urlscan.io logo urlscan.io
SecurityTrails logo

fr.theshookers.com Open in urlscan Pro
2606:4700:3036::6815:2d5e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fr.theshookers.com/
Effective URL: https://fr.theshookers.com/
Submission: On October 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 18 domains to perform 127 HTTP transactions. The main IP is 2606:4700:3036::6815:2d5e, located in United States and belongs to CLOUDFLARENET, US. The main domain is fr.theshookers.com.
TLS certificate: Issued by GTS CA 1P5 on September 16th 2023. Valid for: 3 months.
This is the only time fr.theshookers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:50c0:800... 54113 (FASTLY)
1 151.139.128.10 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5.161.35.131 213230 (HETZNER-C...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
18 2a02:2638:3::10 44788 (ASN-CRITE...)
127 28
1    2606:4700:3037::ac43:d4da (United States)

ASN13335 (CLOUDFLARENET, US)
fr.theshookers.com
23    2606:4700:3036::6815:2d5e (United States)

ASN13335 (CLOUDFLARENET, US)
fr.theshookers.com
img.theshookers.com
4    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
7    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:20::681a:6d3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.holaquiz.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)
superal.github.io
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
p2e9r4n9.stackpathcdn.com
3    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
4    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
1    5.161.35.131 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.131.35.161.5.clients.your-server.de
pfx.api.botman.ninja
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
12    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
18    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
Apex Domain
Subdomains		 Transfer
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
430 KB
27 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
274 KB
24 theshookers.com
fr.theshookers.com
img.theshookers.com
992 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
238 KB
8 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
500 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6862
641 B
3 gstatic.com
www.gstatic.com
16 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
49 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
119 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
605 B
1 botman.ninja
pfx.api.botman.ninja
479 B
1 stackpathcdn.com
p2e9r4n9.stackpathcdn.com — Cisco Umbrella Rank: 331559
7 KB
1 github.io
superal.github.io — Cisco Umbrella Rank: 699024
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
11 KB
1 holaquiz.com
img.holaquiz.com
30 KB
127 18
Domain Requested by
18 imageproxy.eu.criteo.net c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
17 fr.theshookers.com 1 redirects fr.theshookers.com
14 pagead2.googlesyndication.com fr.theshookers.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
12 tpc.googlesyndication.com c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
7 static.criteo.net ads.eu.criteo.com
7 img.theshookers.com fr.theshookers.com
7 www.googletagmanager.com fr.theshookers.com
www.googletagmanager.com
5 region1.analytics.google.com www.googletagmanager.com
4 www.google.de fr.theshookers.com
4 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
4 securepubads.g.doubleclick.net fr.theshookers.com
securepubads.g.doubleclick.net
c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
3 www.google.com fr.theshookers.com
tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 csm.eu.criteo.net ads.eu.criteo.com
2 www.googletagservices.com c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rtb.nl3.eu.criteo.com c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pfx.api.botman.ninja p2e9r4n9.stackpathcdn.com
1 p2e9r4n9.stackpathcdn.com fr.theshookers.com
1 superal.github.io fr.theshookers.com
1 cdnjs.cloudflare.com fr.theshookers.com
1 img.holaquiz.com fr.theshookers.com
127 28

This site contains links to these domains. Also see Links.

Domain
fr.friendshipquiz2022.com
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
theshookers.com
GTS CA 1P5		 2023-09-16 -
2023-12-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
holaquiz.com
E1		 2023-10-29 -
2024-01-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-04 -
2024-05-30		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
pfx.api.botman.ninja
R3		 2023-08-04 -
2023-11-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://fr.theshookers.com/
Frame ID: C5D744A73972211EE607FD5072BC3040
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Frame ID: 0AEA3C82A45064505EA0B13BC9A19D21
Requests: 1 HTTP requests in this frame

Frame: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CDDC0A87867558F45FB407D8F0111E45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7003191985075097&output=html&adk=1812271804&adf=3025194257&lmt=1698703376&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffr.theshookers.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698706976375&bpp=2&bdt=1285&idt=243&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=683362657390&frm=20&pv=2&ga_vid=847481902.1698706976&ga_sid=1698706977&ga_hid=1434031953&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079078%2C31079081%2C31079083%2C31079087%2C44798934%2C44805932%2C44807047%2C31078297%2C31079177%2C44803791&oid=2&pvsid=4246551145145861&tmod=2026529767&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=256
Frame ID: C6159B99FEF373DB4FB90DB393FEE410
Requests: 2 HTTP requests in this frame

Frame: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A2CFE38B86E26A5EE4277CF747F6F5C
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Frame ID: 508D8E7E67BC396EA312E38B4FEAC40D
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7728DB49DD63FC50F4CA493542541C9D
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 1F1E6AC3CCA7D02DD94E3EF91A9AF019
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js
Frame ID: 70FFBCD2EE214C04FFD2C502DD29AF85
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA2C880C944FE6851229081AE03D3A2D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93C5EEFD1A78951AAD65B7D34C597C56
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Défi de l'amitié à relever ! Tes amis sont-ils suffisamment brillants pour gagner à ton quiz ? Découvre-le

Page URL History Show full URLs

  1. http://fr.theshookers.com/ HTTP 301
    https://fr.theshookers.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

100 %
HTTPS

89 %
IPv6

18
Domains

28
Subdomains

28
IPs

4
Countries

2695 kB
Transfer

5828 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fr.theshookers.com/ HTTP 301
    https://fr.theshookers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fr.theshookers.com/
Redirect Chain
  • http://fr.theshookers.com/
  • https://fr.theshookers.com/
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc65ce1833cc6c77f5bc2581dd2808d566de926e13c5fc21702df50e1c29474
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81e749df7c3765b4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 Oct 2023 23:02:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnXhK88kGm%2FYIFGHG2dU9HGv55cI9a0JOjbx7EG6xNkbHzsF6ECJ%2BNnFB3U2D3xMEusxtr0gZLOcKPNwTvEnMqGpjLB1868PRVcRch9X0CIZoDvhofrZnaix0wWUhbYTTFT%2BjxFq9pyFNHwM11cnpqs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-host
as-hi-63-web
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Redirect headers

