BoB-xzC7GyAXVfgDZ4MxfCeobU8nVv9LYfJDM_gPI4SCV_8g4Y7k-SPq6GTqPu3VVr7g6uNx9TrmUfVqaLFCk_dIs6LtXhkjWGj-Tx2Jfyb2i9mgUFooLKd6g6JNgc11J5fP49ZNSPwukwXyBJu1ZIVrAACvhNsROKjBxXnj8TvuFNkdwQpT34oOKueeBC7PXJzeTZ3iquJ0QkY2DT2pSJmT5wmrktpf6UfZmCyPya6xj5tf-DlNE5i2hh3WWBLWUFqEf_AeSrmB-TkaS4BTkJtR_i6bdWcli3DfAVCvsqmgjDoRGvW9PpUc7KKJbqsWOwgfK3QgplCCEFnfdgU0fpQot54i9ix9w8b6tF0OOQTMXZlREk1fyBwImYktf-ZH4vVn6CDfEhYrFXbUWbaqHyP20fDC-1gK6yaqOT51tcvYL4pcJ3910eHCX5iVQ600bNnNIb81kVCkcV5LNgC-dzcXJ3CqMAVGk-myYWAeFx_EHY4URanpWSt1uHt61kcCXUV5ObcJzmqmcQBSAywSrDT24_SJBxaBXFjnYUmcY1s1BZAShvY-9HtIMrJIT5GvWk5arR8R5vMyp125QfvSPh8Rdg9IBHEjVwCDq6EsTGIaE6hldqzsaWR5W3WtF6W66D7_uD5t1h1Ux02QihEj5WqGCHrKKSsD2X0BHrUbRsWlN54dlqJNEDrRv2ybme4Ytbm1nyxdiPS7rjtGEPqTLmjYZ3qdXQA-DEg6bo7KtEJzeDTo&sai=AMfl-YQX2d7liwEmPVHQmf95AbwhrH4_Zki56hia4n7w0HI39VV1ciSKfHbYNivLnggC09KddAH2kyZ5J5zNF4_2xnccNa6pCAl2Cs6xbRBEFhfrc-QvCh1CUmkxhEZSG2RW7-wok4wwsx64V4ODSLs4R_V2Z8lCA5V9OKWgKN8NRf_HrUryVSiJl1fbe7jLOJAk-IAnypqB3ar5g989raTDzgVARkS-NbG7Wg&sig=Cg0ArKJSzFEdKSaaAbDEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1655&vt=11&dtpt=1216&dett=3&cstd=427&cisv=r20220413.52129&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame D5CB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskfBysrSjAEva0eICQB7MwT0peIUyUd5nIf6e-A19iYNlHNQ34Ble4pdQ7EMMCwVH8NGUNwjC7twNs23wf-ro07qAdTp0gn4yFvN2yaE-s0zFwaPlYDYjV6Rq-tiJRUADDRiOyokV5GAn603yucLd7lWinmHhFteyk87kFGCtZI-DxiTdgkSN9aaCEMTEjRD71xdcM6MbRYQdjcANBuyQSUmsNZkHUigI9YCAu2rti9T7M7HV5MSxaSxwvDsAY0Umt08knld4r2jl_bPiPFX7CsruFvR9gMEoGq7FDBoAJv5iKdAFrFNWqRaNgEmcE4VitGHA5wwnhNal7LVGZeOp08Inpy-UiWeujSKdU0bQq-Xv_RgvHKmRbfFJYtv8Ld_QJZsI7CDAF2SXwuYMO6z6uJRuZC5N1ybk8hZVF35672WwWa0xsMrFD8Xb_0bgnf5vcNjrRCJGJRbkFaatf5ZzSyQjg3ANbMTzkcvWZ9i2loiJoi6xT1jY20edaDtWQx9F20hHX19Y2SsRFMjWtDNymzfEcfEZf5Ay4zA77EaTBDcciOa2CyJV56NAox1UgegV7gmZ5-u7WnF3f-nwZQ5ax1zHqcXWWPUABom3rBuWpJLvnbLI3UELi7ddLDfnrH1AJ4XX7eLYsLjkTX3qiiK-oq2dvyX0zJla8aYAbvoWrBKUkcJTBUstVOqAoHrrtqKMS6qEBXQuuq2jodelUZP4nP8MVSDXkvUTiA1TK7chxBjnUehz7y9Kkk53Hwzw9tJoP-Wx3NWHN6YZokgW_y9yc8QLeTEtddmZHFeqdUE6LyTMdqiaWEhNERAy2wogcyUH5U6jcqV1RBYPAc_a2jM_FZ50bJ5EjkG9CM-dr1qRKiM_udr4FSGUwk4rYvaLNHjtvcPICVMBBHihNr7LCt8ViZhG-jHpK5LoxVuEIqWWRXUwXa4uB9WA3O3w7NG1fBy1PWmPO-b-bj7BLOWfAdaueWjEos4A_dvOQQnTmBurknJJFK3dvjkpU_I46I8_qjcqPH7FONx7_Uh-CyAiRrtQ4hfPNwl4stNQkHWLrru8-C-KesHEWWNVjkWk0Hc40c9gqo85uQXLNwE4YbIriOsKBy_Kav__jH_Zh-VnJOaSkXpEz_obpuSl7mfdQKkHGHeyQptnVL2W3F1ZcGHegCPY5GdhMAVHjIa7_NerMAzzcpuUl2FXsGIqVcdTpWaktyFCNXNazoSCi_68DhGYriA&sai=AMfl-YS4UJk4QF9OkQ085YmfGVg25hteHEy9YnArw7HvxVPerbxWsUsqCvotKrMoJ83OKj1IoT1hkSxj4lv0aQR2OuHqCKII_TzQR2NyizQeUpca3FJf-I3g2PI_0eaOlGK4lGDM_prZKw9X5ra89kRQq3vQO0eNgZduDrCK2cFOd2ntKkX7O6DaFexO1a7rKmif4f6dEOv7uDJ713xdPmEgPYX1w8qY5l5zyA&sig=Cg0ArKJSzAnmhRc1cF2gEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1891&vt=11&dtpt=1387&dett=3&cstd=485&cisv=r20220413.64703&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame CDD9 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstm9QTENNb-0mosSlz5cCS5tLXGSASOuWlPMSTza4yvMFAqgSu9NbxG05L_EvUIOFeyCKOU5XFcVQM6PDXda0NXr_l2X1VOYiPYQ3S1nyHA1nyRluUv-qIm5ZoyoE0GaVoFUHDieeYKfrzmn5cm7CaeK5Ey-bCsjz2qBNw6Ch__WhYhPbkDe4S4pkq09mjKntZRCiGcZcrkUEYVSJ2y5aVXD2Jvd4_XabZgrCJnh3S0dbRaI68ykICSpCIhSxghuE8-dzHO-kle3CJwunB-Yzn7-kASo4rIcvtAuIhL2CanvUfVNhCyyA4u02YDO1HVq-CG-ls3ZjBRL-h19WvebP4whEg4IyzXd9O829ughmPG8NkMOlBlS8TbrWJhLgABXBQS8zd1Vylx_1Vhs6QAiRYSZbzTalIewt1wZTe4s9d9jnSDU5SpzZ4sPN7paWejxcmFHtF1j77gAWMSySEl3NRRibEDfPoAHinkLfiXT_X5Tf2EHWlfVv_AU3i0f2TK02x_dYvTPQ-6ozQdMBdlBZbPAxQcnMbeBBZrwc_hEdZloS-eyDLXcl0uIC3hsAq_YDjIKO5sqalJtzB6D3tXz7gVXQvdSaA53jMtgnk-b8m2lnPCbsIhdnZEJD2xIUNuGNqGcObRchvR58eQIEERbt_XkTdK9LnVLUVKOon1c5dSqzuJY33egMTQI8O88WZXMPnzBKM9tqGxLGbYSU7dklJewoFUeA1m8470GAhmbTe-XDkiyxx-AwYL8jIFonPdLtve1rbSjQUae8qIxEHsh4CREN-xV9Hq5027sEsPA9FudbdnRi1qUUlzY9T6NO98n1xD7T8ZsAHkiB4FQCouQggFIh1YtdQgOAEqqBO23NAzdPRGO6FdF4YWhJLWWmr7epzaVdTsQDZW0iaeR31cvsxlGfoTRG-jGc84e8hWTwjGXcLgc8AMRMbTC5gkpNYqAtPwvSGarAL7ZuGFwfOvNfQuuDJTCf0Tar0YjaHXEEvyDY5G6xdUZCnfhGWX0kWloRvJngJc1j8eDhJxKCdKoApW5z_gPmy927c9K0_-McwWneDUsSSeuEfdJVGYROYGRrlRrs9G39A9aqGMTVgEZ9Xl0QO-YMoqBo6GCLuszbb6z47tosT1WFURxvbyofAfmaHDidlMYqZ4C1Bd3NgxjzPQk2_1Zb_YXidgAnljU6E_l80lcFPjEGwa9rK0c-J7u7vT-lOPwgfQfcfn&sai=AMfl-YTROw_578TOlGlCosBdCbyaGzmkEEZZi01kG5X4zCNUi5xR3usHcfDrbRT2h5GrBdKHEuXn15dDdAIwGMvAzNC1kQU3QAXJexJT5tUTD5rbmEf3xHXfLipjgJmBXLN0xozZrwr1-Iz6wT-pXSDB3t8YDnogSXbRb7-SfSE7c3BOlgAom0magfBwZwnuGKbhUc2LeTBVB7V0yz0AZ3xh1CnYBdtmdOSZKg&sig=Cg0ArKJSzFnyi0qgpRC6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1694&vt=11&dtpt=1275&dett=3&cstd=395&cisv=r20220413.94807&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 20E2 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13359091989e533887dafd34a4a623d44307dbd1f9db6b8b95ab26db089adc6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5458
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5DFC 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90975e82d135cec980485e76bc1fa654e08849b97905e098611a661ae6c066c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5652
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame BAF9 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
603a478b1e00245da68967f3aad6d73670180206e1ddfa3e024edc383df04a3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5541
x-xss-protection
0
container.html
61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 82E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:07 GMT
expires
Sat, 15 Apr 2023 16:17:07 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fea218b4bde9d4b6d2b1971d438b3c83e10a523f85387cac5ac24a369dd1e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10703
x-xss-protection
0
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame BAF9 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:34 GMT
x-content-type-options
nosniff
age
97
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:30:34 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame BAF9 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:08:53 GMT
x-content-type-options
nosniff
age
498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:23:53 GMT
60005582_20220110062031600_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame BAF9 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110062031600_728x090_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10f2caf31f8bcb9789120308ea3be1fbb208307ae9c6be9caafd8d24a6eb8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 20:39:31 GMT
x-content-type-options
nosniff
age
70660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28836
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:20:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 20:39:31 GMT
60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame BAF9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=m5PbNyXCO6&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 17:56:11 GMT
