fr.mashallow.com Open in urlscan Pro
2606:4700:3036::6815:3d3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fr.mashallow.com/
Effective URL:
https://fr.mashallow.com/
Submission: On March 27 via api (March 27th 2024, 11:06:35 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3036::6815:3d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is fr.mashallow.com.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2024. Valid for: 3 months.

This is the only time fr.mashallow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3036::6815:3d3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
43	13

24 2606:4700:3036::6815:3d3 (United States)

ASN13335 (CLOUDFLARENET, US)

fr.mashallow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.mashallow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	mashallow.com fr.mashallow.com s3.mashallow.com	1 MB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 162	206 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 ssl.google-analytics.com — Cisco Umbrella Rank: 632 region1.google-analytics.com — Cisco Umbrella Rank: 2042	38 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	89 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	347 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	87 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3130	6 KB
43	9

	Domain	Requested by
13	fr.mashallow.com	fr.mashallow.com
11	s3.mashallow.com	fr.mashallow.com
5	pagead2.googlesyndication.com	fr.mashallow.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	fr.mashallow.com connect.facebook.net
2	www.google-analytics.com	fr.mashallow.com www.google-analytics.com
1	www.facebook.com	connect.facebook.net
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ssl.google-analytics.com	fr.mashallow.com
1	www.googletagmanager.com	fr.mashallow.com
1	fonts.googleapis.com	fr.mashallow.com
1	netdna.bootstrapcdn.com	fr.mashallow.com
43	13

This site contains links to these domains. Also see Links.

Domain
plus.google.com
www.facebook.com
twitter.com
blog.mashallow.com
en.mashallow.com

Subject Issuer	Validity	Valid
mashallow.com GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-05` - `2024-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://fr.mashallow.com/
Frame ID: 3CB63D3C1C61351AB784F12C6AF341B2
Requests: 39 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7410379794618518&output=html&h=280&slotname=3229312782&adk=869258871&adf=4140110316&pi=t.ma~as.3229312782&w=1000&fwrn=4&fwrnh=100&lmt=1711580790&rafmt=1&format=1000x280&url=https%3A%2F%2Ffr.mashallow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711580790579&bpp=2&bdt=286&idt=91&shv=r20240321&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&correlator=6279578742979&frm=20&pv=2&ga_vid=360064136.1711580791&ga_sid=1711580791&ga_hid=799759026&ga_fc=1&u_tz=60&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=300&ady=682&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082034%2C31082198%2C95326316%2C95322183%2C31081872%2C95328825&oid=2&pvsid=2842292873904895&tmod=2080251622&uas=0&nvt=1&fc=640&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: 418E4E2474C4A7B09F6FD008C152646B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7410379794618518&output=html&adk=1812271804&adf=3025194257&lmt=1711580790&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1000_l%7C260x1000_r&format=0x0&url=https%3A%2F%2Ffr.mashallow.com%2F&pra=7&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711580790982&bpp=2&bdt=690&idt=2&shv=r20240321&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&nras=1&correlator=6279578742979&frm=20&pv=1&ga_vid=360064136.1711580791&ga_sid=1711580791&ga_hid=799759026&ga_fc=1&u_tz=60&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082034%2C31082198%2C95326316%2C95322183%2C31081872%2C95328825&oid=2&pvsid=2842292873904895&tmod=2080251622&uas=0&nvt=1&fsapi=1&fc=896&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=10
Frame ID: 6BF09A865F534E00DDBCA93D5E2C6A02
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=687710821296373&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfef33ee5568a5510d%26domain%3Dfr.mashallow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffr.mashallow.com%252Ff1d718e89ee67b0c7%26relation%3Dparent.parent&color_scheme=dark&container_width=283&href=https%3A%2F%2Fwww.facebook.com%2FmashallowBattle&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true
Frame ID: D8E10A9BA87E5C6AB8F08F52FC198E12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6F6D8B22418417487F64F98959B54BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mashallow, LE site de création de quizz

Page URL History Show full URLs

http://fr.mashallow.com/ HTTP 307
https://fr.mashallow.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

43
Requests

98 %
HTTPS

100 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

1908 kB
Transfer

3222 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://plus.google.com/113141313539989628828

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mashallowBattle

Search URL Search Domain Scan URL

URL: https://twitter.com/MashallowBattle

Search URL Search Domain Scan URL

URL: http://blog.mashallow.com/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://en.mashallow.com/
Title: English

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fr.mashallow.com/ HTTP 307
https://fr.mashallow.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
fr.mashallow.com/
Redirect Chain

http://fr.mashallow.com/
https://fr.mashallow.com/

23 KB
6 KB

189ms
157ms

Document
text/html

2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 092a18d1591d9bc5b049ca3991ad781ab501db37ae60cd5b94580ed7cea56f6e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86b308025a74bb4d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 23:06:30 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D
server: cloudflare
vary: Accept-Encoding
via: 1.1 vegur
x-powered-by: Express