CF-RAY
81e749df3c8d3718-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 30 Oct 2023 23:02:54 GMT
Expires
Tue, 31 Oct 2023 00:02:54 GMT
Location
https://fr.theshookers.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4pe02GrotacJoIxxUXxzTHgCMZoRn2zoeIcKOKgWj8JLFzoYpQb%2BqYULJyOLjDZEe%2Bgtb5khzpZjndh23Fkm6e0LNmPoYlRcsHDkMwBSb6MbTCJMg6JRbZmHiLdnY4dYWYopWsh6w16SMlhuC8RvW8%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
font-awesome.css
fr.theshookers.com/public/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/css/font-awesome.css?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c936bca314b30e3c48bbad667c920cac28e3e43b72f5f372c706e885a0aa2743
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-176-web
date
Mon, 30 Oct 2023 23:02:55 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Oct 2023 07:35:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"70165-7823-608999c9fc9c0"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyZUnqDA%2FYr9R%2BXVVK7bnqX04SsSZm7DbBL1%2Fw1Q0%2Fpe%2FRhM%2BU0ehLJor01ta1UpjyrtMLnQlBLWwfA2r2vcNNvDWkUlfR4tf4e9YCtsNottOHzNa6mDUlRZirmfYxf3kJOAWIaX50L4mrjnUNixg5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cf-ray
81e749e25ed965b4-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.css
fr.theshookers.com/public/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/css/bootstrap.css?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1127616e70adcf895ad38ff2eeac1fa12419b6522f4c58df704d3dae8305d49
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-100-web
date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 26 Oct 2023 07:35:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"70751-1d86f-608999c9fc9c0"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJs3Lss%2BTmrHT8Zy6tigg4Hsa%2F%2BAx4lmMLCTDZ%2BXnQExi6PKSBuPYhGfIj6HH1cybbrFeuUJdL9CUaxVXIsaKiCOzvO9%2FkmW6O1NzCiN1f37Sj9i%2BYwgfKeeZepXIjcobckVNTMqQ74CGXFryyWnHCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cf-ray
81e749e25edd65b4-FRA
alt-svc
h3=":443"; ma=86400
common-spinner.css
fr.theshookers.com/public/css/ 		2 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/css/common-spinner.css?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6dfeb59f7464899e64068a09afaa80fdae61e9767a041f9bc60aae5362c599
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-115-web
date
Mon, 30 Oct 2023 23:02:55 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 09 May 2022 05:59:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"70df1-6ff-5de8de9c04440"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VAH4bqrwN1y55JRsQKV9IFqnIoeE8BUs1NK6KwhotXT8VSMt%2Bszmxpk5ziR6Uk%2Bk0jlUi6%2Fvy1pnqMw2HFq%2BkQnzj6XFQdodTN2OOapmcs1s24qMONt29MsrytiFg1Medj%2FSuLKwM%2BPerEeYMGiXcc4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cf-ray
81e749e25ede65b4-FRA
alt-svc
h3=":443"; ma=86400
style.css
fr.theshookers.com/public/css/hellomate/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/css/hellomate/style.css?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
855fa6d88cb3eeb5086b2b76f9838e2df9cd0e80680586a7a8c59090da4954dd
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-32-web
date
Mon, 30 Oct 2023 23:02:55 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 23 Jun 2023 10:38:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"73bd4-b31e-5fec99a876780"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti%2BA2XGOVC6DpzvB73PcQT5CzdAPhc2rhkbXpJIEiCyGY8rDJogocQR9gLNd2lQm1Qu7zbUsL2BUOPVEBcixHfE%2FRgSoRNtvgCbHjbeka1K4Cgr9p8mxnvSUNeKPer0wMBsr%2FGeKLtT8BNsQmxOBV24%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cf-ray
81e749e25edf65b4-FRA
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d67d1f7f4b747425486e728a75813fc736c65a9390d70f4170ff7f16875998b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29844
x-xss-protection
0
server
cafe
etag
528 / 19660 / m202310230101 / config-hash: 9617840091010596719
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:56 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-147732382-7
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d520933760d014890c6e71d5a7d0539cea020f6036a54d2408489d2177b0cbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68647
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 21:31:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Oct 2023 23:02:56 GMT
js
www.googletagmanager.com/gtag/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126527512-6
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df66204eb54c7073b70407473b387912d1222b06960641d26d860f93ecb240f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64593
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 21:31:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Oct 2023 23:02:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7003191985075097
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e948e04966cface2fe86969c9c5bb12fb5a27e4314727e30464267e37786c5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.theshookers.com/
Origin
https://fr.theshookers.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51469
x-xss-protection
0
server
cafe
etag
8898855985836250791
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:56 GMT
globe.png
fr.theshookers.com/public/images/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fr.theshookers.com/public/images/globe.png
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83b6c3c74f5af6f322e21ba41f54efe00a2dca2854bc67ad1b41d49795003a3d
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-243-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Jan 2022 11:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"706f2-13e28-5d5d9325b0a40"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEFun2%2B4jjRIwOWEBRwP%2BlV%2B%2BCmrVy1n6XsoI8oU578nR43NLLpH8lxnMVXUM4CeuMiFaqz4oqniuVGhtWpORKWsyAa%2FxSTFbvIqApwwFep7o3pjYZbVvZL6ljhkAQ%2BesUeVk8MfyExax6laJ9TyXzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
81e749e96f1b2c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
81448
logoshookers.png
img.theshookers.com/public/site_content/quiz/ck_editor/images/meta/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/ck_editor/images/meta/logoshookers.png
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e8d5fe12750f6c1db492d2e3a68c16c088070f49a8c5e609af0bf59f001e46
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1705
last-modified
Tue, 28 Apr 2020 14:15:38 GMT
server
cloudflare
etag
"d11c8-6a9-5a45a773c3680"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suWz0qNti8gOXOF28ERqdgiyBa4QvcxU%2F5ghSoBZ4dLZox%2Ftjp%2B%2Bjd7rz5UjD4fURLWmdIQiPSSGxrj0cgLtTH9uncJRuVYvX%2BBFpoDxubW345ZjHHroa9l8kNNSvABcTbNPpb7p5kLLQ2FLST1q7Cuk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e96f1f2c7e-FRA
HolaQuizEn-Local-Category5d7a1ed62097a.jpg
img.theshookers.com/public/site_content/quiz/category/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/category/HolaQuizEn-Local-Category5d7a1ed62097a.jpg
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c24eb7ef079fdc86b477b1603d2f05885fa3033dba7198d1da3736824e83d4
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
56874
last-modified
Tue, 28 Apr 2020 14:15:33 GMT
server
cloudflare
etag
"ce226-de2a-5a45a76efeb40"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwtp8jQjMLl%2B1%2F2qEtQ%2BDcFbF%2BGZyjvb%2FyNPoGthG2UiJ8a63BwLwmW1kLNF%2FrZs1QOmdGkMsP923b29VvdL5ERUoSyK9SxvxUZGLiOqxuELX1q%2FjgGCGiyZzYSKqpUF4MN94QnNGmdtZVXaPFpNsH%2FA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e27efa65b4-FRA
Hellomate-Category601bd11f558fc.jpg
img.theshookers.com/public/site_content/quiz/category/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/category/Hellomate-Category601bd11f558fc.jpg
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022a743495e02b0cb9c208f38abe95551b56c20a3feca8b13ac4aa334da2baa9
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:55 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
37703
last-modified
Thu, 04 Feb 2021 10:49:03 GMT
server
cloudflare
etag
"cffb5-9347-5ba8073af45c0"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ij3420h6vloJVgvQWCNuilbJiT6cJ%2FU%2BPOp6Ntsjem%2FwwoWnDhtS2v%2BF%2Fd13Dq4wSqZQJDMuwo1WyKUkeZBKSaH7emFP%2FqAYLnhJtvDEs0VNJGik0zw4S70XVBsAQg8Cfbg3kHvKoEMsuXwpa%2FmvgVj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e27ef965b4-FRA
Hellomate-Category5e959ce30e0bb.jpg
img.theshookers.com/public/site_content/quiz/category/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/category/Hellomate-Category5e959ce30e0bb.jpg
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8aae2e2f1175a805f19d819249b3cd343cb601e263a8d70d373219041e116c6
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
112227
last-modified
Tue, 28 Apr 2020 14:15:32 GMT
server
cloudflare
etag
"ce0f5-1b663-5a45a76e0a900"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GULH3wV3uKcMenDQFbv79iS4DdaPWSZAMIjUiw1Eq8XP5SLa3Nq032wNWFOj29%2BaiBKXXw3mRW0CGHpaD4aTc5Wc3xAf0GgQxbgCmwE87imUDA0aeSWUMEDczzM1nV6WPGu0gicDFI6qfSRZ%2BrtksyDQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e6ecc42c7e-FRA
Theshookers-Category5eccf744131f0.jpg
img.theshookers.com/public/site_content/quiz/category/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/category/Theshookers-Category5eccf744131f0.jpg
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aa53c315728f91fbddb3c69c19cf54725f38c93b70d11ac6a6c862ea8a5aae
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
112262
last-modified
Tue, 26 May 2020 11:02:28 GMT
server
cloudflare
etag
"cfc9e-1b686-5a68b07f95900"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9q%2FMmOZkfgchdvoA8b5t4WhafV9NE27pogoQu4bQc47lNNxw4p58yrYClFY58jwrlEBUPPHslRnbWy97aebdhf9Hlm96y1Y3a301Zpvq%2BDVlQ7m2kTqlxUDcSPhw1ywiUQaip4m9CmCG7fWtSOJBY2Z"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e73cf72c7e-FRA