x-content-type-options
nosniff
age
80460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26568
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 06:54:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 17:56:11 GMT
postview.gif
portal.o2online.de/nws/img/ Frame BAF9 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=0_0_0_0_-0&ref=0_0_0_0_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 16:17:11 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 5DFC 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:34 GMT
x-content-type-options
nosniff
age
97
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:30:34 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 5DFC 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:08:53 GMT
x-content-type-options
nosniff
age
498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:23:53 GMT
60005582_20220110062031600_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 5DFC 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110062031600_728x090_LOOK-01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10f2caf31f8bcb9789120308ea3be1fbb208307ae9c6be9caafd8d24a6eb8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 20:39:31 GMT
x-content-type-options
nosniff
age
70660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28836
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:20:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 20:39:31 GMT
60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 5DFC 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 17:56:11 GMT
x-content-type-options
nosniff
age
80460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26568
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 06:54:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 17:56:11 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 5DFC 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=0_0_0_0_-0&ref=0_0_0_0_-0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=qx9mgQ0vaj&t=1&renderingType=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 16:17:11 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 20E2 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:34 GMT
x-content-type-options
nosniff
age
97
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:30:34 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 20E2 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:08:53 GMT
x-content-type-options
nosniff
age
498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:23:53 GMT
60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 20E2 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 17:56:11 GMT
x-content-type-options
nosniff
age
80460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26568
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 06:54:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 17:56:11 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 20E2 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=0_0_0_0_-0&ref=0_0_0_0_-0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 16:17:11 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
60005582_20220110062010370_m-300x050_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 20E2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110062010370_m-300x050_LOOK-01.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5842bfabb68bff9508bae2755aae5842547c0908602be01bcfb49a6ac2490746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2596258836322975744/300x050.html?e=69&leftOffset=0&topOffset=0&c=HWzA4CxAK5&t=1&renderingType=2&ev=01_248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 14:47:31 GMT
x-content-type-options
nosniff
age
5380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6611
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:20:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 14:47:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 20E2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5DFC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BAF9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:12 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 3592 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 0D11 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 24CA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1164
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 85A3 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNVdT52AN0EvI-L8XKf4f3647GHNubVzKttUfxeKQ5xzHZiF81eCFhDxkt5EZj4UlnXLAf1vClNlphcqrb_WXK5QCaGJHTOCRRNtYFgRnugK36FXipk9JMnGTde-oRkvOU4WrPjcvGztPq03gAX23yiM7ZV-qBicDaZKbEkRh1A9Ry3Qncs
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 82E1 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CiKYkzVTVWb3ZTVwAZAbEc-cPJ26ItN6xk_8naQOv29vIhwQWTmCXElX-X-OWodXr9tzQdiJI4wHyCoBGOBcRpdU4w2yKiNpo1c9nvcJfjV_scgWMcU1PfdgA6Ad8sgIV-uzUpGk4xfsSA82T8se_dFpD3jQ&dbm_d=AKAmf-ArW1EM7fcelTjod6CqfEYqwieJt-2vph_sI6745LPypdAGgbLTs0_QQRT50Occv_sQ_33CbPMT4jAX6V61z1alYiRD6bkenvoA4Bp2uLaixpzc0d0B9JfviJtuFi5MQc0mwaZR3UIsjKaMrU7hIRb1W3_OqutSBI1PRbSpTg2bGNdTMdbEQqGrQ7AVwdbBDmJ_8aokmxNWlS2CLd2Kg-zanmHYG-kZkp3D6rdO8_NqUOt1fM7INGfaEmUTBTMfnJqHddmX3MsrITiEAuC-ZHPtaJCrY4NefZqGC1O7Kj6BdO7nqdoaN11fN1qyMNaTRp9lekS1QASYvQlJi2upXs7kOMXHXhBvahS6Iz1SkKZgBG5s6vGF7BLqksqTtM1St167dea6x4Wf5TIdSr8IdT88jbnLbWYxdZHtopFggejLTcLOZrSE6VuNZS9zBZemhrbAQWeWj7s48qE2cHPHQKrOuStv1YLY0jYaAKoHyfw9B1KLwEWAylyNSEIydkRJfQ4FI_dlV5SRpru2phM_OggMsMj9nNoIgCPLvRQw8jwCX-qGA-9Q5RdeihmTvYX0hBh8VjYoJamDYyatnGf6wwIovgJ1K0BGPBiogTqg9LY0dDkU91Hq5CBTu1mFFnGvCjz16I11u5dTGHatHGaYtLEzAhDI3FcjDRr6q7XluhqUjVxUt83czRKPPbjpXLIoc5_lNHtL_YglaKTx8G66DzT_Bz66Xr_XoZkTOhDeNEIUyh5bznBZNXBV6uk1e0MqRx_KimmiJGd-l-Mr0ZZtnA6_9TCPMpmlpXpXZLS5RuQFwjyullnew-cIxv_2V4g2hw4hkplZvRNhv8zb-tIZfCn7nbcZ2h7eCP7QW0iB_T82o616DNcqdl4WFjmfhY5gpbcPZenjBxJbb5os055-MnjsYvSlxxxEaGvrAWXtu_xIYEldl2GQN_jV9h8vQn2ulkOUAUoICoROOBDWCGSFF84WmznUR2wZ9TkNKKvjuqxyo6vSmg1vXmYngyw8A7xC5EIb8-pHDGu5Yg8OiR6HKYkLKh4A84RTjk79ACeNQH-rCblFDg5GwKzh0KNxFN6ijhtJatFssLVCl3U4b1DPC7U_M3MxbRHl9SG_sJj1mmjEsHFNpR28KpfqwwkqlmHibDjaKPIFJMU-Ob7VKvoSN97bG0kjBMWCwLrOUsXq6OrTI8UbJ9-OSaJiR3VwFC5AMSoFMMCoPTsCEkMtMYTg1_s9wLpWOY9QZAPcI1x93E8m7QaC_aOhe5bv3LvEr_USNTfqOhCBhZ0c841MTmNfuOTQCsxhk_ISFU-lOHFuK3GdPM4DXv63jG-3WAAg6DJ7fmv2C1vfrN5z6FKVEFLeS0FXxVOYYVATsH_4tZ4WjmrS7T4zQbfzEUjET_smTmff71VcI8quHZu8olf6hHBDLmA1FIArfJ3-sUsMtgz_9JZ-vkKMsE1catMbuY9wvUMJsL0Vcxytbb4bskCdruI93_2-BRQCiLPLvELtcmWiGmpvPisr60c9DS4kDFclvm8XOCrIvozR7jXgXqKSl8D2rcYnrIcVNX1TJZIp3nkTTBMHfdrP7WJ0EID_U0jJLCNATcZVho7nc_6_K51k-8mgJ1QvFfQmae73IYmnn5_hSbBgLpac7spuuCVLCyBoZTIKGrJPNSorZe6TFHnkt-qx059pLbuFVPhAczQfShkN7SjqUtILV0X8fYahxD6K_ASABS9zbWGn4D5lQlHagzyKY_-mZZAf57viDdCj4AO0ise4mQkQNa12IZTX50rUbJtN7kLcIA0vPIs1WaRTtb_z2P1YbI8fEWxexXYoLAqIScnP1pHdnH3vCy1V__tpNgTKf_figurtRd9yMsIl0z9KUMtU3_CpMbrH01SRHI7Imm4_wFDvCjxrvzv74baMFk0CUQAeGdCweRX1nfvsRr0CA4IDsFGk8O-Y1Cg8jgwGw8Q06Mef5opAN3-_JFTnJvg0_iLS6wW0zsnaCGSZ5SXGyjC_B33yL56mPAROJKb_f5d1YGSZrqiOc3kop4rwFJYhTBIlCXDhsC3_p6cKKhN78Jm6cKa1pGuWrd2ZsLpiTHsPczNh7YR16hPDOrOcYwth270VSk9IZu9RTn79FNmvRwTMI33H7F4JUieGKJELfhpqcfEmxk30KJmYPzz-TrWlQt93ER9R9QZVjocc4qvqBjotrJZljlXrVvE_TfOJ5P3JCTZMWW-Q4et1_LuzBveW7URpKUnsoHtcX0Wv6vUI7AOveEGKjm5JeV8fko9EG29DAmf_EjChxfOzhI-S3Pf-60dilClQW0UUApARE9bxkjOs0PwIlPash6tQ0u_Mz16TcL_fxadaGqmmrIRLGALGiDY83_Ut2q0ia29kJdQ5w3tmLeb-4SyN9R88vTuBgOjQT-oOJva4kLzg1K3mknrjFAkHBBXfcYZysytfMB7_mLPSvlIShxdNbWobkS0oy_PAsnubLDGZoPU_oZwiVCNhJqLvjnIFldpU973hT3tA7DvjQVZcMcrOmmFsSmIvFlN1KSQhXRmLRB4Suq_Wrbu8DU4924KUqrSiMWSKEO_gVMCdHCfaDB8snSxuKGVuQrLfRpbOZ1Fl03VQR-EMQgx2HceA4_wHnhrh-wN4iqTiroy9-Z7gUBuiKuToYxbIVNi6LEeHhtLnwhGQSX9cGvVX1eZMxUHOUxGCnP4qHF396jBuaroFZEqdYoWwacQbY2aqoDpeaMdi2ub8c9F0ZhW7wK3ZQ5wNxp4uJcszSWNao15tpv6RNpsBfu3-9q0Qoqn5J7SNFLYXSvTdNspenkzQNrjFPcsJkJYjL5ycH1wnKOcS0wquIkpLWNIEhjZAsO8NysAZdTHmatMI5n83pHOHFp4ZVZ9PvTm4odzxlIj_NaJvM-X4n0dJSLK5_QCTeMi9GzZ1KV-3hEVm4rZS6AKwtkJi4_Tbc73Tw4CWukcfWpl7rY_GKZ1Pig-FZEYPeQ_wKVNjjiMEA-GjMWHjUUilk2sDmQqqeUCMOPgBxrbl76jFjB3Jm25Pvw69iJ-SKiwzy1v98UwiuRV75fEDAwPSmUNuNqnY83pmw4_sEfWsNLSMAApW9crVnUbILF6Xl_Dab9Jde81Pve7Cy6lMZotkNI8M6Q0NgosBonv6wL4lQQ4SPWLN7gs3WNkZWLaT_xB7Dc8lT2erALQ9b0aln0PlOjQ89OIHwclBuqZpYdGg7SyakwcdkadSu-WDugOd2abwe7vqpT1PaEquzauUeb4JkGiZd26Trbt9xPj31KExifFvIKQNFV--CeoOmkyc7nSOV0QOknEwpV9rc-XtPZTZQldcGHg3Cb0v3Ibnk7FCdUmMqUxH2siSqww_zzX0GiD_3l0t1mpcr28aAihv9HbAi3USpfMHyv0j5-SF7dLYiCanSzZpRsI4Ij2VqbRG4h7yP-yDDMXnXLg1BHtwpnurvFzoY42iu63Ii_am09o3-vsacAVmcSbdOAieqC0KrrtXrqNt89F7MoB4ImXxr-TlXUGMP8PjOET1xdLvXg-dcim1tv64oBwfkRI7KDa_lNhD84ypNy1RWVyuEA2K8w936LhJSZ67GR-IUiBs25TlELu86P8A2g&cid=CAASJ-RoTlSQ91Y3eb6Jxnb47e8ju9tnXQwfulTIau3elOIlixTXoscXvw&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab3d7e8cb7170ffbec495280a13cc2ed6c4485a1ff9c210fd34c2fa3b930087f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34029
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 82E1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBET1KgOL4Jpx5rFodNSV9_GA2Fwtw6i_JRz762jVvWkG8_ocxosvpBwP9FPNJC3W8rsyWJpb_tHNUtUrsMgQxUlYeXu7_E66Td8Pq2wyPsX4YV9g
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 82E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:15:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82E1 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36909
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649897599747219"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 82E1 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:11:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6409
x-xss-protection
0
server
cafe
etag
15284592792851369840
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:11:18 GMT
l
www.google.com/ads/measurement/ Frame 82E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2abIBFsBvLz3N5ROLXlbOZ3UbMDBMAUBmyhMqtPX_HlSt1MksUoxD1gC9z8zRG4q5gsWw7kpO-pPJcsfnIDYxwniw-Q
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 28F3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:16:43 GMT
expires
Sat, 15 Apr 2023 16:16:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 89B5 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d6862e9f10160307556a941365e321f7fa31de1597847839b0fe008ebe19fa7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S/r12YpwSgQjo5eNQIPCgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ar.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-S/r12YpwSgQjo5eNQIPCgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:12 GMT
expires
Fri, 15 Apr 2022 16:17:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame 85A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj56cg69vxCzVydg2yEJxs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj56cg69vxCzVydg2yEJxs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNVdT52AN0EvI-L8XKf4f3647GHNubVzKttUfxeKQ5xzHZiF81eCFhDxkt5EZj4UlnXLAf1vClNlphcqrb_WXK5QCaGJHTOCRRNtYFgRnugK36FXipk9JMnGTde-oRkvOU4WrPjcvGztPq03gAX23yiM7ZV-qBicDaZKbEkRh1A9Ry3Qncs
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
via
1.1 google
server
OXGW/18.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKj56cg69vxCzVydg2yEJxs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 85A3 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNVdT52AN0EvI-L8XKf4f3647GHNubVzKttUfxeKQ5xzHZiF81eCFhDxkt5EZj4UlnXLAf1vClNlphcqrb_WXK5QCaGJHTOCRRNtYFgRnugK36FXipk9JMnGTde-oRkvOU4WrPjcvGztPq03gAX23yiM7ZV-qBicDaZKbEkRh1A9Ry3Qncs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 85A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEoiG5EQwzQ6le1RVq-3HyQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEoiG5EQwzQ6le1RVq-3HyQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNVdT52AN0EvI-L8XKf4f3647GHNubVzKttUfxeKQ5xzHZiF81eCFhDxkt5EZj4UlnXLAf1vClNlphcqrb_WXK5QCaGJHTOCRRNtYFgRnugK36FXipk9JMnGTde-oRkvOU4WrPjcvGztPq03gAX23yiM7ZV-qBicDaZKbEkRh1A9Ry3Qncs
Protocol
H2
Server
104.111.242.245 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 15 Apr 2022 16:17:12 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEoiG5EQwzQ6le1RVq-3HyQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 85A3 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjTvpnIATAB&v=APEucNVdT52AN0EvI-L8XKf4f3647GHNubVzKttUfxeKQ5xzHZiF81eCFhDxkt5EZj4UlnXLAf1vClNlphcqrb_WXK5QCaGJHTOCRRNtYFgRnugK36FXipk9JMnGTde-oRkvOU4WrPjcvGztPq03gAX23yiM7ZV-qBicDaZKbEkRh1A9Ry3Qncs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 15 Apr 2022 16:17:12 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 82E1 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Origin
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:47:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 11:47:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/ Frame 82E1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CiKYkzVTVWb3ZTVwAZAbEc-cPJ26ItN6xk_8naQOv29vIhwQWTmCXElX-X-OWodXr9tzQdiJI4wHyCoBGOBcRpdU4w2yKiNpo1c9nvcJfjV_scgWMcU1PfdgA6Ad8sgIV-uzUpGk4xfsSA82T8se_dFpD3jQ&dbm_d=AKAmf-ArW1EM7fcelTjod6CqfEYqwieJt-2vph_sI6745LPypdAGgbLTs0_QQRT50Occv_sQ_33CbPMT4jAX6V61z1alYiRD6bkenvoA4Bp2uLaixpzc0d0B9JfviJtuFi5MQc0mwaZR3UIsjKaMrU7hIRb1W3_OqutSBI1PRbSpTg2bGNdTMdbEQqGrQ7AVwdbBDmJ_8aokmxNWlS2CLd2Kg-zanmHYG-kZkp3D6rdO8_NqUOt1fM7INGfaEmUTBTMfnJqHddmX3MsrITiEAuC-ZHPtaJCrY4NefZqGC1O7Kj6BdO7nqdoaN11fN1qyMNaTRp9lekS1QASYvQlJi2upXs7kOMXHXhBvahS6Iz1SkKZgBG5s6vGF7BLqksqTtM1St167dea6x4Wf5TIdSr8IdT88jbnLbWYxdZHtopFggejLTcLOZrSE6VuNZS9zBZemhrbAQWeWj7s48qE2cHPHQKrOuStv1YLY0jYaAKoHyfw9B1KLwEWAylyNSEIydkRJfQ4FI_dlV5SRpru2phM_OggMsMj9nNoIgCPLvRQw8jwCX-qGA-9Q5RdeihmTvYX0hBh8VjYoJamDYyatnGf6wwIovgJ1K0BGPBiogTqg9LY0dDkU91Hq5CBTu1mFFnGvCjz16I11u5dTGHatHGaYtLEzAhDI3FcjDRr6q7XluhqUjVxUt83czRKPPbjpXLIoc5_lNHtL_YglaKTx8G66DzT_Bz66Xr_XoZkTOhDeNEIUyh5bznBZNXBV6uk1e0MqRx_KimmiJGd-l-Mr0ZZtnA6_9TCPMpmlpXpXZLS5RuQFwjyullnew-cIxv_2V4g2hw4hkplZvRNhv8zb-tIZfCn7