Redirect headers

Location: https://fr.mashallow.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 home.css
fr.mashallow.com/css/ 23 KB
5 KB 152ms
151ms Stylesheet
text/css 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/css/home.css?ts=402
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b06e2963b70642b574339af7aa47abe185cb6e1735eeb5772cb0abc6bf653421

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"5b41-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-ray: 86b308035b84bb4d-FRA

GET
H3 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ 27 KB
6 KB 42ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1049
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 321683
cdn-cachedat: 03/18/2024 13:16:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:51 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2d53b06f292dcb355b5e1a39ec065054"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ddb849953c61c1961669be0df45df671
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 86b30803881f65dc-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26ab2fd4afb5c57248a2007a588878f05464d27dfa0d46a35cadcd00b2bb8972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 27 Mar 2024 23:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Mar 2024 21:13:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Mar 2024 23:06:30 GMT

GET
H3 200 libs.css
fr.mashallow.com/css/lib/ 204 KB
30 KB 177ms
176ms Stylesheet
text/css 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/css/lib/libs.css?ts=402
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f2dd23cd12215d5929f3eec9b09f25d966317025f777b9135612eeba12c4c673

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"33128-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-ray: 86b308035b86bb4d-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
87 KB 43ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0656ZBYHS1

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5f9fa68a6ef45775f6a8b9fe1fc375b122d310819f3237b7e099f7f617ec07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88853
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 27 Mar 2024 23:06:30 GMT

GET
H3 200 icon.jpeg
fr.mashallow.com/img/ 3 KB
4 KB 151ms
150ms Image
image/jpeg 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.mashallow.com/img/icon.jpeg
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 76748b163436e4ab82ad6936138c9ea7fc83acc09f1cf5a122ded49dc94d28cb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
via: 1.1 vegur
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3224
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"c98-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D"}]}
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 86b308035b87bb4d-FRA

GET
H3 200 logo.png
s3.mashallow.com/ 29 KB
29 KB 214ms
201ms Image
image/png 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/logo.png
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd110603adfa754f9d0a9154b11ef9c2a997af210703ec4a1e330206f0930207

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0G1Z5HCQJ2E8T2AG
alt-svc: h3=":443"; ma=86400
content-length: 29442
x-amz-id-2: 1cHugw0B9dasTu5qCoemfY59k22lxTuBeL30ZxCHINuNUkO2jZq24Nse8/rGdKPzaOGCDR02Mgs=
last-modified: Fri, 26 Sep 2014 18:52:32 GMT
server: cloudflare
etag: "13b89e4b1f399f5d5a0eb45afdbb4371"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FyQ04mAx0FetTWPJl2FLeMXVrJV5Y377tBnEmwp%2B1h9ZsVyK0zqbgJh7uLM8WQGzldd48hly771dcC%2BWXDfDuwypBGavw7mvdXu%2FqD8oPKCDFSwia2DyAdWDui4ji7BdhimhF0Hg6qsb9dTt0lv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b308037ba0bb4d-FRA

GET
H3 200 thebattle.png
s3.mashallow.com/ 518 KB
518 KB 226ms
220ms Image
image/png 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/thebattle.png
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d233cccfa107acdadb5b1ec5319f3a460ae7ce64fdc00bcca293aea2daabc836

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0G1G10CDS2K3C9A8
alt-svc: h3=":443"; ma=86400
content-length: 529955
x-amz-id-2: H1pZjlJ1oVyA9SF6QgivIdMJP0ktFUKK0AMJAjb+JsgBmsFubmYK2hLuc0v64tmPALXlJNsxs1s=
last-modified: Sat, 12 Sep 2015 21:07:02 GMT
server: cloudflare
etag: "a41733bb4f8201315b552cb4307fec19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xqcwMbtOAAWzdl3AOcFCPwhhZe%2FF7a77ruH9cZEY6Xfju9k8%2F90YhpYqciRa79%2FQFB%2Ft%2BcjPCpUOCeaRbEwzKOmmfVJbnLu8uJkvG8DRQ8W9MIPdBvUkyjKoT7brTwkDk3fAfU%2BCXBUw7xD2Ctv4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b308045cbfbb4d-FRA

GET
H3 200 thequizz.png
s3.mashallow.com/ 501 KB
501 KB 332ms
332ms Image
image/png 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/thequizz.png
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6950b4ca8158e54cd9a7306af06e4f857ad6e5c66d57f0dd32131412a1c7d93