Theshookers-Category5f362a7aabb56.jpg
img.theshookers.com/public/site_content/quiz/category/ 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/category/Theshookers-Category5f362a7aabb56.jpg
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707476a6a35e28d895197d41a8da0d2313e4ce7e8716a1069df531e47a532b90
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
221480
last-modified
Fri, 14 Aug 2020 06:08:58 GMT
server
cloudflare
etag
"cfed8-36128-5acd041a41280"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye9i4rJ9AZE1BYS0cNcmd81HYO6XZMPSoT1XE2vLjNGayZsKE%2F33EgN9RhoiQ0VxnLtIhXWEoBtu%2FYuPgEz4B%2B6ZUukQV6BzGmGNFNeqZVirdJlkR2QXUCamNsndlsU9YX61WoaN4yMERZsfOCv2NU6v"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e96f082c7e-FRA
Hellomate-Category5e4a607910842.jpg
img.theshookers.com/public/site_content/quiz/category/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.theshookers.com/public/site_content/quiz/category/Hellomate-Category5e4a607910842.jpg
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e6debbca0f5a6d9e09df427cb1240db92aae6e4ad2040ef1f605b2fc3d7f0e
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
49100
last-modified
Tue, 28 Apr 2020 14:15:32 GMT
server
cloudflare
etag
"ce0df-bfcc-5a45a76e0a900"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWlby52l4nTKxRLW5%2BEY2wVP5C1m8MZjouA4Eh3%2Bb%2BudqOAVXa6yOTb8VDoX2sUQyQZyIBePKuM8WIXtgD21G4x6uLQwGj3jGDW0ypolddpbaxx5AnZBwSDvGkYhFPwZodJaMJJ8lppc7oVdZpsooyIw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e96f212c7e-FRA
French.jpeg
img.holaquiz.com/public/site_content/quiz/ck_editor/images/ADS_CUSTOM/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.holaquiz.com/public/site_content/quiz/ck_editor/images/ADS_CUSTOM/French.jpeg
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0ad7be9881919c665933ba0254fc3e98bfaa07c42dfaf829f326ddeadb7815
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-205-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
29864
cf-bgj
h2pri
last-modified
Mon, 05 Jun 2023 10:07:45 GMT
server
cloudflare
etag
"314156-74a8-5fd5f12f01e40"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4vArn92sEm0oGmMulXXVS1sgRaKdUW1ZsHwm18ivEvFM%2BVGgLFQVM%2B4FtU245Ui1AoGjOd5OQFLC4pfjdRfp2O7d%2F6W94ZpHSGsZauADiulw1Sw3Jild4cMDoxwVhLhwEeQMXjPP9U%2Fmaw1D2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
81e749e9ac0f9c0d-FRA
fb.png
fr.theshookers.com/public/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fr.theshookers.com/public/images/fb.png
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de606d7f17fdea6f8d1196af6f511160a1836614524e9c857edc8f5fb12e4641
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-57-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Jan 2022 11:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"706ef-3b8c-5d5d9325b0a40"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxGoy2iK%2F5lsYWWyp4nQDxb1rLzK6%2BzDha%2BxArJ5civ63M%2BBqupK1zttiyy2LeJ3iRkIAFE5cTcJBwHhS%2B7zH%2BrW6ebGYlLHA2GMK3bv%2FwSFg3ajYyNlq%2BzSTI7z9jQ5mPFhv28zcO6%2BXKqMS57zk6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
81e749e96f222c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
15244
in.png
fr.theshookers.com/public/images/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fr.theshookers.com/public/images/in.png
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c343a4f63cb76b7d46897a63e8cb682cfa94aa1944d0784f01eebf8762c9731
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-100-web
date
Mon, 30 Oct 2023 23:02:56 GMT
cf-cache-status
MISS
last-modified
Tue, 18 Jan 2022 11:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"706f8-24462-5d5d9325b0a40"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCLT6YOMwBgnGb5L5O6X3Ge6%2FXPMCrSK7MVJk6%2Fjzwe5ZgmhlPZXACMDLsyIK%2BjSI5xUqYjDGafV6GyhJmFn2f95Q7piw26J0Nwn95EcxegqFOtDPjkDSRRI7rHlKbrSMtckna%2BjRlYv%2BapcVTZZ%2BqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
81e749e96f232c7e-FRA
alt-svc
h3=":443"; ma=86400
content-length
148578
jquery.min.js
fr.theshookers.com/public/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/jquery.min.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-100-web
date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Nov 2019 07:46:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7072c-176f8-5973591384c40"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FASS2IbH8sYpImY1Pdz3WtI3aFuTHiKjpQxHOBEjgK7yMerIuhvoFfu1xyL0D%2FrBqRdYrz1etPBJTZrpjwO7JCZgOm2YFtjh7oe6MPozkV6SqFjQ9bfvBnJYUoavcD%2BsRnKIqp13weubw7gc5wN8Rw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f0c2c7e-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.js
fr.theshookers.com/public/js/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/bootstrap.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f6d3807b91f5746bee342a67bb053029f637f59ed6afee9f224ab8ef394757
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-241-web
date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 26 Oct 2023 07:35:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7070d-888e-608999c9fc9c0"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oLnrC%2BGCfgJp8a%2FWsWmxZrescUzQqEDsewIQpXn3wbzStWiArk9jSCvKwGEErdpGlIVjvLoiZvMI9WM0Tjzp6OH6zZsvouPU33EyTivqvll4cb02xcs6ue3nxqlFf4LnGVVr4zwogg%2FQwnlDW%2BOiIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f0f2c7e-FRA
alt-svc
h3=":443"; ma=86400
angular.js
fr.theshookers.com/public/js/ 		114 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/angular.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72c5cdb8ee97ed1e23f49f9cc0884c795f9c70e85a566453d9701f12cebfe9f
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-57-web
date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Nov 2019 07:46:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"70723-1c61c-5973591384c40"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYuyeITW6MhJL33ngSpguxXMEIEd1x78korsHrgR5p%2F2Im7lpbziprIQRoy1rnlVb9amuRWXd9laNy96iaDTJ5n3TN61s%2BbOfuMGzEIJ9KMT7CyMjlXNSDYzLoHwpQ5EeOauQqS6uyBBYrZ%2BH3bmrfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f102c7e-FRA
alt-svc
h3=":443"; ma=86400
angular-sanitize.js
fr.theshookers.com/public/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/angular-sanitize.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db668b70fd0021a224a50338fc80f62881fc5e678e84987ff62785d86ab3f320
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-57-web
date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Jan 2022 11:01:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7071e-5536-5d5d9326a4c80"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxTsTyo8eEYMw8S2ZOga1EJOln20v3eFAzV0H6c2pKGJGvQa22T3aw1ZIflRZlPvts944k8G1RQtPtJBO76hRFIF8lpKh9OhZ3Fw%2FNDgf4a3P6xXuLJx8hd3%2FU2v8rrhuLO3P2KwfQ1yKZDgS3f%2BQXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f112c7e-FRA
alt-svc
h3=":443"; ma=86400
site_api.js
fr.theshookers.com/public/js/ 		269 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/site_api.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a7e4bf63bc70f8c050d0d52aea5b15dddaaf64fd51036cd996130cbb5f58b14
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-149-web
date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 05 Jun 2023 05:48:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7072b-10d-5fd5b74fad480"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W4ANzYh8CLUEwkMUa6LBkHuiJNK4Jfxpg5TNhz8L%2BrkJ0obEup1vJMJkWOpmqK6J8gXAFXqe7LtsmpiEm2pnHygzvkMsLPzNVXBYVN0mxjFyBk7oA2IZmoCNkqC4FLdRZm4Mppn%2FztGj6SgehxkgNw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f122c7e-FRA
alt-svc
h3=":443"; ma=86400
s_a_cont.js
fr.theshookers.com/public/js/ 		97 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/s_a_cont.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5f2eab887fc0fd70b970b68a012bd5e52cbc791788e15fece50024dd40868de
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-149-web
date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 26 Oct 2023 07:35:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7012a-1839f-608999c9fc9c0"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2P%2F9RaN5xGFXu9jJVR9ldZXmTBz5TLw%2BnE8QZ0KU5HbCFDcFkuFN%2FmoNHLp86wWl82GP5sKdRliGtTJo9TBLtVgFtjI93ofdGaGCxic4jJbUtnRXaFmLKmSQJcTRRRp59aglOeuZ3F7gmixx7JUxzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f142c7e-FRA
alt-svc
h3=":443"; ma=86400
s_a_ser.js
fr.theshookers.com/public/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/s_a_ser.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e04a40af8692b8e76780c014a3f5ad8d55d98fe8a6cd671bbebd32413117888d
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-104-web
date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 26 Apr 2023 07:40:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"70e39-198d-5fa385911bac0"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wj9NtnndoAGQpNUYje2lQB5GR3h2pdqrPuOauZx%2FSmQrbBm2OLkTaUz6tzffGDbmW7WC%2FccVGJzyM%2BUW7GqoWSJ7xPQsCS0f7KGXAuocv82e5qxpwrm8n5%2FcxpDmG1SH19tUZex0livbBYNw%2BvcZZVU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f172c7e-FRA
alt-svc
h3=":443"; ma=86400
site.js
fr.theshookers.com/public/js/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fr.theshookers.com/public/js/site.js?v=20231014
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:2d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874a57370535dbaac73cf5c47cce9611d4e8762b9d1821e73532e9c35a07f32f
Security Headers
Name Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