nbcZ2h7eCP7QW0iB_T82o616DNcqdl4WFjmfhY5gpbcPZenjBxJbb5os055-MnjsYvSlxxxEaGvrAWXtu_xIYEldl2GQN_jV9h8vQn2ulkOUAUoICoROOBDWCGSFF84WmznUR2wZ9TkNKKvjuqxyo6vSmg1vXmYngyw8A7xC5EIb8-pHDGu5Yg8OiR6HKYkLKh4A84RTjk79ACeNQH-rCblFDg5GwKzh0KNxFN6ijhtJatFssLVCl3U4b1DPC7U_M3MxbRHl9SG_sJj1mmjEsHFNpR28KpfqwwkqlmHibDjaKPIFJMU-Ob7VKvoSN97bG0kjBMWCwLrOUsXq6OrTI8UbJ9-OSaJiR3VwFC5AMSoFMMCoPTsCEkMtMYTg1_s9wLpWOY9QZAPcI1x93E8m7QaC_aOhe5bv3LvEr_USNTfqOhCBhZ0c841MTmNfuOTQCsxhk_ISFU-lOHFuK3GdPM4DXv63jG-3WAAg6DJ7fmv2C1vfrN5z6FKVEFLeS0FXxVOYYVATsH_4tZ4WjmrS7T4zQbfzEUjET_smTmff71VcI8quHZu8olf6hHBDLmA1FIArfJ3-sUsMtgz_9JZ-vkKMsE1catMbuY9wvUMJsL0Vcxytbb4bskCdruI93_2-BRQCiLPLvELtcmWiGmpvPisr60c9DS4kDFclvm8XOCrIvozR7jXgXqKSl8D2rcYnrIcVNX1TJZIp3nkTTBMHfdrP7WJ0EID_U0jJLCNATcZVho7nc_6_K51k-8mgJ1QvFfQmae73IYmnn5_hSbBgLpac7spuuCVLCyBoZTIKGrJPNSorZe6TFHnkt-qx059pLbuFVPhAczQfShkN7SjqUtILV0X8fYahxD6K_ASABS9zbWGn4D5lQlHagzyKY_-mZZAf57viDdCj4AO0ise4mQkQNa12IZTX50rUbJtN7kLcIA0vPIs1WaRTtb_z2P1YbI8fEWxexXYoLAqIScnP1pHdnH3vCy1V__tpNgTKf_figurtRd9yMsIl0z9KUMtU3_CpMbrH01SRHI7Imm4_wFDvCjxrvzv74baMFk0CUQAeGdCweRX1nfvsRr0CA4IDsFGk8O-Y1Cg8jgwGw8Q06Mef5opAN3-_JFTnJvg0_iLS6wW0zsnaCGSZ5SXGyjC_B33yL56mPAROJKb_f5d1YGSZrqiOc3kop4rwFJYhTBIlCXDhsC3_p6cKKhN78Jm6cKa1pGuWrd2ZsLpiTHsPczNh7YR16hPDOrOcYwth270VSk9IZu9RTn79FNmvRwTMI33H7F4JUieGKJELfhpqcfEmxk30KJmYPzz-TrWlQt93ER9R9QZVjocc4qvqBjotrJZljlXrVvE_TfOJ5P3JCTZMWW-Q4et1_LuzBveW7URpKUnsoHtcX0Wv6vUI7AOveEGKjm5JeV8fko9EG29DAmf_EjChxfOzhI-S3Pf-60dilClQW0UUApARE9bxkjOs0PwIlPash6tQ0u_Mz16TcL_fxadaGqmmrIRLGALGiDY83_Ut2q0ia29kJdQ5w3tmLeb-4SyN9R88vTuBgOjQT-oOJva4kLzg1K3mknrjFAkHBBXfcYZysytfMB7_mLPSvlIShxdNbWobkS0oy_PAsnubLDGZoPU_oZwiVCNhJqLvjnIFldpU973hT3tA7DvjQVZcMcrOmmFsSmIvFlN1KSQhXRmLRB4Suq_Wrbu8DU4924KUqrSiMWSKEO_gVMCdHCfaDB8snSxuKGVuQrLfRpbOZ1Fl03VQR-EMQgx2HceA4_wHnhrh-wN4iqTiroy9-Z7gUBuiKuToYxbIVNi6LEeHhtLnwhGQSX9cGvVX1eZMxUHOUxGCnP4qHF396jBuaroFZEqdYoWwacQbY2aqoDpeaMdi2ub8c9F0ZhW7wK3ZQ5wNxp4uJcszSWNao15tpv6RNpsBfu3-9q0Qoqn5J7SNFLYXSvTdNspenkzQNrjFPcsJkJYjL5ycH1wnKOcS0wquIkpLWNIEhjZAsO8NysAZdTHmatMI5n83pHOHFp4ZVZ9PvTm4odzxlIj_NaJvM-X4n0dJSLK5_QCTeMi9GzZ1KV-3hEVm4rZS6AKwtkJi4_Tbc73Tw4CWukcfWpl7rY_GKZ1Pig-FZEYPeQ_wKVNjjiMEA-GjMWHjUUilk2sDmQqqeUCMOPgBxrbl76jFjB3Jm25Pvw69iJ-SKiwzy1v98UwiuRV75fEDAwPSmUNuNqnY83pmw4_sEfWsNLSMAApW9crVnUbILF6Xl_Dab9Jde81Pve7Cy6lMZotkNI8M6Q0NgosBonv6wL4lQQ4SPWLN7gs3WNkZWLaT_xB7Dc8lT2erALQ9b0aln0PlOjQ89OIHwclBuqZpYdGg7SyakwcdkadSu-WDugOd2abwe7vqpT1PaEquzauUeb4JkGiZd26Trbt9xPj31KExifFvIKQNFV--CeoOmkyc7nSOV0QOknEwpV9rc-XtPZTZQldcGHg3Cb0v3Ibnk7FCdUmMqUxH2siSqww_zzX0GiD_3l0t1mpcr28aAihv9HbAi3USpfMHyv0j5-SF7dLYiCanSzZpRsI4Ij2VqbRG4h7yP-yDDMXnXLg1BHtwpnurvFzoY42iu63Ii_am09o3-vsacAVmcSbdOAieqC0KrrtXrqNt89F7MoB4ImXxr-TlXUGMP8PjOET1xdLvXg-dcim1tv64oBwfkRI7KDa_lNhD84ypNy1RWVyuEA2K8w936LhJSZ67GR-IUiBs25TlELu86P8A2g&cid=CAASJ-RoTlSQ91Y3eb6Jxnb47e8ju9tnXQwfulTIau3elOIlixTXoscXvw&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:13:36 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 82E1 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CiKYkzVTVWb3ZTVwAZAbEc-cPJ26ItN6xk_8naQOv29vIhwQWTmCXElX-X-OWodXr9tzQdiJI4wHyCoBGOBcRpdU4w2yKiNpo1c9nvcJfjV_scgWMcU1PfdgA6Ad8sgIV-uzUpGk4xfsSA82T8se_dFpD3jQ&dbm_d=AKAmf-ArW1EM7fcelTjod6CqfEYqwieJt-2vph_sI6745LPypdAGgbLTs0_QQRT50Occv_sQ_33CbPMT4jAX6V61z1alYiRD6bkenvoA4Bp2uLaixpzc0d0B9JfviJtuFi5MQc0mwaZR3UIsjKaMrU7hIRb1W3_OqutSBI1PRbSpTg2bGNdTMdbEQqGrQ7AVwdbBDmJ_8aokmxNWlS2CLd2Kg-zanmHYG-kZkp3D6rdO8_NqUOt1fM7INGfaEmUTBTMfnJqHddmX3MsrITiEAuC-ZHPtaJCrY4NefZqGC1O7Kj6BdO7nqdoaN11fN1qyMNaTRp9lekS1QASYvQlJi2upXs7kOMXHXhBvahS6Iz1SkKZgBG5s6vGF7BLqksqTtM1St167dea6x4Wf5TIdSr8IdT88jbnLbWYxdZHtopFggejLTcLOZrSE6VuNZS9zBZemhrbAQWeWj7s48qE2cHPHQKrOuStv1YLY0jYaAKoHyfw9B1KLwEWAylyNSEIydkRJfQ4FI_dlV5SRpru2phM_OggMsMj9nNoIgCPLvRQw8jwCX-qGA-9Q5RdeihmTvYX0hBh8VjYoJamDYyatnGf6wwIovgJ1K0BGPBiogTqg9LY0dDkU91Hq5CBTu1mFFnGvCjz16I11u5dTGHatHGaYtLEzAhDI3FcjDRr6q7XluhqUjVxUt83czRKPPbjpXLIoc5_lNHtL_YglaKTx8G66DzT_Bz66Xr_XoZkTOhDeNEIUyh5bznBZNXBV6uk1e0MqRx_KimmiJGd-l-Mr0ZZtnA6_9TCPMpmlpXpXZLS5RuQFwjyullnew-cIxv_2V4g2hw4hkplZvRNhv8zb-tIZfCn7nbcZ2h7eCP7QW0iB_T82o616DNcqdl4WFjmfhY5gpbcPZenjBxJbb5os055-MnjsYvSlxxxEaGvrAWXtu_xIYEldl2GQN_jV9h8vQn2ulkOUAUoICoROOBDWCGSFF84WmznUR2wZ9TkNKKvjuqxyo6vSmg1vXmYngyw8A7xC5EIb8-pHDGu5Yg8OiR6HKYkLKh4A84RTjk79ACeNQH-rCblFDg5GwKzh0KNxFN6ijhtJatFssLVCl3U4b1DPC7U_M3MxbRHl9SG_sJj1mmjEsHFNpR28KpfqwwkqlmHibDjaKPIFJMU-Ob7VKvoSN97bG0kjBMWCwLrOUsXq6OrTI8UbJ9-OSaJiR3VwFC5AMSoFMMCoPTsCEkMtMYTg1_s9wLpWOY9QZAPcI1x93E8m7QaC_aOhe5bv3LvEr_USNTfqOhCBhZ0c841MTmNfuOTQCsxhk_ISFU-lOHFuK3GdPM4DXv63jG-3WAAg6DJ7fmv2C1vfrN5z6FKVEFLeS0FXxVOYYVATsH_4tZ4WjmrS7T4zQbfzEUjET_smTmff71VcI8quHZu8olf6hHBDLmA1FIArfJ3-sUsMtgz_9JZ-vkKMsE1catMbuY9wvUMJsL0Vcxytbb4bskCdruI93_2-BRQCiLPLvELtcmWiGmpvPisr60c9DS4kDFclvm8XOCrIvozR7jXgXqKSl8D2rcYnrIcVNX1TJZIp3nkTTBMHfdrP7WJ0EID_U0jJLCNATcZVho7nc_6_K51k-8mgJ1QvFfQmae73IYmnn5_hSbBgLpac7spuuCVLCyBoZTIKGrJPNSorZe6TFHnkt-qx059pLbuFVPhAczQfShkN7SjqUtILV0X8fYahxD6K_ASABS9zbWGn4D5lQlHagzyKY_-mZZAf57viDdCj4AO0ise4mQkQNa12IZTX50rUbJtN7kLcIA0vPIs1WaRTtb_z2P1YbI8fEWxexXYoLAqIScnP1pHdnH3vCy1V__tpNgTKf_figurtRd9yMsIl0z9KUMtU3_CpMbrH01SRHI7Imm4_wFDvCjxrvzv74baMFk0CUQAeGdCweRX1nfvsRr0CA4IDsFGk8O-Y1Cg8jgwGw8Q06Mef5opAN3-_JFTnJvg0_iLS6wW0zsnaCGSZ5SXGyjC_B33yL56mPAROJKb_f5d1YGSZrqiOc3kop4rwFJYhTBIlCXDhsC3_p6cKKhN78Jm6cKa1pGuWrd2ZsLpiTHsPczNh7YR16hPDOrOcYwth270VSk9IZu9RTn79FNmvRwTMI33H7F4JUieGKJELfhpqcfEmxk30KJmYPzz-TrWlQt93ER9R9QZVjocc4qvqBjotrJZljlXrVvE_TfOJ5P3JCTZMWW-Q4et1_LuzBveW7URpKUnsoHtcX0Wv6vUI7AOveEGKjm5JeV8fko9EG29DAmf_EjChxfOzhI-S3Pf-60dilClQW0UUApARE9bxkjOs0PwIlPash6tQ0u_Mz16TcL_fxadaGqmmrIRLGALGiDY83_Ut2q0ia29kJdQ5w3tmLeb-4SyN9R88vTuBgOjQT-oOJva4kLzg1K3mknrjFAkHBBXfcYZysytfMB7_mLPSvlIShxdNbWobkS0oy_PAsnubLDGZoPU_oZwiVCNhJqLvjnIFldpU973hT3tA7DvjQVZcMcrOmmFsSmIvFlN1KSQhXRmLRB4Suq_Wrbu8DU4924KUqrSiMWSKEO_gVMCdHCfaDB8snSxuKGVuQrLfRpbOZ1Fl03VQR-EMQgx2HceA4_wHnhrh-wN4iqTiroy9-Z7gUBuiKuToYxbIVNi6LEeHhtLnwhGQSX9cGvVX1eZMxUHOUxGCnP4qHF396jBuaroFZEqdYoWwacQbY2aqoDpeaMdi2ub8c9F0ZhW7wK3ZQ5wNxp4uJcszSWNao15tpv6RNpsBfu3-9q0Qoqn5J7SNFLYXSvTdNspenkzQNrjFPcsJkJYjL5ycH1wnKOcS0wquIkpLWNIEhjZAsO8NysAZdTHmatMI5n83pHOHFp4ZVZ9PvTm4odzxlIj_NaJvM-X4n0dJSLK5_QCTeMi9GzZ1KV-3hEVm4rZS6AKwtkJi4_Tbc73Tw4CWukcfWpl7rY_GKZ1Pig-FZEYPeQ_wKVNjjiMEA-GjMWHjUUilk2sDmQqqeUCMOPgBxrbl76jFjB3Jm25Pvw69iJ-SKiwzy1v98UwiuRV75fEDAwPSmUNuNqnY83pmw4_sEfWsNLSMAApW9crVnUbILF6Xl_Dab9Jde81Pve7Cy6lMZotkNI8M6Q0NgosBonv6wL4lQQ4SPWLN7gs3WNkZWLaT_xB7Dc8lT2erALQ9b0aln0PlOjQ89OIHwclBuqZpYdGg7SyakwcdkadSu-WDugOd2abwe7vqpT1PaEquzauUeb4JkGiZd26Trbt9xPj31KExifFvIKQNFV--CeoOmkyc7nSOV0QOknEwpV9rc-XtPZTZQldcGHg3Cb0v3Ibnk7FCdUmMqUxH2siSqww_zzX0GiD_3l0t1mpcr28aAihv9HbAi3USpfMHyv0j5-SF7dLYiCanSzZpRsI4Ij2VqbRG4h7yP-yDDMXnXLg1BHtwpnurvFzoY42iu63Ii_am09o3-vsacAVmcSbdOAieqC0KrrtXrqNt89F7MoB4ImXxr-TlXUGMP8PjOET1xdLvXg-dcim1tv64oBwfkRI7KDa_lNhD84ypNy1RWVyuEA2K8w936LhJSZ67GR-IUiBs25TlELu86P8A2g&cid=CAASJ-RoTlSQ91Y3eb6Jxnb47e8ju9tnXQwfulTIau3elOIlixTXoscXvw&rfl=1%2Chttps%253A%252F%252Far.theshookers.