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0G1P62X6PB771FWC
alt-svc: h3=":443"; ma=86400
content-length: 512646
x-amz-id-2: 2mrbx9DFtGEKdKaQ9dldrlyb7jX7RMOQZa0LloQR1D/FiBrN+1T3aWlbImB8MHLn1HkF7ZHB7AY=
last-modified: Sat, 12 Sep 2015 21:07:03 GMT
server: cloudflare
etag: "e86a45dcbe610c37c10b0a44b976a028"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=br9988G0KGpn%2FgOFkREpQl8bKmGoh5xn%2FIgBOG1eO%2B6tMED3tdZzV%2F4jJT%2FGWdShhYZgIWzNNQQ3ApnUBf%2B6Y1hjpYlMSw61pDS8VAVb2bPYdoDVzd0HDHgic1W8INxlilzfvWcUocksWisRIe%2Bh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b30804bd0dbb4d-FRA

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 47ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35b8fce8d4a31af8fae3064e01af9b1a7bdb735043c7a73e3da9cc81b59c7df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50900
x-xss-protection: 0
server: cafe
etag: 9315875418843563330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 27 Mar 2024 23:06:30 GMT

GET
H3 200 email-decode.min.js Show response
fr.mashallow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fr.mashallow.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tP0gNvAvxN0xVfVjc3hp0ckL18%2F7nlobGUXxs5pwk%2BjyeewnKWn0YW3PN7TieunybpoKBtKtYgT1R%2FicL89YOu1pniAuIXK%2FDvy0DoJmQNo2kDcB0uGkT6a4lgs1SnJHwtaw1D9wVvmadr7ErR2e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86b30804bd0fbb4d-FRA
expires: Fri, 29 Mar 2024 23:06:30 GMT

GET
H3 200 libs.js Show response
fr.mashallow.com/js/lib/ 383 KB
125 KB 418ms
416ms Script
application/javascript 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/js/lib/libs.js?ts=402
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c87ee0f48463f5d0139eefc29de91a0288b02768810e051f64f3fc62bae71de0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"5fc46-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D"}]}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 86b30804bd12bb4d-FRA

GET
H3 200 mashallow.js Show response
fr.mashallow.com/js/lib/ 8 KB
3 KB 117ms
115ms Script
application/javascript 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/js/lib/mashallow.js?ts=402
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f16a7388e807e3f5b7fc3fa8b268cd1f694e966637ab8a266a62597e7f07bc50

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"2138-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D"}]}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 86b30804bd13bb4d-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 21:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5268
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 27 Mar 2024 23:38:42 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 21:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4293
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 27 Mar 2024 23:54:57 GMT

GET
H3 200 fontawesome-webfont.woff
fr.mashallow.com/css/fonts/ 43 KB
44 KB 173ms
173ms Font
application/font-woff 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/css/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/css/lib/libs.css?ts=402
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/css/lib/libs.css?ts=402
Origin: https://fr.mashallow.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"ad90-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580790&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=h2VK6ynSdqOyyYF3Lzc7p%2BiZT6lTCoHDa6pIa5l4Ua8%3D"}]}
content-type: application/font-woff
cache-control: public, max-age=2678400
cf-ray: 86b30804cd19bb4d-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 14ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=799759026&t=pageview&_s=1&dl=https%3A%2F%2Ffr.mashallow.com%2F&ul=en-us&de=UTF-8&dt=Mashallow%2C%20LE%20site%20de%20cr%C3%A9ation%20de%20quizz&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=IGBAgEABAAAAACAAI~&jid=404065495&gjid=943120714&cid=360064136.1711580791&tid=UA-53044243-1&_gid=1673768393.1711580791&_slc=1&z=339618799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 23:06:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.mashallow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 63ms
22ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-53044243-1&cid=360064136.1711580791&jid=404065495&gjid=943120714&_gid=1673768393.1711580791&_u=IGBAgEABAAAAAGAAI~&z=333966695