server-host
as-hi-57-web
date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 26 Oct 2023 07:35:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"70386-c205-608999c9fc9c0"
x-frame-options
ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcdfUEIYpqKdkIjNiDfA0OVvpxFo7O4hKjlUt88o0gNeDcfmvNml6np%2F8L3l4jcXma%2FXEHDqeKgL73J0Q7A%2BkCP9Sf5Hh2jNokMNENmk1y57OFSSu3MOEDCL2Xf0LNuwd0K%2BLQpvXnqhHuB54VpBFtE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
vary
Accept-Encoding
cf-ray
81e749e96f192c7e-FRA
alt-svc
h3=":443"; ma=86400
html2canvas.min.js
cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.min.js
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
454380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11066
last-modified
Mon, 04 May 2020 16:11:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9d-9079"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iljTkyRSX8GdsjR%2FXInyA9L2CNuTY924z4UKUvIF%2FMveLXf%2FnqTIaoceypICjFYCk6o%2F7Pk4jeoSqauDEF89ke9D3GoYMTNdWhnAXMxOykyAy7KyRLZUj1U4HVgh9xyo4aBqQm7ZE4iJU5wT4JEmQrQ4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81e749e9b8912c22-FRA
expires
Sat, 19 Oct 2024 23:02:56 GMT
canvas2image.js
superal.github.io/canvas2image/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://superal.github.io/canvas2image/canvas2image.js
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
9a03674bfe83fe09eee7aae6106943918be73a009be21468c2bdb1b4ce958fdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-fastly-request-id
33ca41a28b90f24388cc29a503f93a067c104748
date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
115
x-cache
HIT
x-proxy-cache
MISS
content-length
2514
x-served-by
cache-fra-eddf8230065-FRA
last-modified
Thu, 27 Oct 2016 14:01:12 GMT
server
GitHub.com
x-github-request-id
E450:8D87:316E4C8:3219FFF:6536F5F1
x-timer
S1698706976.270043,VS0,VE1
etag
W/"581208a8-1fcf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Mon, 23 Oct 2023 22:48:41 GMT
gtm.js
www.googletagmanager.com/ 		184 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F8NWTV
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9af9f78c8200d8188207b39f75dabbb6dbaef9492b8669133fc4fc769efb8c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66913
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 21:31:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Oct 2023 23:02:56 GMT
__pmon.min.js
p2e9r4n9.stackpathcdn.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p2e9r4n9.stackpathcdn.com/__pmon.min.js
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fd15dccc78b33bb29115461ac9504869f4af29b5bdc93111b8ecff5d58469206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Mon, 30 Oct 2023 23:02:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Mar 2022 13:58:37 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4ba3-5d9c97e7e3e1f-gzip"
X-HW
1698706976.cds335.fr8.hn,1698706976.cds324.fr8.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=84600, public
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6398
js
www.googletagmanager.com/gtag/ 		290 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F8NWTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48eb40f350c841936cec9da7b9ef414c36d99ee9b65fe878cdaf7a9af14d70e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96742
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 30 Oct 2023 23:02:56 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
577f3234cafbad1a32ee6f284ed5d238eb4ba87d820f6651fb547d1ca758863f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51125
x-xss-protection
0
server
cafe
etag
14461573450297501874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:56 GMT
js
www.googletagmanager.com/gtag/ 		185 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-147732382-7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F8NWTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2fc39cf39101abc6cffd779651cd1f5fa0ef844d72de8205056011785782f9f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68635
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 21:31:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Oct 2023 23:02:56 GMT
js
www.googletagmanager.com/gtag/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126527512-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F8NWTV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0eb2411715ffea0b8c45caf4f06f98c6f6e9fa7014acb70136f1bbe97862e5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64689
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 21:31:58 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Oct 2023 23:02:56 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 		396 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7003191985075097&plah=fr.theshookers.com&bust=31079177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7003191985075097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
318f946ef81f55d0e63cabd80494e562f106afbe971089256bf7ecd49677723c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137531
x-xss-protection
0
server
cafe
etag
18100225646908989116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/ Frame 0AEA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7003191985075097
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 08:24:10 GMT
etag
4569948109300706969
expires
Mon, 13 Nov 2023 08:24:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126527512-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 30 Oct 2023 21:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4284
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 30 Oct 2023 23:51:32 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/ 		421 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 05:46:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
62171
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135211
x-xss-protection
0
server
cafe
etag
17495413759700775962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 29 Oct 2024 05:46:45 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K9F75CJJFQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-147732382-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89454803a1c10aa3fdfd0eb977bae8022578222850052b4559ef19de04caf5e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80764
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 30 Oct 2023 23:02:56 GMT
collect
region1.analytics.google.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9QKBNZJYL1&gtm=45je3ap0v899789978z8839628437&_p=1434031953&_gaz=1&gcd=11l1l1l1l1&cid=847481902.1698706976&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1698706976&sct=1&seg=0&dl=https%3A%2F%2Ffr.theshookers.com%2F&dt=D%C3%A9fi%20de%20l%27amiti%C3%A9%20%C3%A0%20relever%20!%20Tes%20amis%20sont-ils%20suffisamment%20brillants%20pour%20gagner%20%C3%A0%20ton%20quiz%20%3F%20D%C3%A9couvre-le&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9QKBNZJYL1&cid=847481902.1698706976&gtm=45je3ap0v899789978z8839628437&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9QKBNZJYL1&cid=847481902.1698706976&gtm=45je3ap0v899789978z8839628437&aip=1&z=573239435
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9QKBNZJYL1&gtm=45je3ap0v899789978&_p=1434031953&gcd=11l1l1l1l1&cid=847481902.1698706976&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1698706976&sct=1&seg=0&dl=https%3A%2F%2Ffr.theshookers.com%2F&dt=D%C3%A9fi%20de%20l%27amiti%C3%A9%20%C3%A0%20relever%20!%20Tes%20amis%20sont-ils%20suffisamment%20brillants%20pour%20gagner%20%C3%A0%20ton%20quiz%20%3F%20D%C3%A9couvre-le&en=page_location&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9QKBNZJYL1&gtm=45je3ap0v899789978&_p=1434031953&gcd=11l1l1l1l1&cid=847481902.1698706976&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AkA&_s=3&sid=1698706976&sct=1&seg=0&dl=https%3A%2F%2Ffr.theshookers.com%2F&dt=D%C3%A9fi%20de%20l%27amiti%C3%A9%20%C3%A0%20relever%20!%20Tes%20amis%20sont-ils%20suffisamment%20brillants%20pour%20gagner%20%C3%A0%20ton%20quiz%20%3F%20D%C3%A9couvre-le&en=scroll&epn.percent_scrolled=90&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4246551145145861&correlator=2382503484404834&eid=44807410%2C31079195&output=ldjh&gdfp_req=1&vrg=202310230101&ptt=17&impl=fifs&iu_parts=21759293390%2Cshookers_728x90_ATF%2Cshookers_728x90_BTF%2Cshookers_320x100_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C728x90%2C320x100&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1698706976538&lmt=1698703376&adxs=-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Ffr.theshookers.com%2F&vis=1&psz=0x0%7C0x0%7C0x-1&msz=0x0%7C0x0%7C0x-1&fws=128%2C128%2C640&ohw=0%2C0%2C0&ga_vid=847481902.1698706976&ga_sid=1698706977&ga_hid=1434031953&ga_fc=true&dlt=1698706975090&idt=1426&cust_params=page%3Dhome%26lang%3Dfr&adks=75205639%2C3350802383%2C3410685532&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6d08e2940adc13dd8dd07dadbd18adb94d06b2a71b7a10f825028bd061fdd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14522
x-xss-protection
0
google-lineitem-id
-1,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CDDC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 23:02:56 GMT
expires
Tue, 29 Oct 2024 23:02:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1434031953&t=pageview&_s=1&dl=https%3A%2F%2Ffr.theshookers.com%2F&ul=en-us&de=UTF-8&dt=D%C3%A9fi%20de%20l%27amiti%C3%A9%20%C3%A0%20relever%20!%20Tes%20amis%20sont-ils%20suffisamment%20brillants%20pour%20gagner%20%C3%A0%20ton%20quiz%20%3F%20D%C3%A9couvre-le&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2085947110&gjid=1710007233&cid=847481902.1698706976&tid=UA-126527512-6&_gid=2063462395.1698706977&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=730617279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fr.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1434031953&t=pageview&_s=1&dl=https%3A%2F%2Ffr.theshookers.com%2F&ul=en-us&de=UTF-8&dt=D%C3%A9fi%20de%20l%27amiti%C3%A9%20%C3%A0%20relever%20!%20Tes%20amis%20sont-ils%20suffisamment%20brillants%20pour%20gagner%20%C3%A0%20ton%20quiz%20%3F%20D%C3%A9couvre-le&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=100693357&gjid=1161811538&cid=847481902.1698706976&tid=UA-147732382-7&_gid=2063462395.1698706977&_r=1&gtm=457e3ap0&gcd=11l1l1l1l1&jsscut=1&z=305749616
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fr.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
dip.html
pfx.api.botman.ninja/ 		55 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pfx.api.botman.ninja/dip.html?ak=f8fe1ae5c2968a9d211e3fdad4e6be1ede137ae5&m=PFX&module=JSTAG&f=SCR&vis=4&ifp=0&burl=https%3A%2F%2Ffr.theshookers.com%2F&uq=6EbEcOZ4vfgk&ac=null&purl=&ih=1200&iw=1600&ow=1600&oh=1200&plf=Win32&cpu=undefined&lst=234lj4kl4dXfsDfkJitY323f6d3&aver=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/118.0.5993.117%20Safari/537.36&uagt=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.117%20Safari%2F537.36&cen=UTF-8&aname=Netscape&acod=Mozilla&cd=24&zi=undefined&nlang=en-US&ndrv=false&win=true&dnt=8&hco=4&plg=true&layer=0&nmt=0&nbo=Europe/Berlin&fsa=false&ch=1200&cw=1600&sh=1200&sw=1600&bld=24&actv=visible&acc=Intel%20Iris%20OpenGL%20Engine&gyro=undefined&pop=false&brl=0&brt=0&brh=0&brb=0&als=Intel%20Inc.&cam=undefined&bt=undefined&ce=true&dlmax=9.7&ntype=4g&ofw=0&ofh=0&s1=NA&s2=NA&s3=NA&s4=NA&s5=NA&s6=NA&hless=false&s7=NA&s8=NA&s9=NA&s10=NA&s11=NA&s12=NA&s13=NA&s14=NA&s15=NA&s16=NA&s17=NA&s18=NA&s19=NA&s20=NA
Requested by
Host: p2e9r4n9.stackpathcdn.com