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:10:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Apr 2022 16:10:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F6B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBq07hZpZYoiaDIa13gOGn7lIAAAAADgB4AQC&bg=!6uml6a3NAAZvJBiFTyQ7ACkAdvg8WuRZ9VIfd-URvAid5CjeNhz_-gocBqC9bFouOqLMaznLPXmt0AIAAAUiUgAAAAJoAQcKAB5VWV4jaHdoh4bTAEMfXqA3XayWlBm3MZ65stCsAjaZAvzA5To3GPzCIcEKrAhMFi2Aw-QLahG3sY85WIAsxVdW_JibS7yfk-s0sYBH42S4zCWKl31Qv7OoK2hlGL2eQgnY6wPex7Sb5DkxSobmoYiY2uc232QxlQKCA7wDxqge20M55oTp6xvgClokkZ0Jm-j9x4k2N9UKLKt67P26812dMdpW0vw1PgeLsr46Et-ul7dxiX_QBeqqhQoPbN3CooiB-MtOIkVffsgN8hBApiJYIoVCFBTHRvU1ian4OzIztyYDwmOvQR1kkIZebge0bFzCC_CBIxsfeardkl_tHF3FUprfjdiJ16cjo6xbAbJwvgsn33iqAE4jZ2TLeVFqCo5qmNaUvmxhwM5nLZZyBAO1Q94M2TbpWEJBfHmW9NB57pI3OPto3oMJSemv4ytR5qTVV46_MOwPupZwghrxDd9lP6MuidD7lDOHK5mIVHKWxPIjXIpbPWU-uyxr5Yb5amxygly3a61qCwLme6ZTZKf3Trdipm12eDJMjImua2av5uZm1FNeigJzNwZyLlvJc_QyLoQKGM24hm4XDTDkTxyNBp2eUqhQVQfC5cTFPlToajCTsIIxbWTI_p36fUIZV0cBHmKzJAGS42GknFVcMH9Fu4twrl7vClaVRum5ipjS7qnTpiqjp8ZLZf7WJNgabvk7BJvEslp81WUZYDql_Y2R71OGNrU8zGjxMuXW-8JikDwVOJyw-Wx4GZEIuawF3k023b0zuy7B8xa55Mfw3eaTHUG1fZ3Iu4IsZj-3k5KkKK1QpCo68JXySzIJLkTh-FGyh4kXBpZenjExYNrzbgtH7RypefvhI4a2JWKbQogSs1ItDEI8u9pkdMamnQuxBdCEnFiN15k5BEzEswa1Kw1l8UEhrQrPk4ZtVRwhTFh49hESajl1gtgXc6-PuLdBOVvDBdgZnEfbOTsAWGJ__EvfFHo4UIICLp2Gnhkwgxx0195QiRRouNNRJykmYUrp5gegH0AqicwUeFA2tg0w6fK-01PYGok4a_zRC0DnSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x090.html
s0.2mdn.net/sadbundle/8865269517622706176/ Frame D252 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44ca59252ffebbcc9864376cfb9f4c0ef3c8ca09e58fd889f610611058bbcc8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Apr 2022 16:17:12 GMT
expires
Sat, 15 Apr 2023 16:17:12 GMT
last-modified
Fri, 23 Jul 2021 06:16:39 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 82E1 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9reca1_NlqV61nwNHC9mjP1YjS3c9OdDDP5WE1Dni4KDc2w_xUhHBSLBQN9b6XwILaLV5QRQ0QFLxe5zsgOnnihs11oxM41FJvz2UxRQeFQ_XSDqqIIgR5vbBxE_MjnYSdLsd-Fod_f3c1ceOfuRM99CZ-FPVZGQm4Vun98SdTy9aadUv4jBI_hyWIl_uUJMuppNLiu2PRIEzb15OGl9O65fMte0mZXqeNyRjZrlGDDUnxsUtMxuLZ2S6tx00BoK_1sMDIeE1xPTx9qNGYLMwn81PKrrwbf5yBYGs5ASkj_98ImfbC3mnBoosnmfjptnVZ8XEoVP-vRLv7pK_RU4fUbWRbM2NKGdE7UbZ_nBs23WzFPtdfMjW_HKliGxJvw77V1gE1hC1_JBv3UAXHAqG5wpUCcvlDggy3FQcVkfjvBqJ3OX_RiMriDgDAyCBihrwFwpyOSOoQA7qagw_LVxrWECwcjS7vJOK1p7aQCOYQ0-1GXIk5Ydc3Y-SLki8abOdlcsTIusE3CNNwS-YwYR9vz6ygGHILdk4uMy9Wl51CEucICRVdOF9h8cIDyoV2JRvmF317fRrZs_Z27MVcDyES8jHv2UO1eLMfyh6Xi8s3GlgH6PizAu44i-ZOnU94earh-f5zfeeqhKuWpTT1dRM0x4XEc-zmg8pyQofH43mK1nrWTNgL6MS0_-qGQ4lGGodzB3tIzZAnEnvBSKpNXT39dGG6QE6UG2AkSKZTh3m8WL-lJCpmeQ3y4n8TJjXTXo3W2VPraZ8A2phLobjkkO8QuHMf2YuuxX3KWxpyN68USMzJaLoQmeX3CG00FD8lE3oIRT2F783mhjn3Tk1W6sWhfqw3X9FHbhVYKZCL1b_KJtPhE71n88dXnIsr477gD-QkcJoNrPmbf8ENg65_28FWzyynaEf-gyyiswfzVhfyAEbVzOxZKpsW1-961F6VhbE-HkZhS1tzx9iniiJMvkjmKu8D3u4b2pRVM-PYum622h3L36UbEGF4ca7BK0EPHHouMlRq91ucfGHDS7xSPcE8_VFZPVbkVfHOyEKc7kxUDegiOSO8xaUX-wzG75gQdRmJty_OYI9nh04MFnLWhf_s3mbbq-SI-YM0xMWYMjOzaUSMznEGLztcVhszHHbhr-g2qIB23ejbpvp4vOwtKZMqJoE5839w4CJdo-PabA5MyqqhtCDnnD1A9I9TvAHGdMpvkiO35LgSo71ygsOBw&sai=AMfl-YT-X4go5iXRBtaCUTjXqLQ6U3RPKluR5B_rfklGZP3JYyBjO3d9Pie6Czlg57iKBZxu6SomiT9Ak0bxXOgRc6t2G0J_1zUsdp9-6heOgom9gtUa9vakJDRDoWxUDpYjVzXc-LrMph5xYPiPR2OZiTY0YjlCOLgjpsMYzzc_zlw-E6z-nMkS8IEcsmgP92Mfgz5vtdrXK8RvsTPgNIgr8v1roA4WTvmTDw&sig=Cg0ArKJSzMP_bTgrTkHzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=377&cbvp=1&cstd=366&cisv=r20220413.57498&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 15 Apr 2022 16:17:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A05 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_qHBhZpZYtyfDNGDrATLuqvAAgAAAAA4AeAEAg&bg=!Z2SlZCDNAAZvJBiFTyQ7ACkAdvg8WoIILikXR0-gkfHz01YDzOP-cMgNpbBXGIK4G-sMJtoCny0DOAIAAAaGUgAAAANoAQeZAzyX31SyMZdQAmBWKgphSuayZ8tEgtdO5kKPUjJhQkFU0engiysfYHZK1OukZSyL75k60mQEHBa3ItUqC4cK1kkp21qmvU3Gy2blh01DGYSLDw9pjfFWAL6vFzjWiRm6kmNbmfuIJ1lP6CY2bQMfQFPUWqcOUg-LP96alGg1ylw7erHgYsYflDxdPkeWGm8rFtzvOpgM3nqusj__POyA6LvCR1TBm-u_pNO2YB5vi56iZLCFwu5wEBuDJbYXtx5Pfal0wLysz2RN_o2dpKPLMDyyAj4JUDoIDYFbqW5NQOCuhI8V8f6BA0DDBmjM0evgSPNsKytIs9l-8oxEWAilTYUV1ykCF0gQmN8XdOvY0v-DCR4njOxbVFPmyk372Kn715dHx0_B5cj3JAuNzQaHCeZ0O5Am8AfrOtfO7U-fRg_E_gLF29ex8MhHF6woZtk7IhaVrQH0RRHwb4OiPx_mv1yGQaMzc6ofNFg6_VTVze3f1dOrX9ngOp09bAope2QZGGNhSE0tBiP1VqfviRGQlezAsv9CysXsByjJ2ouRDGIiHjAnH92BE4UpfAGHfoH-2J59SX3lNrM1-7PVfsnSTBsq51sMZ1s0_bwKNfULWQxSOf9DlH_MBObtJDz8gU-4EHLN1usZZ1D6AJo0us64ZbL_7v95te-07XEHCBd_4vl3bX_LhrAzPBV0usAPf9DAhAu_izlQtOZU3gzYhHwJaeZoNO8fzNjbYTU8r0e5uLiwAKrJBikbRFGwtvbSWkbDGOR2jEhNoMC4_s7Zsv3m9H5cZqWXlPgz-ArnwJNZmB1FPV3PdV2_dm3GCSzEDiu_RtGcbWVS2BDA6jNPNOYAcLb_ke1OtFVWIGfeiONZt1MPO7SgiE1YqVQ61QIr88kuHm6icfDeD0eSt2WbCnVWsUILB70s6Z_xg2JDwy-K3lGq2iTYQ_TTe87X4aU0MYD4CX-ci1WUuEBrtPTUyQ-MkIXTqwKa0ovQx54WOJbbcpBZHQz5PifrUTD-NxDxMiUvfF92-Kq_HraCTjbL34RpwhL7Q5ZmnCBk5Z4WaFq68Zd2HskIXgwnu6v4omAa0aadCirjq-6meuBDg-F5TTY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 82E1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 61566f2135966656f464611df878c605.safeframe.googlesyndication.com
URL: https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 14:24:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93191
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 14 Apr 2023 14:24:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 89B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=2193760508766933&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
truncated
/ Frame 82E1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfda24cd2c265e8c6f6769a7d281b5c5d9ef2f6cf03f1b32041e675d7d7114b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EC2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpI34hZpZYuSTDIKRjuwPlOOO2AsAAAAAOAHgBAI&bg=!pqWlpeHNAAZvJBiFTyQ7ACkAdvg8WqOhUrUK7ADCt-EVSx-JOZqBb4ab8ibYYd6_ByWJf2ieQFcvxQIAAAYJUgAAAAJoAQeZAvOxI12_r6j5hjsuGhRc-8Wo_lhHfG6cipFl-O2aG32ogdoQniYlF2MehebNoWjeK5d3_0_-ckmQ6-w6BdL85iwCz-EWvY_qB4BohZtKdY3HKQDLbTrBC4eG7YFFWGu76rlIDSQv0qcQIGr-YGXljff8mj1CvsurQcLpa-RTycpk_1t_vRlmjrh0lkOtTYFTYlj6cFcRbtPkV68S3C-hiNCj6NnmQ5UkKPKR4qG3lhNRhk3fqJsJbBJU0c862UDLzkiRkaeVU7Getgh43nrItp2h_MZMDoqiq6K7xYuCzrs4RYqt-84d47D52c6P0vSZ1hsx0CjBl_6l0y2IumNs4NpqAd7Z7P9LPWSra-YBtv5lc7O8PxYKBDUFR5KzbxfRq9jVHoYY8gh4-aAE1zvMDuzPC9on95sPMlmOjgDwrpzkKPCQf6e0ecPvLeT--1C7cYd8SJE9NKmXmGnQuDqluCNs1xBXctMrEiRpF3-lq23rzIg-zbHNbOSBZc02b1x1PH_bIoKGm9sC7FnhzpZpgFUwXkUmhFjFvXW-Fxx7qgNRTu6mTGzftyfv8cMjefVAjdpOLDrYycqyY3Wko--u1ercRwYXUYy0u4GFz0wRtbWwt-lDkSRMrjgdOOkmXQZDBVLROnNgcckuKgmfbI_BQJatXkKsPiydVRorsuB9OO0JzaC9wZojKaiId5m-m5k1vegfotsS8gx0LuWavD_OJ56ErPNntSxkkcJ6BepyBf-mBk4XtQXfvVRzRsLuq6NFfz1nixZHuYOYGxkwrF8FKFvm261yD49vNVQqvvNIuns-pDNGlRzCeh6Y4NJW69ss3AwU3e0ClXO5SPKhcsKKJHdoz5qRniwB3gHxdFM3S6zwLchhFeo8amS5-zjMOnZzhSj2sJ3QMOcOtvuItqrX1Q_5Jtnf2QZPAenXcSQh0Xkx4QcoUnXqVjUzw-0VR4cHpUiKokHd2vog9_79ZEG2c6vC20FL-fjwXprcdvYaeRnuQl_7Rg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 28F3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame D252 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 11:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Apr 2022 11:23:14 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D252 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:17:13 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1E55 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