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 27 Mar 2024 23:06:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.mashallow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 407 KB
138 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7410379794618518&plah=fr.mashallow.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aebe3dfbf032e3078ff6795164f39c6a2db2094d5b5deaaf1a14ead35c885b21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141336
x-xss-protection: 0
server: cafe
etag: 8362656110782265407
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 23:06:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 38ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0656ZBYHS1&gtm=45je43p0v9121235834za200&_p=1711580790512&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=360064136.1711580791&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711580790&sct=1&seg=0&dl=https%3A%2F%2Ffr.mashallow.com%2F&dt=Mashallow%2C%20LE%20site%20de%20cr%C3%A9ation%20de%20quizz&en=page_view&_fv=1&_ss=1&_ee=1&tfd=503
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0656ZBYHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 27 Mar 2024 23:06:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fr.mashallow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 418E 0
0 813ms
801ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7410379794618518&output=html&h=280&slotname=3229312782&adk=869258871&adf=4140110316&pi=t.ma~as.3229312782&w=1000&fwrn=4&fwrnh=100&lmt=1711580790&rafmt=1&format=1000x280&url=https%3A%2F%2Ffr.mashallow.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711580790579&bpp=2&bdt=286&idt=91&shv=r20240321&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&correlator=6279578742979&frm=20&pv=2&ga_vid=360064136.1711580791&ga_sid=1711580791&ga_hid=799759026&ga_fc=1&u_tz=60&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=300&ady=682&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082034%2C31082198%2C95326316%2C95322183%2C31081872%2C95328825&oid=2&pvsid=2842292873904895&tmod=2080251622&uas=0&nvt=1&fc=640&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7410379794618518&plah=fr.mashallow.com&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.mashallow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Mar 2024 23:06:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_fr/ 3 KB
3 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_fr/sdk.js

Requested by

Host: fr.mashallow.com
URL: https://fr.mashallow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8832e705fba5ded0614d5596b2b1e97d29507aaeb6d7d545e9a37638bf977030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 23:06:30 GMT
content-md5: N82yQNLpL4nJkwwFHG/Bgw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: GOL++wSucgF//WTm21nhhjjtRj/lM7088t07qvVXHN1fA5sjDtJ8YVptNtgJxt1YrWGj6J7b3oOmRtTi0btzPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: f538da7d80b77527dd0255ac3b6af8ae
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b25fa9e2f654e9146f38a33b75730a17"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 27 Mar 2024 23:13:06 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 6BF0 0
0 344ms
343ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-7410379794618518&output=html&adk=1812271804&adf=3025194257&lmt=1711580790&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1000_l%7C260x1000_r&format=0x0&url=https%3A%2F%2Ffr.mashallow.com%2F&pra=7&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711580790982&bpp=2&bdt=690&idt=2&shv=r20240321&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&nras=1&correlator=6279578742979&frm=20&pv=1&ga_vid=360064136.1711580791&ga_sid=1711580791&ga_hid=799759026&ga_fc=1&u_tz=60&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082031%2C31082034%2C31082198%2C95326316%2C95322183%2C31081872%2C95328825&oid=2&pvsid=2842292873904895&tmod=2080251622&uas=0&nvt=1&fsapi=1&fc=896&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.mashallow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 4382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Mar 2024 23:06:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 search.html Show response
fr.mashallow.com/views/ 523 B
836 B 58ms
57ms XHR
text/html 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/views/search.html
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/js/lib/libs.js?ts=402
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f02df675d140037be323376ff5df5b905ef45fe254393c40b62ac3f6444b82b9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D"}]}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
cf-ray: 86b30807dfaabb4d-FRA
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D

GET
H3 200 ajax-loader.gif
fr.mashallow.com/img/ 673 B
1 KB 139ms
139ms Image
image/gif 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fr.mashallow.com/img/ajax-loader.gif
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 37f0f749d2946df1ec6727a0a861d07efd04fb41f71ebcda9a099355e896ec29

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
via: 1.1 vegur
cf-cache-status: MISS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 673
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"2a1-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D"}]}
content-type: image/gif
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 86b30807dfadbb4d-FRA

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341691/ 16 KB
17 KB 158ms
158ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341691/photo.jpg?ts=1711555626128
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978b0c452b7236e4b545452a46737b0ace24be6641a2bb6296e117c3f65538d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2A3QM084JQA5JV7
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 16515
x-amz-id-2: IZGl+6a8AB9Pb31blUmYCOKhk1ARZ0BLZsEHZIEI+eGzkKEdbQGZa4TAdRzbcQnENddDIX6Au7Y=
last-modified: Wed, 27 Mar 2024 16:07:07 GMT
server: cloudflare
etag: "b913fcdf46005050406bf21b9f7a041c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64M39dMhLUt7BZVHORSmrGlgG1AHgE%2B9JC1yEXbsjOA9UOPNPbbqdSJ%2BQD2ZVdmPLJlauJtZXcN23huHXwb7e%2F%2FFRUtAFFWJ3QJ2r7ZfQYksKQiTBA7bU%2B1S%2FWaqOJdqXLdclJmzg13DhdfqHIb5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b30807dfaebb4d-FRA
expires: Thu, 27 Mar 2025 15:45:49 GMT