URL: https://p2e9r4n9.stackpathcdn.com/__pmon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.161.35.131 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.131.35.161.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9a73ec51d0e62c2fdb04d631b841b43d1d61a18fd1c09ffc243db565ef05bbe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
gzip
last-modified
Mon, 08 Aug 2022 12:51:27 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62f106cf-37"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 31 Oct 2023 23:02:56 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-K9F75CJJFQ&_ono=1&gtm=45je3ap0v9114351501&_p=1434031953&_gaz=1&gcd=11l1l1l1l1&cid=847481902.1698706976&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698706976&sct=1&seg=0&dl=https%3A%2F%2Ffr.theshookers.com%2F&dt=D%C3%A9fi%20de%20l%27amiti%C3%A9%20%C3%A0%20relever%20!%20Tes%20amis%20sont-ils%20suffisamment%20brillants%20pour%20gagner%20%C3%A0%20ton%20quiz%20%3F%20D%C3%A9couvre-le&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9F75CJJFQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-K9F75CJJFQ&cid=847481902.1698706976&gtm=45je3ap0v9114351501&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9F75CJJFQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-K9F75CJJFQ&cid=847481902.1698706976&gtm=45je3ap0v9114351501&aip=1&z=145459766
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fr.theshookers.com&callback=_gfp_s_&client=ca-pub-7003191985075097
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7003191985075097&plah=fr.theshookers.com&bust=31079177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26ed950fc1436557d4abd994d9c581a39512a900c674e680a037a6002ddd4527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C615 		194 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7003191985075097&output=html&adk=1812271804&adf=3025194257&lmt=1698703376&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffr.theshookers.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698706976375&bpp=2&bdt=1285&idt=243&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=683362657390&frm=20&pv=2&ga_vid=847481902.1698706976&ga_sid=1698706977&ga_hid=1434031953&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079078%2C31079081%2C31079083%2C31079087%2C44798934%2C44805932%2C44807047%2C31078297%2C31079177%2C44803791&oid=2&pvsid=4246551145145861&tmod=2026529767&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=256
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7003191985075097&plah=fr.theshookers.com&bust=31079177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90de7853590323e051b677e0cac27fe663de4a451dbd8e51fdc790bbfa15ef39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
53668
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 23:02:57 GMT
expires
Mon, 30 Oct 2023 23:02:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-126527512-6&cid=847481902.1698706976&jid=2085947110&gjid=1710007233&_gid=2063462395.1698706977&_u=YADAAUAAAAAAACAAI~&z=1517546119
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fr.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-147732382-7&cid=847481902.1698706976&jid=100693357&gjid=1161811538&_gid=2063462395.1698706977&_u=YADAAUABAAAAACAAI~&z=122422921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fr.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-126527512-6&cid=847481902.1698706976&jid=2085947110&_u=YADAAUAAAAAAACAAI~&z=1779931562
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-126527512-6&cid=847481902.1698706976&jid=2085947110&_u=YADAAUAAAAAAACAAI~&z=1779931562
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-147732382-7&cid=847481902.1698706976&jid=100693357&_u=YADAAUABAAAAACAAI~&z=1537564979
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-147732382-7&cid=847481902.1698706976&jid=100693357&_u=YADAAUABAAAAACAAI~&z=1537564979
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A2C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079195
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 23:02:56 GMT
expires
Tue, 29 Oct 2024 23:02:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 508D 		152 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7e9768365c5139e82cf561e695c43d2fd3d9fcbd9c19636aded5edf08c5882ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 23:02:56 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jxxyx8yPyG_vWn2UkLkPaZlUqq3zpBkfNcOh64u_ZkMXsfaDDS1sK1oEMwrL4eS3H9_4ecAihAUPmm6kqHxiNfMAZtE4ms5Zhot_7FI8JwHoplN1z8gnyVQRJKJs4p05h5LHDXkb_Jjq_YVzyAF1NVtOCI7TrDtfuIutWEy2umnGeg8F7MUn7oOfZRkEP7ZK_NWisQ7gFPiHa_Fid30j-WHlz3QcxwUqLKNca1-PzdxHSGAI_28tIlg-Qw49VzBMMw_Luw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
44113135
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 4A2C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
13456
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 4A2C 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:54 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4A2C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
318528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A2C 		188 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:56 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 508D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 23:02:57 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 508D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 23:02:57 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 508D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 24 Oct 2024 23:02:57 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 508D 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 24 Oct 2024 23:02:57 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 508D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Xb2ig0w1vKREGpm8ff9nbhvlYMOjkf3EXS8VJwQpX2cquvBQZMyhSUiCR4dI4act3Z7B29pUHKK_Gh7awYzdwcIU1sSHTjoXhWDf8Ku94UEqeV_6y_TdaXrV7bJ4W0M5B9VpaZmHM2pKXWRLmEi35oHikuJzKBjk-EDIW1b24v9vTRuMHFFnOlbrFpC3WthsFu-OR3rf0D5G2oR3HaDBK9b5tnR-QZfX_C7iELwSoY-XdeTB-WwdmBvjOfA2J6dXdk-uXHK_YnXXRJwFVIPpFbcQ0jndCttIghm0dp6vcHQh_sDtyfo6-8BQj52jESMtiJRVvQTiHCaFg03B-uOcwQOdoNbo83jma-tXkhAEA6yQbGyYehh2UU8rkKNqjEs6KZ5w2G23JBuqYOjX2oKEPnhlUybWCAG3RKOAlUy76tl-G-ERY4HvUVBR5n9d3TCfSB5TFw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1957554
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 508D 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 23:02:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C615 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20231026&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7003191985075097&output=html&adk=1812271804&adf=3025194257&lmt=1698703376&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffr.theshookers.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698706976375&bpp=2&bdt=1285&idt=243&shv=r20231026&mjsv=m202310250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=683362657390&frm=20&pv=2&ga_vid=847481902.1698706976&ga_sid=1698706977&ga_hid=1434031953&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079078%2C31079081%2C31079083%2C31079087%2C44798934%2C44805932%2C44807047%2C31078297%2C31079177%2C44803791&oid=2&pvsid=4246551145145861&tmod=2026529767&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 508D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=jxxyx8yPyG_vWn2UkLkPaZlUqq3zpBkfNcOh64u_ZkMXsfaDDS1sK1oEMwrL4eS3H9_4ecAihAUPmm6kqHxiNfMAZtE4ms5Zhot_7FI8JwHoplN1z8gnyVQRJKJs4p05h5LHDXkb_Jjq_YVzyAF1NVtOCI7TrDtfuIutWEy2umnGeg8F7MUn7oOfZRkEP7ZK_NWisQ7gFPiHa_Fid30j-WHlz3QcxwUqLKNca1-PzdxHSGAI_28tIlg-Qw49VzBMMw_Luw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 508D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 23:02:57 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 508D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 24 Oct 2024 23:02:57 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/reactive_library_fy2021.js?bust=31079177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7003191985075097&plah=fr.theshookers.com&bust=31079177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5afededf857a56b1143a91f7491581bf87aadbc6d2fe3f50f7a601719f0409bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55379
x-xss-protection
0
server
cafe
etag
16263987510505760789
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:57 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/slotcar_library_fy2021.js?bust=31079177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7003191985075097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca93458417a6bcf859a6e4076c81f40970e62ab25cf4e1ba4d5f2dec92801401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32038
x-xss-protection
0
server
cafe
etag
7474839440861511879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/ Frame 7728 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7003191985075097&plah=fr.theshookers.com&bust=31079177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14520
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 19:00:57 GMT
etag
4569948109300706969
expires
Mon, 13 Nov 2023 19:00:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 7728 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 21:19:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Oct 2023 23:02:57 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7728 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 02:28:25 GMT
x-content-type-options
nosniff
age
333272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 26 Oct 2024 02:28:25 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7728 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 11:17:16 GMT
x-content-type-options
nosniff
age
387941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 25 Oct 2024 11:17:16 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 7728 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea1bccd5bd591ef9692b2d24f3f10b79483b891fd217cd4e7d115e33c1fce4d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
12044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6641
x-xss-protection
0
server
cafe
etag
2088779584902205610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:42:13 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/ Frame 7728 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
12044
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8600
x-xss-protection
0
server
cafe
etag
14061149270319446037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:42:13 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4A2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTi98IDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT2AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt1-7vOtgZHJ85OSVLb4-6eTn1TtamMXfRtdtoYqLmlE49KRre1C_-AEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc1MjAwMjc1ODQwMjczMjIY-cRu&sigh=Il_2ymoB6GA&uach_m=[UACH]&cid=CAQSTADICaaNoP6u_pb6fCK8inkk_FutpnJYezBggU4pE1J0hw_YrEsIG7ZM_cWqPg0pAlUB5E0UGYN3nOiODA9OB0kaHPHcv-cQw2cXXUoYAQ&cbvp=2&vis=1
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 4A2C 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGMg12AVanYNiAgIAAACqs6JY2JyMDqFFl78QHzZAZdsOeROlWMPUFBMAABIAAAoKQVFVQkFRRVBBUQ&wp=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&cbvp=2
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
152386
server
Kestrel
content-length
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7003191985075097
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://fr.theshookers.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
truncated
/ Frame 4A2C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1f29ad6d7de3a9990e82d0d110b5f44fffe32fd176efc4416f87d539c6d6332