93192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 14:24:01 GMT
expires
Fri, 14 Apr 2023 14:24:01 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 82E1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9reca1_NlqV61nwNHC9mjP1YjS3c9OdDDP5WE1Dni4KDc2w_xUhHBSLBQN9b6XwILaLV5QRQ0QFLxe5zsgOnnihs11oxM41FJvz2UxRQeFQ_XSDqqIIgR5vbBxE_MjnYSdLsd-Fod_f3c1ceOfuRM99CZ-FPVZGQm4Vun98SdTy9aadUv4jBI_hyWIl_uUJMuppNLiu2PRIEzb15OGl9O65fMte0mZXqeNyRjZrlGDDUnxsUtMxuLZ2S6tx00BoK_1sMDIeE1xPTx9qNGYLMwn81PKrrwbf5yBYGs5ASkj_98ImfbC3mnBoosnmfjptnVZ8XEoVP-vRLv7pK_RU4fUbWRbM2NKGdE7UbZ_nBs23WzFPtdfMjW_HKliGxJvw77V1gE1hC1_JBv3UAXHAqG5wpUCcvlDggy3FQcVkfjvBqJ3OX_RiMriDgDAyCBihrwFwpyOSOoQA7qagw_LVxrWECwcjS7vJOK1p7aQCOYQ0-1GXIk5Ydc3Y-SLki8abOdlcsTIusE3CNNwS-YwYR9vz6ygGHILdk4uMy9Wl51CEucICRVdOF9h8cIDyoV2JRvmF317fRrZs_Z27MVcDyES8jHv2UO1eLMfyh6Xi8s3GlgH6PizAu44i-ZOnU94earh-f5zfeeqhKuWpTT1dRM0x4XEc-zmg8pyQofH43mK1nrWTNgL6MS0_-qGQ4lGGodzB3tIzZAnEnvBSKpNXT39dGG6QE6UG2AkSKZTh3m8WL-lJCpmeQ3y4n8TJjXTXo3W2VPraZ8A2phLobjkkO8QuHMf2YuuxX3KWxpyN68USMzJaLoQmeX3CG00FD8lE3oIRT2F783mhjn3Tk1W6sWhfqw3X9FHbhVYKZCL1b_KJtPhE71n88dXnIsr477gD-QkcJoNrPmbf8ENg65_28FWzyynaEf-gyyiswfzVhfyAEbVzOxZKpsW1-961F6VhbE-HkZhS1tzx9iniiJMvkjmKu8D3u4b2pRVM-PYum622h3L36UbEGF4ca7BK0EPHHouMlRq91ucfGHDS7xSPcE8_VFZPVbkVfHOyEKc7kxUDegiOSO8xaUX-wzG75gQdRmJty_OYI9nh04MFnLWhf_s3mbbq-SI-YM0xMWYMjOzaUSMznEGLztcVhszHHbhr-g2qIB23ejbpvp4vOwtKZMqJoE5839w4CJdo-PabA5MyqqhtCDnnD1A9I9TvAHGdMpvkiO35LgSo71ygsOBw&sai=AMfl-YT-X4go5iXRBtaCUTjXqLQ6U3RPKluR5B_rfklGZP3JYyBjO3d9Pie6Czlg57iKBZxu6SomiT9Ak0bxXOgRc6t2G0J_1zUsdp9-6heOgom9gtUa9vakJDRDoWxUDpYjVzXc-LrMph5xYPiPR2OZiTY0YjlCOLgjpsMYzzc_zlw-E6z-nMkS8IEcsmgP92Mfgz5vtdrXK8RvsTPgNIgr8v1roA4WTvmTDw&sig=Cg0ArKJSzMP_bTgrTkHzEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=831&vt=11&dtpt=454&dett=3&cstd=366&cisv=r20220413.57498&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ar.theshookers.com
URL: https://ar.theshookers.com/a/sync-quiz/1iRn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame 1E55 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame D252 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:15:34 GMT
x-content-type-options
nosniff
age
99
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:30:34 GMT
OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame D252 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:08:53 GMT
x-content-type-options
nosniff
age
500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47848
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 16:23:53 GMT
60005582_20220110062031600_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame D252 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220110062031600_728x090_LOOK-01.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10f2caf31f8bcb9789120308ea3be1fbb208307ae9c6be9caafd8d24a6eb8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 20:39:31 GMT
x-content-type-options
nosniff
age
70662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28836
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 14:20:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 20:39:31 GMT
60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame D252 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235440811_APP_iPhone-13-Pro_Asset.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 17:56:11 GMT
x-content-type-options
nosniff
age
80462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26568
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 06:54:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Apr 2022 17:56:11 GMT
postview.gif
portal.o2online.de/nws/img/ Frame D252 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=0_0_0_0_-0&ref=0_0_0_0_-0
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8865269517622706176/728x090.html?e=69&leftOffset=0&topOffset=0&c=YP3jL4eEgU&t=1&renderingType=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Fri, 15 Apr 2022 16:17:13 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ Frame D252 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
098992abdb608929226a8d052b343bf4ad11f9de340e9f714024406316c5297e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 15 Apr 2022 16:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5502
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 28F3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OcW1Ag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D252 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 16:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Apr 2022 16:17:13 GMT
iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
pagead2.googlesyndication.com/bg/ Frame BE88 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 15:57:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
1165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13566
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Apr 2023 15:57:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E55 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPi_qiJpZYoaGEpH13wOLh6rgDwAAAAA4AeAEAg&bg=!UlGlURXNAAZvJBiFTyQ7ACkAdvg8Wi7fPZQ-CJwjwgMLOycUdx6PX0e7gX19dukWI_1yosCyVtfonwIAAAEvUgAAAARoAQcKAA5ORuAttRafKf28qfjGIZkC9YM94pR5gIfZCveutJcgCWO1KrQQoEICt2SzNU627if0Yb3fLTzh6a9xVlBzXl5dAbhFTcZ0W9daXVgKX6O51XlyoRI7hrdBmfmJX2UqUjG4P0sLgIbQzwdS2vy5mBEN2SE0U_6bkw_DLpCtdA8gy36SrBK77tUh3he_xkhVm1psxM3LqMEYfF8jp3wbwaf6y52L_4IYJIjfw1Izdb0pkJXh6MMueK-rVhtFnDYVBpX3XdRVq8L_1bloMqeYKJBuhUTBCZpXQMpf9zO-MMAvzNBcBUvq-iuLq69n-CRodOr1Jk0klm9pEDzqgb3jCtVyz2zxEC2V3YOuDhkRefv96urJxGtrG9RdYrz_2ostqB3nevpPEGhG7xAQDOti5ygEAjAIMsR-ucKvz5urhWvEceesA_Wj7l9H3BsDO65r5ZNouhQQ--TFrck6oADyCU6ELcOfN9ddtRuAhc9BQdmML_AUiYHjbdm0La3VIh_hIOKoY-_PVj8YGU5SEmgizPRGi3Ml0e1GdSTqzb_IoFwSDxGojRqfdX-W6MpYZTJkno3P8ZZHbRmZIuWkYnrklYno62twLbhOBuR6civDlpSxoErb9L3xA5GtcvkZm7ZhqDCPeVMnaYFqEMTiyTdT8-IMzXA99XRDVXOGxHFzfyJIPui-qVpPzVKXsh_5pEggLtQmJU7zEmIuD5bkL10j1tW_-hFbQwsbkkzrn4qheNL3OiVwwiRErdRFsey5AwY-4us-Mvq9D8AlHc-63o4tV-AyLvBrnZcKr5Iz04ey4pGEENemzHa1jzZpt9CB9xsyC8BtKWepvYBQb3hD0T6TNR3B_FOFU3Dzt3RLOFof5PLpjOHD7T_qeaiO_WKDI0WGoeqA8at-MZMv_ZY4iO9MSasb2HY6OfiGOmzIMAQkK0-cJtTlwpTknmGehh_e64ygGckAA7n4LEqIshp2Dja8OlYbmaw6Q32VPlsGB1lz-Z2nk5hKge7lPRb7IdGesOb_Cx3kazLi1qg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=2193760508766