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341631/ 24 KB
25 KB 186ms
186ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341631/photo.jpg?ts=1711437656141
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84430e0a79abec0ba72999f0b19612a48735eb62028f7e67bfb79178cf5e9fbf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2A04FNJRCCRDJE7
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 24896
x-amz-id-2: uUxQHEoNoHqMNB+YJ/VuN4TgyJ5bIg1+uxOCpFdPBuLane6r84USM8gLH0kDVy6Y9l2U7gjEpZo=
last-modified: Tue, 26 Mar 2024 07:20:57 GMT
server: cloudflare
etag: "c75bc8326d4cda6463eba65d50c5d1ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2YO956fvB558M5sEubM0JLjAks2HFewDKRsSo1fQKxpc7NAYaNaoABi9ns6ILSJpvv%2BCU%2Fq26NkNOjwvuRCbYv1xVTm4SuvN9zOFspk64NAdGFwL8RJdcXLzaH02kggy17c%2B2Bgyguhtfxt9fIe"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b30807dfb0bb4d-FRA
expires: Tue, 25 Mar 2025 20:27:00 GMT

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341621/ 17 KB
17 KB 185ms
185ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341621/photo.jpg?ts=1711402785132
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22315866e5482db595b6ae14b08b933d18deb27cc2fe77ce35e9068996e0ff6c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2A6YZM4YWXZBY96
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 17167
x-amz-id-2: xCAqTX6IGenge3XG1Sa4DZiGkJUYJ1gEDAv8h22PNikHjs9ddc/zltA9Dq9/E4mCsZpNb1qu01k=
last-modified: Mon, 25 Mar 2024 21:39:46 GMT
server: cloudflare
etag: "ca6701705c47a9a8ba2981ac6525b29c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhwm%2Fgq6y2s%2FR0lgyhBvAnZL3Xds37oAcKrH%2FCMA30CsEXPHh9Zi%2BTqlUEzgmxrXZgpSm%2FHFZk1wmMZiQBB7T6CNyS18rCxif5n1djI7BSVhkZVTog%2FATpB10Dp324e%2Fyp7NUFh711V5eTG%2FBT4P"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b30807dfb1bb4d-FRA
expires: Tue, 25 Mar 2025 20:27:00 GMT

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341581/ 37 KB
38 KB 178ms
178ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341581/photo.jpg?ts=1711382736745
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e17ecbb01f03430e63c852f965baa44437b610f67053801a2bdd200d1a978c76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2ABEP3C3W0VDJ8R
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 38125
x-amz-id-2: F6Ney2QLUk5yCTZEBfYTuGE5B7m0Fp7worSvN4CAW/XkZpPH0jmDdWcwn3UXSjZrLUyDg3TGkZU=
last-modified: Mon, 25 Mar 2024 16:05:37 GMT
server: cloudflare
etag: "c951c9a30addce4e9602c8c0bca92bef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8jn54yt5bVP6zLrCxdtPqaNbqGs8SaJML5DVj%2B3P2hGmwTMX6dVy%2Bxzo8jnHQf2Qnaj2djDDrDT3T0ESdgKh7nmdCCvsVzL5i81fhAGLaLdw8gTEq451LxrvvLkhGg3fJM%2BltF56UiGt2uPlYFp"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b30807dfb3bb4d-FRA
expires: Tue, 25 Mar 2025 15:37:52 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 298 KB
85 KB 154ms
146ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c015d47e84b48e88f172577792e82dd2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_fr/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

012da2351814a78947f80298f93ebc5bd58a9dc5924cdbddf017dec963148cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
Origin: https://fr.mashallow.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 23:06:31 GMT
content-md5: NYv6JxjYlYnpk+8kqjL0Aw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87208
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4625, tp=11, tpl=0, uplat=139, ullat=0
x-fb-debug: kKTfJHvprge3vI1bTjFwTtPf9SL2zd+0qbGEf7NL3IZbMdF20H+FbgbgpcWtxWTLUJaw5PB6u7cdIzk1otQT8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7ecd635cee75d8dba5d0bcaa90eb7d17
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f889d5533617cb46dae3270be59fc656"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Mar 2025 23:06:31 GMT

GET
H3 200 translation.json Show response
fr.mashallow.com/locales/fr/ 16 KB
7 KB 46ms
45ms XHR
application/json 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/locales/fr/translation.json
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/js/lib/libs.js?ts=402
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2edfb404900224d0dd73e215a9232a81e0fd9d810bb661855733c805e0a35bda

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://fr.mashallow.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"3fed-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D"}]}
content-type: application/json
cache-control: public, max-age=0
cf-ray: 86b30808381fbb4d-FRA

GET
H3 200 translation.json Show response
fr.mashallow.com/locales/en/ 14 KB
6 KB 129ms
128ms XHR
application/json 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/locales/en/translation.json
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/js/lib/libs.js?ts=402
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7c6a8be8f074bef9ff90f417f0b04b3d2021756d109adc712cbe3c5cf6e84487