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame 508D 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=412&rid=4&s=4XmDzDhTj_Xt41SoTFfmZS1p
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13661
expires
Thu, 03 Oct 2024 11:24:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F7205_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=Se2Qgo8KcgUmr5FN-aX6FRaz&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
18698
expires
Sat, 04 Nov 2023 22:38:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F7251_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=8cdAn7lBwzgxpi0QJKVay_Ht&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9d7858fcf072cca6ec23f9b871b0ea6f8c03f0ebda25bfa8e5f19ed9b62c082e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4022
expires
Sat, 04 Nov 2023 15:15:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=N2-N3FEOfepReAgBnHPPF5ZX&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8586
expires
Sat, 04 Nov 2023 12:47:14 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F4000_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=hmxShsl9xizTjF2oQ9QRJsXR&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a172d0c71c8b1838c8726f6fecad77efd85773854f51542e07b4ebd02d9c792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
31908
expires
Sun, 05 Nov 2023 05:10:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16076
expires
Sat, 04 Nov 2023 21:55:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F9759_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=3_rRX1cv2EqG181tzIIwEs36&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abc3e5b7c4f477ff2289ebccbba4d30443495451f9a51c7cb7bd5fca87fbfc4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
24196
expires
Sat, 04 Nov 2023 12:06:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F9785_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=Yrd5qBwNeZHx7fLSg7yTamOu&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c8fe8fbd507b15673c6e850c234144bd98bf1851b1e5de70a90a55ddcb455144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
3698
expires
Sat, 04 Nov 2023 12:55:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F7324_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=vzV1y0aocvKGSYvxLc-5k3mP&b=400
Requested by
Host: c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
702ecd49a02e24f6a8cd90db757f3da97673e55f9d64a5bd97de20c99921e440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10996
expires
Sat, 04 Nov 2023 12:38:41 GMT
css
fonts.googleapis.com/ Frame 1F1E 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 22:02:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Oct 2023 23:02:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 1F1E 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:19:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
13418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:19:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/ Frame 1F1E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
13456
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9142
x-xss-protection
0
server
cafe
etag
3118617226516770384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 1F1E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
13456
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/ Frame 1F1E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 19:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8430
x-xss-protection
0
server
cafe
etag
7000445677337367579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Nov 2023 19:18:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F1E 		188 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60393
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698666127188353"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 30 Oct 2023 23:02:57 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame 1F1E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231026/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
539924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 16:29:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 22 Jan 2024 17:04:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310230101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3340f73e9aa78dadb65443b84f1902b5e4b5bc06cd90ed8f0dc530ea3cdd2e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12316
x-xss-protection
0
img
imageproxy.eu.criteo.net/img/ Frame 508D 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F10289_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=N2-N3FEOfepReAgBnHPPF5ZX&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
8586
expires
Sat, 04 Nov 2023 12:47:14 GMT
EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js
pagead2.googlesyndication.com/bg/ Frame 70FF 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EHo6i7O_0JOvtrr8dxlkDoYuw_rm2628d10tqmkoAl4.js
Requested by
Host: fr.theshookers.com
URL: https://fr.theshookers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
107a3a8bb3bfd093afb6bafc7719640e862ec3fae6dbadbc775d2daa6928025e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:47:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
342928
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15078
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 23:47:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F4000_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=hmxShsl9xizTjF2oQ9QRJsXR&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a172d0c71c8b1838c8726f6fecad77efd85773854f51542e07b4ebd02d9c792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
31908
expires
Sun, 05 Nov 2023 05:10:49 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=412&rid=4&s=4XmDzDhTj_Xt41SoTFfmZS1p
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13661
expires
Thu, 03 Oct 2024 11:24:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
16076
expires
Sat, 04 Nov 2023 21:55:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F7251_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=8cdAn7lBwzgxpi0QJKVay_Ht&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9d7858fcf072cca6ec23f9b871b0ea6f8c03f0ebda25bfa8e5f19ed9b62c082e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
4022
expires
Sat, 04 Nov 2023 15:15:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F7205_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=Se2Qgo8KcgUmr5FN-aX6FRaz&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
18698
expires
Sat, 04 Nov 2023 22:38:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F9785_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=Yrd5qBwNeZHx7fLSg7yTamOu&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c8fe8fbd507b15673c6e850c234144bd98bf1851b1e5de70a90a55ddcb455144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:56 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
3698
expires
Sat, 04 Nov 2023 12:55:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F7324_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=vzV1y0aocvKGSYvxLc-5k3mP&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
702ecd49a02e24f6a8cd90db757f3da97673e55f9d64a5bd97de20c99921e440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
10996
expires
Sat, 04 Nov 2023 12:38:41 GMT
img
imageproxy.eu.criteo.net/img/ Frame 508D 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F9759_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=3_rRX1cv2EqG181tzIIwEs36&b=400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
abc3e5b7c4f477ff2289ebccbba4d30443495451f9a51c7cb7bd5fca87fbfc4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
24196
expires
Sat, 04 Nov 2023 12:06:43 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310230101/pubads_impl.js?cb=31079195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Oct 2023 23:02:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA2C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fr.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
23034
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 16:39:03 GMT
expires
Tue, 29 Oct 2024 16:39:03 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 93C5 		829 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
baed48ced9fef36e780eb8f3da79274274c7c307f027f3b263dd9a433df41981
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-n9JkWICTmZpQCoxLvJnwlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fr.theshookers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-n9JkWICTmZpQCoxLvJnwlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Oct 2023 23:02:57 GMT
expires
Mon, 30 Oct 2023 23:02:57 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame CA2C 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 16:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