933&bg=!0dKl0pbNAAZvJBiFTyQ7ACkAdvg8WoaerQVNNsv0WcnbluoX0HBMWxZh6fg4skmOo6eVnjpkI266ywIAAAD2UgAAAAJoAQeZApsHmZ0kYVqLTQ-svmgP2T1Iaer7j93HYudnpeTM7qvYECEL5uy6SFF9nz9uxfBiABzoIycN-VVsglBqwk9Hdekkztua5fq3rlm3VblpcjDLdvQHTIsFK1XG9G0_gIk-PXrie9yzU7L75txVl_IcT-awjDKsv0v4xUVA2bhC9XxJ6B_osBZ405gyrwcFZ9EG40ikZsrZo_D0e58UJfESjwjvljOhsL1zyurSTcrKQZlT9ch9Jxc7oVfQJA-BJ4_pC9ZuH1sa4TZOueTOpNKuVJG-McGjvZhWNrpswOqvjk1mz0tcZcWlB_-cEwXYxhzVImZmYsnrQ2Z8QRaDxBIluqKDD2moxK0-WW0Laq7cK5hP-MSAZQlattSnidNdT6j1BXLzUMW4k1NkKUKIRoOyNzZC51lSOBpDXoch3jdUt4uTbj7Z0LtMh2tqJ_CwUYTeJFMptDXXN3qqCQYhpWjnw81SOAPyEV-s7xX6gVa2Lq35qk_vV4wq1HBFXR99u5K5Nfe3c9-wLciEopkaF6pd_0D7vZy8sALTFH76tpWK4seoyDkbf5v0naJpWKT5Tg7JVNcU5H2rqqrcz0MGhACn3CfE3M5qADkA6pAlB26SJtLf7n9S5AryUWBtSfgjg76zQJNK_qcKIjQUOU0fHLWViRk7wSclBBNyWRDd4TrbCpkq-In-bIDFyc9I4I2iOune81Rq0_yJKC_6s-oxIKdhRaEQ1Q8zkUa45DFjVoKKQEyhCQkkUzqRwPKOoBv4EGjFX6TFTtzzw1R1jzJ-6XsGodWkCnOIG9KLB4ZW5zTeiinqJM_Ia1yrfljpLjMNmakuuHmkyhbbP-IfsU9iEPuJHr9AZ28LZwyzHIvUK7bWjRn4v8iEl5xJxQqJZ4gN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ar.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 82E1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYRYJB3KCXrRKe7EOoErmIeMCAZsM3NF_HPAhjIHqFrJ8_8bqBnyO-nRe7TBMBchMRRRBp65MFplBujLefmz__ItfJ213jUJI0WOnc3VcAacgXVC4VYw&sai=AMfl-YTByU-370tFn0gPShQJDJ04w-qaRubMOI84XJwRrThcexlYZEMERrH9mF3wToE99rwr7-rgtpaCqsBj7crYo896N4JE-48KguybOzHVXz_hUNOtolbjpf-p9yGNsi4&sig=Cg0ArKJSzKiE_uv8_EAtEAE&cid=CAASJ-RoTlSQ91Y3eb6Jxnb47e8ju9tnXQwfulTIau3elOIlixTXoscXvw&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3487201439&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650039431443&rpt=1456&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMInPar8LuW9wIV0QGLCh1L3QooEAAYACD1ldFFQhMI--PO77uW9wIVyQfgCh1umQ8n;met=1;&timestamp=1650039441389;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D5CB 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInPar8LuW9wIV0QGLCh1L3QooEAAYACD1ldFFQhMI--PO77uW9wIVyQfgCh1umQ8n;met=1;&timestamp=1650039441389;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIyPCr8LuW9wIVhpp3Ch2GTw4JEAAYACCs3c5FQhMI8PbO77uW9wIVDkngCh2-BA_F;met=1;&timestamp=1650039441412;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame CDD9 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyPCr8LuW9wIVhpp3Ch2GTw4JEAAYACCs3c5FQhMI8PbO77uW9wIVDkngCh2-BA_F;met=1;&timestamp=1650039441412;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIpOqr8LuW9wIVgoiDBx2UsQO7EAAYACCs3c5FQhMI8fbO77uW9wIVDkngCh2-BA_F;met=1;&timestamp=1650039441466;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame E87C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpOqr8LuW9wIVgoiDBx2UsQO7EAAYACCs3c5FQhMI8fbO77uW9wIVDkngCh2-BA_F;met=1;&timestamp=1650039441466;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://61566f2135966656f464611df878c605.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Apr 2022 16:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| googletag object| pbjs number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT boolean| isMobile object| cn object| adUnitDesktop1 object| adUnitDesktop2 object| adUnitMobile3 object| adUnitMobile4 object| adUnitDesktop5 object| adUnitMobile6 object| adUnits function| initCygnalAdserver function| pbjsChunk object| _pbjsGlobals object| mnet object| c object| arrGoogleDfpDesSlot object| arrGoogleDfpMobSlot object| arrGoogleDfpSlot object| arrFooterAddSlotDes object| arrFooterAddSlotMob object| dataLayer function| gtag string| __ak number| __ci number| __gv object| arrGoogleAddContainer number| adWidth string| google_dfp_client object| sticky_note_google_dfp_client_after_gdpr object| dfp_ad_size function| $ function| jQuery object| jQuery111306041714035308421 object| angular object| SITE_API_URLS object| myApp object| loginApp function| changeLang function| changeLangDomain function| closeAllModals function| go_on_top function| question_add_option_continue_button function| refreshDfpAdd function| change_gender_state string| currTheme function| toggletheme function| redirectCalculateLovePercentage function| redirectToUrl function| toggleLoveMeterMenu function| confirm_delete function| confirm_friend_delete function| clickSound function| clicknextSound function| match_input function| country_selected function| check_play_form function| check_friend_form function| select_langauge function| fb_share function| socialButton function| userAnswerStats function| gtmEventTracking function| snapchat_share function| instagram_share function| whatsapp_status_share function| sendPushTags function| sendPushTag undefined| pushEncUserQuizId undefined| pushState function| getPushTags function| incrSyncCount function| postGetPushTagsIncrSyncCount function| loadMoreStats function| shareStory function| shuffle function| copy_share_url function| openNav function| closeNav function| addHoverClass function| removeHoverClass object| elem function| playHtml5Game function| playBackGame function| getNextListItem function| showLessBlogsAtHome function| showMoreBlogsAtHome object| arrJsConfig string| abusive_words object| abusive_words_list number| dcConfig object| __iasADX object| ggeac object| google_tag_data object| google_js_reporting_queue function| _0x1f5094 function| keyGen string| __acc undefined| __cam undefined| __gyro undefined| __bt string| __als string| __ntype number| __dlmax boolean| __ce string| __uq string| __burl number| __hl string| __purl string| __lst number| __iw number| __ih number| __sh number| __sw number| __ow number| __oh number| __cd string| s1 string| s2 string| s3 string| s4 string| s5 string| s6 string| s7 string| s8 string| s9 string| s10 string| s11 string| s12 string| s13 string| s14 string| s15 string| s16 string| s17 string| s18 string| s19 string| s20 object| __ac object| Base64 string| __cv number| __ifp string| __aver string| __uagt string| __aname string| __acod string| __nlang boolean| __ndrv number| __dnt number| __hco number| __nmt string| __plf undefined| __cpu number| __bld string| __actv boolean| __fsa object| canvas object| gl object| debugInfo boolean| __plg boolean| __win string| __mode string| __cen function| _0x3adc boolean| __pop number| __ch number| __cw object| iiv object| __pElem number| __brl number| __brt number| __brb number| __brh number| __ofw number| __ofh number| __layer number| __vis undefined| __zi boolean| __hless function| createCORSRequest function| setCookie function| getCookie function| delete_cookie function| appendHtml function| _0x15fc function| getHLS function| isPrivateMode function| mrc function| ivsb object| google_tag_manager string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| google_optimize object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

18 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: icu
Value: ChgI9MVrEAoYASABKAEwgrXmkgY4AUABSAEQgrXmkgYYAA..