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://fr.mashallow.com/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"38a3-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D"}]}
content-type: application/json
cache-control: public, max-age=0
cf-ray: 86b308083820bb4d-FRA

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341691/ 16 KB
17 KB 17ms
17ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341691/photo.jpg?ts=1711555626128
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978b0c452b7236e4b545452a46737b0ace24be6641a2bb6296e117c3f65538d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2A3QM084JQA5JV7
age: 0
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 16515
x-amz-id-2: IZGl+6a8AB9Pb31blUmYCOKhk1ARZ0BLZsEHZIEI+eGzkKEdbQGZa4TAdRzbcQnENddDIX6Au7Y=
last-modified: Wed, 27 Mar 2024 16:07:07 GMT
server: cloudflare
etag: "b913fcdf46005050406bf21b9f7a041c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDF9QzIGtSu2Rx5aA5rGJ4%2F%2BTZ3z%2FoV3sfWmUDhVjvOoF3osEgM7%2Fauw6S9sJSv6Fo6n1BeFRz6YuxTY6BrjdytXQCuAEJPBau6Ppo%2Fc%2BrlZO94BUx8YmfGl%2FjsqKNVHJpL2NN61vgVvuoXwUXxv"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b30808d89abb4d-FRA
expires: Thu, 27 Mar 2025 15:45:49 GMT

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341581/ 37 KB
38 KB 19ms
19ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341581/photo.jpg?ts=1711382736745
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e17ecbb01f03430e63c852f965baa44437b610f67053801a2bdd200d1a978c76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2ABEP3C3W0VDJ8R
age: 0
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 38125
x-amz-id-2: F6Ney2QLUk5yCTZEBfYTuGE5B7m0Fp7worSvN4CAW/XkZpPH0jmDdWcwn3UXSjZrLUyDg3TGkZU=
last-modified: Mon, 25 Mar 2024 16:05:37 GMT
server: cloudflare
etag: "c951c9a30addce4e9602c8c0bca92bef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=boAtHBSZIC8dAXHoL2b8DPdIvIctkDmNz0A8m9GTnLeEFLhB%2BkcMKC5MuenHu7paRk5QH997IYNivGXlXZMUu8pWib3ymalL3YXmp7T0I9JLO6heXzplkDbujJDKK%2B5mHwQ89cifnuSOEhb%2BCz3H"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b30808f8b3bb4d-FRA
expires: Tue, 25 Mar 2025 15:37:52 GMT

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341621/ 17 KB
17 KB 23ms
23ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341621/photo.jpg?ts=1711402785132
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22315866e5482db595b6ae14b08b933d18deb27cc2fe77ce35e9068996e0ff6c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2A6YZM4YWXZBY96
age: 0
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 17167
x-amz-id-2: xCAqTX6IGenge3XG1Sa4DZiGkJUYJ1gEDAv8h22PNikHjs9ddc/zltA9Dq9/E4mCsZpNb1qu01k=
last-modified: Mon, 25 Mar 2024 21:39:46 GMT
server: cloudflare
etag: "ca6701705c47a9a8ba2981ac6525b29c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9vU6uOs8OI4RvYUG5KSz%2FZ5taDBAJDfrTJ1aLqAdDsA9wvyiY3qVe1BlYAOzNegTVbUlSm5LXOLlW%2FPwxXEVZolKKh6hgYNvF4f7fq7un8VGHMDc3ztPzHQ7rvXePwsBOGIYPzCoL7KDk8jgDnuI"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b3080908b5bb4d-FRA
expires: Tue, 25 Mar 2025 20:27:00 GMT

GET
H3 200 photo.jpg
s3.mashallow.com/prod/quizzer/341631/ 24 KB
25 KB 12ms
12ms Image
application/octet-stream 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.mashallow.com/prod/quizzer/341631/photo.jpg?ts=1711437656141
Requested by: Host: fr.mashallow.com
URL: https://fr.mashallow.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84430e0a79abec0ba72999f0b19612a48735eb62028f7e67bfb79178cf5e9fbf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: N2A04FNJRCCRDJE7
age: 0
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 24896
x-amz-id-2: uUxQHEoNoHqMNB+YJ/VuN4TgyJ5bIg1+uxOCpFdPBuLane6r84USM8gLH0kDVy6Y9l2U7gjEpZo=
last-modified: Tue, 26 Mar 2024 07:20:57 GMT
server: cloudflare
etag: "c75bc8326d4cda6463eba65d50c5d1ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15zkKrOltlnjtPOJD6igk32h05igJ4ZQwBvSc%2FEbyo9LZXthmfujqvgxRmhj8fHt4UdIKFxz%2FioHAt%2FxVPTn7bNK%2B8y8wPy1l%2BKxo3fxdHPJinvL86d3dc0XRttU4pcjAoW1HNaVytn6F%2BqqQlSb"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 86b3080908b6bb4d-FRA
expires: Tue, 25 Mar 2025 20:27:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 41ms
24ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240321&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82d01adc5e1a8d99fa985da12b926e885e2e75d4594d83dfaedfe3f3289d1335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12048
x-xss-protection: 0