24069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Oct 2024 16:21:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 93C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310230101&jk=4246551145145861&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CA2C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Q_2Uug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310230101&jk=4246551145145861&bg=!wcKlwo3NAAbo5yKYyOc7ADQBe5WfOPaA4r75xUjtXybnaba1cQUofJizcKU6MnmoXw1TKPXQaOR8XtQxGKVG8R8bo80yAgAAAExSAAAABGgBBwoALs2vrm-Mkq1W0UcEN1jNBmlDVr6jl2SlzEXuXg1RbQfaulN04R0i5bF6_IfZfmaZArlpLq1EQ8FC05bKpgHvS2b_T4da-r6qa7NR36kktp-vSzH6IKmDVrP59DECt3SPxRaIkR5Sifq3zBiNliLT92W5P9YbIho9RtkSqEuYPf0GriaZw0eVZ8ITlRaO9Ur8JI4gaw2USKk56SkIDyD2vPVyQpj9lAOTDQnRYViSe9oJfGAO_YDlxWI2ycgPeEJmRWztk5qpynOOYYLqmvax0psNmklVfSE1BSAPSdLcHg-jGzhbftfFNJ__QraBIMxC3yasGuJBedLbvXFERK2CS8hhoInendir5HH84I_nNT3o0CEGCpdXSjODjCMhgI9dpxoSfydWSu0jZ6r_cO8y8LOmyp0Zt3ltR6yqYFdwEnZbC86M0vyxbyGRiwOa6L_va7Pmv0duOBSC-WxDwsWL9hGIY1wqUg2CY__w6emC7H0OHT_LirmIem6xEuzR6b2MoDa2jOAzyB3zVBsdS_UtqCY6QsC05CYtO72vald-lYky3KLVrl6KDaE7GuClwziASnJHejGhVIpVRWnHyntwgb0dkTZwH0OHxFGQr-fliFUvP-exUvTts3I69gJmYSpPPXdfmIzI5uLRFi02ZyfvoCVNfPTm47i6HQ6iLwJ5KnoNrSoCGS7ItshpfLtLVpiKOIwDA7_yZ2i1aArtYbMVOfpSpROrw8hNABrydV2wR0wfQD91Uc2cojhZOPIXuqZzcnWHfldCmfzm-k1q8HFjkVcgOxWcafAggsUVX6Elw0J6EOoFmJTBBe1FwIkgQRDEq79M_m1frYc7cRh_T76IbKBwFA9XINorlrUwXcGe9EeHD1cSMo2C8wUEIPm25nF5eCZsNZyof9Jt0EhxpucxD669LA19Hk1kblrChbKom2Vr-SqonCGe_PWHFtLEF9oMAm3D_MWnXWV-n-eRuM74SpiZV8sWEaZIdxHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A2C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsW9ujiB95pZxwmkZHG7SOq1kMCDfxeHAxJAFoYtFp34SFKmxh5rqcMpo8xQjSV3jq68EZf0XsGTM4wC2irr9pdnY1Mp92_VwTWhw&sig=Cg0ArKJSzLVsnY2tcEJsEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231030&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=75205639&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698706976904&rpt=157&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 508D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=jxxyx8yPyG_vWn2UkLkPaZlUqq3zpBkfNcOh64u_ZkMXsfaDDS1sK1oEMwrL4eS3H9_4ecAihAUPmm6kqHxiNfMAZtE4ms5Zhot_7FI8JwHoplN1z8gnyVQRJKJs4p05h5LHDXkb_Jjq_YVzyAF1NVtOCI7TrDtfuIutWEy2umnGeg8F7MUn7oOfZRkEP7ZK_NWisQ7gFPiHa_Fid30j-WHlz3QcxwUqLKNca1-PzdxHSGAI_28tIlg-Qw49VzBMMw_Luw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUA2IAAI92QIEf4bAAi7FPoZaohnd1PTodM_dA&u=%7CXiq8AZszOvj%2BOXaCRhuy7GVUZiscrdMS2EiBuw%2BAN9U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MSN_rDzZyi1Fojt65YaUtMKk1WZxrI_bwyUKgdL1IMNooqRmqe2NFuMUoFS7BhrQUFd7nIqRQ2FB3JvSgiTmu6Z7CV6AoMpHNsK8XLJ3j43HueLtSLOST7IwUdt4dK16QfCAkxr5paeF71S6lnARypgQIwILmFNZpyEYmcC1Qjkz0nBTEeIKAvXXg9lpgvZAcEJOqDfn5LwA0mdiJ3aOufLunUxmfGlYLtUx3KnqNRvtMpMyZ17bqAb4su8xiafBsVZXQCrJGPUPguPInOb4mMmykoVh0EROFHsYdzEj9a5FKAJracQNm294gCUge4w3nPzccUUKSVcX_oxalQdWRx7Iw6-Q9vvCf2iEO1RNWdGZQ6gWzvEuQCR3KU3VoTlQNf4TQ1xcO4qYSBhTToa9vkg4eSuVPGstWooICOtJ4TbS_Z27_ELEc0BvJt64txgUSJleq80uLynBJNof4AESaPSoZDq65w8RLyjDK6LflNtSD8HmqIEGLTKLfHfGkhE3TAIll4YR4P4OUZvyfm-cLDfEVE_6bdRUJi54YgxAS24CLKPaMuj-gU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM_fyIDZAZeTuI5v8x_APlPai2AHJntKxXNWdkfdwwI23ARABIABglaqggrAHggEXY2EtcHViLTc1MjAwMjc1ODQwMjczMjLIAQmpAg6rYzrJy7E-4AIAqAMByAMCqgT5AU_QEPvZ1Yx0mNuPbmpBwaverj14aqnshKeWt7PGBCEc0e-VxvgTmYLqNLbqaAaYpUkgyHeVZQq4Qyn1DdRADxUBYjtLZw0ubDQzX3B0v2ckxZCflM-SQmZca2ERooXYgNMi-vwaC7jC6asR9smrrHJ7QKzzo77vXSHwymAFQnsmrFTsRHkE3Ix_atqpY9i3j5UQ3aytdawPWKnXmbU0NT1q4mJ7MamdW1Zk9LxVTj1p2NknyAWuDbIoODvn7qJXGzylgfwEnXkmTIdJWSvUyt087NI_AQIZzjVCc2x02043kXPn3Gk5ZZnpfruM3NZaz8oJZ3liFv2uXeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3tHl6DQOVZJCOoPXZ8I3Vv6CeZ5Q%26client%3Dca-pub-7520027584027322%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Oct 2023 23:02:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-7003191985075097&su=fr.theshookers.com&eid=44759875%2C44759926%2C31079078%2C31079081%2C31079083%2C31079087%2C44798934%2C44805932%2C44807047%2C31078297%2C31079177%2C44803791&doc=complete&pg_h=4028&pg_w=1600&pg_hs=4028&c=1&aa_c=0&av_h=90&av_w=750&av_a=67500&b=3840.719&all_b=3840.719&d=0.022&all_d=0.022&ard=0.010&all_ard=0.010&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:02:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-9QKBNZJYL1&gtm=45je3ap0v899789978&_p=1434031953&gcd=11l1l1l1l1&cid=847481902.1698706976&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=4&sid=1698706976&sct=1&seg=0&dl=https%3A%2F%2Ffr.theshookers.com%2F&dt=D%C3%A9fi%20de%20l%27amiti%C3%A9%20%C3%A0%20relever%20!%20Tes%20amis%20sont-ils%20suffisamment%20brillants%20pour%20gagner%20%C3%A0%20ton%20quiz%20%3F%20D%C3%A9couvre-le&en=page_location&epn.percent_scrolled=90&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9QKBNZJYL1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fr.theshookers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 23:03:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fr.theshookers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| arrGoogleDfpDesSlot object| arrGoogleDfpMobSlot object| arrGoogleDfpSlot object| arrFooterAddSlotDes object| arrFooterAddSlotMob object| arrGoogleImpressionViewableAdsSlot object| googletag object| dataLayer function| gtag string| __ak number| __ci number| __gv object| arrGoogleAddContainer number| adWidth string| google_dfp_client object| dfp_ad_size object| sticky_note_google_dfp_client_after_gdpr string| eziocDivStart string| eziocDivEnd string| ezoicPubId object| arrJsConfig object| abusive_words_list number| dcConfig object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| _0x1f5094 function| keyGen string| __acc undefined| __cam undefined| __gyro undefined| __bt string| __als string| __ntype number| __dlmax boolean| __ce string| __uq string| __burl number| __hl string| __purl string| __lst number| __iw number| __ih number| __sh number| __sw number| __ow number| __oh number| __cd string| s1 string| s2 string| s3 string| s4 string| s5 string| s6 string| s7 string| s8 string| s9 string| s10 string| s11 string| s12 string| s13 string| s14 string| s15 string| s16 string| s17 string| s18 string| s19 string| s20 object| __ac object| Base64 string| __cv number| __ifp string| __aver string| __uagt string| __aname string| __acod string| __nlang boolean| __ndrv number| __dnt number| __hco number| __nmt string| __plf undefined| __cpu number| __bld string| __actv boolean| __fsa object| canvas object| gl object| debugInfo boolean| __plg boolean| __win string| __mode string| __cen function| _0x3adc boolean| __pop number| __ch number| __cw object| iiv object| __pElem number| __brl number| __brt number| __brb number| __brh number| __ofw number| __ofh number| __layer number| __vis undefined| __zi boolean| __hless function| createCORSRequest function| setCookie function| getCookie function| delete_cookie function| appendHtml function| _0x15fc function| getHLS function| isPrivateMode function| mrc function| ivsb function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp function| $ function| jQuery object| jQuery111308176285984796186 function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| angular object| SITE_API_URLS object| myApp object| loginApp function| changeLang function| changeLangDomain function| closeAllModals function| go_on_top function| question_add_option_continue_button function| refreshDfpAdd function| refreshAvailableAds function| callAppLixir function| appLixirAdStatusCallback function| change_gender_state string| currTheme function| toggletheme function| redirectCalculateLovePercentage function| redirectToUrl function| toggleLoveMeterMenu function| confirm_delete function| confirm_friend_delete function| clickSound function| clicknextSound function| match_input function| country_selected function| check_play_form function| check_friend_form function| select_langauge function| fb_share function| socialButton function| vpwait number| rewardButtonId string| rewardButtonUrl boolean| userAnsButtonClicked function| userAnswerStats function| gtmEventTracking function| snapchat_share function| instagram_share function| whatsapp_status_share function| sendPushTags function| sendPushTag undefined| pushEncUserQuizId undefined| pushState function| getPushTags function| setOneSignalUserId function| incrSyncCount function| postGetPushTagsIncrSyncCount function| loadMoreStats function| initGoogleAdsRefresh function| refreshGoogleAds function| refreshGoogleAdsWithTimeout function| shareStory function| shuffle function| copy_share_url function| openNav function| closeNav function| addHoverClass function| removeHoverClass object| elem function| playHtml5Game function| playBackGame function| getNextListItem function| showLessBlogsAtHome function| showMoreBlogsAtHome number| gaugeMaxValue number| percentValue undefined| needleClient object| options object| animation function| getNextCustomAd function| showLessCustomAd function| showMoreCustomAd function| showLessBlogsAtPlay function| showMoreBlogsAtPlay function| html2canvas object| Canvas2Image object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.theshookers.com/ Name: _ga_9QKBNZJYL1
Value: GS1.1.1698706976.1.0.1698706976.60.0.0
.theshookers.com/ Name: _gid
Value: GA1.2.2063462395.1698706977
.theshookers.com/ Name: _gat_gtag_UA_126527512_6
Value: 1
.theshookers.com/ Name: _gat_gtag_UA_147732382_7
Value: 1
fr.theshookers.com/ Name: __bqs
Value: aHR0cHMlM0ElMkYlMkZmci50aGVzaG9va2Vycy5jb20lMkYmdXE9NkViRWNPWjR2Zmdr
.theshookers.com/ Name: _ga_K9F75CJJFQ
Value: GS1.1.1698706976.1.0.1698706976.60.0.0
.theshookers.com/ Name: _ga
Value: GA1.1.847481902.1698706976
.doubleclick.net/ Name: IDE
Value: AHWqTUnxwRI95qfwJNJ2l5bJ6oDuUYnxgDJzwsK_TZGU6rf6hxWXCyNauVuILHQpuDI
.theshookers.com/ Name: __gads
Value: ID=22e082cd68b62080:T=1698706976:RT=1698706976:S=ALNI_MYkCtWkXONTJ1oppmsiasaYP0BI1A
.theshookers.com/ Name: __gpi
Value: UID=00000cadd1f64569:T=1698706976:RT=1698706976:S=ALNI_MbQzUyD6kjWv72fwP-dIdmlurZ6ig