.adnxs.com/ Name: uuid2
Value: 3619726275997432567
prebid.a-mo.net/ Name: __amc
Value: 1_1650039426_1650039426
ar.theshookers.com/ Name: __bqs
Value: aHR0cHMlM0ElMkYlMkZhci50aGVzaG9va2Vycy5jb20lMkZhJTJGc3luYy1xdWl6JTJGMWlSbiZ1cT1NaGYzNU1KaDllUjY=
.theshookers.com/ Name: _ga
Value: GA1.2.868130615.1650039428
.theshookers.com/ Name: _gid
Value: GA1.2.1804049367.1650039428
.theshookers.com/ Name: _gat_gtag_UA_147732382_10
Value: 1
.theshookers.com/ Name: _gat_gtag_UA_126527512_6
Value: 1
.theshookers.com/ Name: _gat_UA-126527512-6
Value: 1
.theshookers.com/ Name: __gads
Value: ID=3e53270b985fa755-22a6112678cd0044:T=1650039427:S=ALNI_MazhM4Duf9rX4DcnIHWi40y3dKpjQ
.doubleclick.net/ Name: IDE
Value: AHWqTUntagVQQjqvo4ibkfumpT3sVO3BnUfb1fVc0HcsY0IiNECnxOKXfqoJHJ3E
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hc!qLI0M!@wnfH8K6pQK`!5=E<*L5?%L`]DyW0kviGZi86JAjQ^Agg=yIfA1oIw_YsxK%nugO%v4VB%nn1y*!_i_
.casalemedia.com/ Name: CMPS
Value: 3219
.casalemedia.com/ Name: CMPRO
Value: 1211
.casalemedia.com/ Name: CMID
Value: YlmahrSCuldIefCAVgcjqwAA
.casalemedia.com/ Name: CMST
Value: YlmahmJZmocA
.casalemedia.com/ Name: CMRUM3
Value: 2d62599a872760CAESEN0ck1-K5eQeJlCWCKRR4f4
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=0_0_0_0_-0&ref=0_0_0_0_-0

1 Console Messages

Source Level URL
Text
network error URL: https://serve.datacygnal.io/hb?zone=152597&v=1.6
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

61566f2135966656f464611df878c605.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ap.lijit.com
ar.anonymate.live
ar.theshookers.com
bcm-d.openx.net
cm.g.doubleclick.net
datacygnal.io
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.theshookers.com
p2e9r4n9.stackpathcdn.com
pagead2.googlesyndication.com
pfx.api.botman.ninja
portal.o2online.de
prebid.a-mo.net
prebid.media.net
s0.2mdn.net
securepubads.g.doubleclick.net
serve.datacygnal.io
static.adsafeprotected.com
stats.g.doubleclick.net
sync.teads.tv
targeting.unrulymedia.com
tpc.googlesyndication.com
u.openx.net
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.111.242.245
142.250.185.130
142.250.185.226
142.250.186.98
147.75.38.124
151.139.128.11
172.217.23.98
185.33.221.52
213.19.147.43
216.52.2.39
23.35.236.247
2600:9000:224a:7800:8:48e:53c0:93a1
2606:4700:3031::6815:2cec
2606:4700:3108::ac42:28a3
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c09::9c
2a06:98c1:3121::7
3.131.80.50
34.107.148.139
34.98.64.218
77.245.57.72
82.113.101.132
098992abdb608929226a8d052b343bf4ad11f9de340e9f714024406316c5297e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
123bb290d7e535508dc84350e2152c6a561dcda94f4c5bbf1fcc1f50fd89b63b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13359091989e533887dafd34a4a623d44307dbd1f9db6b8b95ab26db089adc6c
16df49c5495b8e9a2b055b207d724987f21bd27e9173564acf4d9f485e46d1b7
1a4086f6b01ea01e73f42b352500e1ee3fc4a3dba5a50ecd41485f70d661dc30
1d6862e9f10160307556a941365e321f7fa31de1597847839b0fe008ebe19fa7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3e611a895177fdfe2ec9849cf9e93c757f6e8c043cc86a97545f713229fe5093
44ca59252ffebbcc9864376cfb9f4c0ef3c8ca09e58fd889f610611058bbcc8c
476df8699000e7fcd11555e9f42a566f8daf58405ff71847b30c9cf6461bf8d5
47bf6b2e0bb21849f205a4f2d90c8e40b2773f3fdf4c764471cd050ef0a87378
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e820293e0dcc61368aeed9797f7a58782a7b2cbeac05f8da8425bf204010d70
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57196f0fa886af311198bdcd963b630eb5c6afd11bfc400ac5990073f6be3cc2
577ec76568d7b32e96b38b2aadb03d20b93b6fc952f83ac456ec9747e39dfc08
5842bfabb68bff9508bae2755aae5842547c0908602be01bcfb49a6ac2490746
59b93c82b31f94350aed274ec1f3f7bf3b0f561950cd72fe503e8b205de8fec8
59f93c8637fa1e41eb70ab270cc6a5dff7887d9ab040daec1a8fba1e3edc4cd5
5a5e6f7994c5f4b291424f145d1fede1bfb2793cac841138f0863fd954da721f
5c8a0f1d826f536af33591e1d7d655ec195591028125daa787ccfcc93e11d57f
5e831a2e9fb0ec5cedbb064ec1f2e74d282148a33b04aaae6b1445269b0c34c2
5f70eaf9f33a4364baffa02d2ad27578af3e1a2f2cd4fd116b63757285d5a71e
603a478b1e00245da68967f3aad6d73670180206e1ddfa3e024edc383df04a3b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
71bd2c00a8e0d92f57751d493e0fb95b85dea5f27724d768b02da77b02051cbd
7f8821baaee21b05b51a78063534051c84188e06cbb6c0fde9529165fd089a06
7fea218b4bde9d4b6d2b1971d438b3c83e10a523f85387cac5ac24a369dd1e6f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
882249e095e0f7bc8e032e1d6e7b9ec5c53e9ba51ad05dbded99fec922cd7f43
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d641e503600a9171f0f5fbc722e4fc07985459dbac6ddec96126656a9c66499
8dd1612b067283062c0ffbd8624239631e99d829b0d996984acafbb7ee64cde7
90975e82d135cec980485e76bc1fa654e08849b97905e098611a661ae6c066c3
94c774aed78361387e6735161c842ef3fdaf129ed2efded05690fba32758a6bf
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97a635aa8d6d50a3994650de5bf3bb558bafd2cdfe7e7c58144087115cec3a11
97e72b7828d141a43e58d771117835740a4c0e51417473de6dcd8238a476d425
9a73ec51d0e62c2fdb04d631b841b43d1d61a18fd1c09ffc243db565ef05bbe4
9fea4dffeb075ca522c307ffc38fc323fc7da7e926208852910fb2ebd6442daa
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a37ddc4e7e30ec2675c6d2e628b57efee02b9f3ed430e7172946bf04c1744648
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a715a56850ba899ada246d578e0cadd0a9fb3ae245c7864760c1a402c44c2ab1
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab3d7e8cb7170ffbec495280a13cc2ed6c4485a1ff9c210fd34c2fa3b930087f
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b10f2caf31f8bcb9789120308ea3be1fbb208307ae9c6be9caafd8d24a6eb8c7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
bcd6300c816590aa413b930bf7bc29d9bdaaef5cee0aef283d1c84c63c1e2eb6
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c72c5cdb8ee97ed1e23f49f9cc0884c795f9c70e85a566453d9701f12cebfe9f
c96e07ca6a36b5102310af11c2adfb0de6f4e199e11213d7f586b2e914bfe590
cdfe8eae92f925959252d4b650e8737eadfcf26a90fc4c578f11c53f5181ca60
cfda24cd2c265e8c6f6769a7d281b5c5d9ef2f6cf03f1b32041e675d7d7114b7
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2d4f5b285c3ea23e01411750305074aadd1bfe5aaab498b29a97d6cdb9152d9
db312eb4a191bdf32f58e1123627cfaecc896975076c917887d8219b963e23b7
db668b70fd0021a224a50338fc80f62881fc5e678e84987ff62785d86ab3f320
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dbfdfca3639dd0402643df456e9d250e1adf9329ffc2ab758ca4bed8a0443968
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8a9db2f0b0d706d1a9e37721c2c2d883258b8e41a74159a58a2fc432151adc
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4d28698b173d2d4ff929ff4be4a795921785b3311da33160adb4791d4e46086
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
ea4de99bbdb87497f7e51a1338ac18c70763edee3cdd588563a88c516a385165
ecb4452035557f6aed0a4ba9e19026708ca182308d89edbc28d65257228c3ba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd15dccc78b33bb29115461ac9504869f4af29b5bdc93111b8ecff5d58469206