GET
H2 200 like.php
www.facebook.com/v2.1/plugins/ Frame D8E1 0
0 114ms
101ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=687710821296373&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfef33ee5568a5510d%26domain%3Dfr.mashallow.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffr.mashallow.com%252Ff1d718e89ee67b0c7%26relation%3Dparent.parent&color_scheme=dark&container_width=283&href=https%3A%2F%2Fwww.facebook.com%2FmashallowBattle&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=c015d47e84b48e88f172577792e82dd2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: .facebook.com data: https://.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.mashallow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data: https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Wed, 27 Mar 2024 23:06:31 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1326, tbw=2773, tp=-1, tpl=-1, uplat=94, ullat=0
x-fb-debug: ysjyQvFkmAcqDtbkiV+i1fFocSRZqUXTEtzl324pW15ZT1DjFE7iCeryk6tR8g26NZL+KhXOOyn1UyanYUlkmA==
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 102ms
83ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Mar 2024 23:06:31 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E6F6 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fr.mashallow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 17414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Mar 2024 18:16:17 GMT
expires: Thu, 27 Mar 2025 18:16:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 icon.jpeg
fr.mashallow.com/img/ 3 KB
4 KB 48ms
48ms Other
image/jpeg 2606:4700:3036::6815:3d3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fr.mashallow.com/img/icon.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:3d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 76748b163436e4ab82ad6936138c9ea7fc83acc09f1cf5a122ded49dc94d28cb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fr.mashallow.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 23:06:31 GMT
via: 1.1 vegur
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 3224
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D
last-modified: Sun, 04 Jun 2023 15:07:12 GMT
server: cloudflare
etag: W/"c98-18886f2b100"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711580791&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=VZRndlXHDL4IJNI%2Ba7h9VbFS5EC0Pi%2BGoY8lgMxVXjI%3D"}]}
content-type: image/jpeg
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 86b3080c6b3bbb4d-FRA

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240321&jk=2842292873904895&bg=!-Pul-7TNAAay2Dj3ktg7ADQBe5WfOHDVuIK4-KuGLvIQ2avIwS031YJb0qKQ4WfexzEkw4buA9RhV9nX3yx3s1M5I-ogAgAAADpSAAAAAmgBB34ANTS-YQyMgA-pQScCy0yPCQYRlG-QMSW2dmJlhxPNTal5w3Bxz6zuiHi8lwDgsO1A7do4nR8ymQLdqjtr1NxWT6G2Q_eoJEV6jICAeVvEob_4RqDX1u5q4MLcobkraxTDxPrTwM81LVsJjuAfUeVagH0voRczHh7usCFRAQebrNPPBuf3zSSWarxeS9jpWoOEMrh7-KQZtNHtbK8CnfsMNj2Mo1nh18pwUyvCtyiCPBN-Kwim8qNNzoygXFQ5TrjnNKlXXGxgMPqcTeiaul0QPlbx8eq3a_Z6aAJgbxdzw5Vqt-H6kbSD_gRu0Jyb78OO7IU543NXZbBq-TtSz8m8lS49QFirAuJ8WKmPvUlzUNIOgAMR4b2BZ6Lmguad_I9VGthqUGrHp76SZLT9GGCb21x4vYLkPE8FCMRq4BzXBJwllLHlvdanE4tfZ8NHNDzpzlUEvMz1r7dtHYkr3JvJGncYCRfy5NqxautBtXFchK2wuHVqKsHITD6SPeRVoig5hlzX2Q7ziK7dRVfw9x568NQW6QV8dCiZ8su-9UJIgTFHQP8IirpBPYJqhoD_QvvRnABUMX7Um8PbWcJdY9j-64ZzLdokRrWNQH8PjZ8ADipnawEaTcGslOayLmXSRdqgnYp8wWYOyXm78Zym1NI1XaCYluqHLQHf6hPHkNXJlP6i_1GoVswbF--1Ml7TAmQqGe6ys6DXiATmL_GbshWgI1wlpb64BKAKNILYl9R7QDEOW3qtjM8OzYbuFZJLzFUc8yZOlEZ23eNsilvE7GsmrcsOZf9BUu7Piove-2wSAO9i9cwO8Gx3E3xGW14dYHe1Z1D8Q_Zw4WjDQY9vBmGKlvzriE48zCne29_kvOiLeblSThB_5xu3WztIxAZ9MC2jOvqpx-bZyzFOrdiUWd4NIxMIPMnc__wakE3MDOMnHsP_4eF90-RiMx0zIOFQvotsaj8Y5JFbw-QJIIRSsmOvS4dyrWrx3isVP3oRLKlon0Gxl0sGaHdNTwRpJ2Vxk3ssXb3-fLluInafJnM4OyLRwg1_cTwsyA

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mashallow.com/	1969-12-31 23:59:59	Name: subdomain Value: fr
.mashallow.com/	1969-12-31 23:59:59	Name: returnTo Value: %2F
.mashallow.com/	1969-12-31 23:59:59	Name: random Value: 0uAUH
.mashallow.com/	1970-01-20 19:27:47	Name: _gid Value: GA1.2.1673768393.1711580791
.mashallow.com/	1970-01-20 19:26:20	Name: _gat Value: 1
.mashallow.com/	1970-01-21 05:02:20	Name: _ga Value: GA1.1.360064136.1711580791
.mashallow.com/	1970-01-20 23:45:32	Name: __eoi Value: ID=0aec6154eba12cb1:T=1711580790:RT=1711580790:S=AA-AfjZfjBLWOAx1CsAV392uN0EQ
.mashallow.com/	1970-01-21 05:02:20	Name: _ga_0656ZBYHS1 Value: GS1.1.1711580790.1.0.1711580791.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fr.mashallow.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
region1.google-analytics.com
s3.mashallow.com
ssl.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
pagead2.googlesyndication.com
2001:4860:4802:34::36
2606:4700:3036::6815:3d3
2606:4700::6812:acf
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2008
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
012da2351814a78947f80298f93ebc5bd58a9dc5924cdbddf017dec963148cb6
092a18d1591d9bc5b049ca3991ad781ab501db37ae60cd5b94580ed7cea56f6e
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22315866e5482db595b6ae14b08b933d18deb27cc2fe77ce35e9068996e0ff6c
22a22e76f4de930e54dd33af00c71b68828847409e5e79787df5224dd9776c6f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26ab2fd4afb5c57248a2007a588878f05464d27dfa0d46a35cadcd00b2bb8972
2edfb404900224d0dd73e215a9232a81e0fd9d810bb661855733c805e0a35bda
35b8fce8d4a31af8fae3064e01af9b1a7bdb735043c7a73e3da9cc81b59c7df9
37f0f749d2946df1ec6727a0a861d07efd04fb41f71ebcda9a099355e896ec29
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76748b163436e4ab82ad6936138c9ea7fc83acc09f1cf5a122ded49dc94d28cb
7c6a8be8f074bef9ff90f417f0b04b3d2021756d109adc712cbe3c5cf6e84487
82d01adc5e1a8d99fa985da12b926e885e2e75d4594d83dfaedfe3f3289d1335
84430e0a79abec0ba72999f0b19612a48735eb62028f7e67bfb79178cf5e9fbf
8832e705fba5ded0614d5596b2b1e97d29507aaeb6d7d545e9a37638bf977030
978b0c452b7236e4b545452a46737b0ace24be6641a2bb6296e117c3f65538d9
aebe3dfbf032e3078ff6795164f39c6a2db2094d5b5deaaf1a14ead35c885b21
b06e2963b70642b574339af7aa47abe185cb6e1735eeb5772cb0abc6bf653421
c6950b4ca8158e54cd9a7306af06e4f857ad6e5c66d57f0dd32131412a1c7d93
c87ee0f48463f5d0139eefc29de91a0288b02768810e051f64f3fc62bae71de0
d233cccfa107acdadb5b1ec5319f3a460ae7ce64fdc00bcca293aea2daabc836
d5f9fa68a6ef45775f6a8b9fe1fc375b122d310819f3237b7e099f7f617ec07c
dd110603adfa754f9d0a9154b11ef9c2a997af210703ec4a1e330206f0930207
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e17ecbb01f03430e63c852f965baa44437b610f67053801a2bdd200d1a978c76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f02df675d140037be323376ff5df5b905ef45fe254393c40b62ac3f6444b82b9
f16a7388e807e3f5b7fc3fa8b268cd1f694e966637ab8a266a62597e7f07bc50
f2dd23cd12215d5929f3eec9b09f25d966317025f777b9135612eeba12c4c673

fr.mashallow.com Open in urlscan Pro 2606:4700:3036::6815:3d3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

100 %IPv6

9 Domains

13 Subdomains

13 IPs

3 Countries

1908 kBTransfer

3222 kBSize

8 Cookies

5 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fr.mashallow.com Open in urlscan Pro
2606:4700:3036::6815:3d3 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

100 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

1908 kB
Transfer

3222 kB
Size

8
Cookies

43 HTTP transactions
0 data transactions