1 Console Messages

Source Level URL
Text
other warning URL: https://c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options ALLOW_FROM http://dc2-staging.holagames.io, ALLOW_FROM https://dc2-staging.holagames.io

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
c32fbaa94d279e2856a13d5fc9f93029.safeframe.googlesyndication.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fr.theshookers.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
img.holaquiz.com
img.theshookers.com
p2e9r4n9.stackpathcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pfx.api.botman.ninja
region1.analytics.google.com
rtb.nl3.eu.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
superal.github.io
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
151.139.128.10
178.250.1.6
2001:4860:4802:34::36
2606:4700:20::681a:6d3
2606:4700:3036::6815:2d5e
2606:4700:3037::ac43:d4da
2606:4700::6811:180e
2606:50c0:8000::153
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
5.161.35.131
022a743495e02b0cb9c208f38abe95551b56c20a3feca8b13ac4aa334da2baa9
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08979ac5dc183c913f0f274b03a248982b04fea0aac48c10ae1bd0b717f42641
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e948e04966cface2fe86969c9c5bb12fb5a27e4314727e30464267e37786c5d
107a3a8bb3bfd093afb6bafc7719640e862ec3fae6dbadbc775d2daa6928025e
1a172d0c71c8b1838c8726f6fecad77efd85773854f51542e07b4ebd02d9c792
1c0ad7be9881919c665933ba0254fc3e98bfaa07c42dfaf829f326ddeadb7815
23c24eb7ef079fdc86b477b1603d2f05885fa3033dba7198d1da3736824e83d4
26ed950fc1436557d4abd994d9c581a39512a900c674e680a037a6002ddd4527
2a7e4bf63bc70f8c050d0d52aea5b15dddaaf64fd51036cd996130cbb5f58b14
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fc39cf39101abc6cffd779651cd1f5fa0ef844d72de8205056011785782f9f5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318f946ef81f55d0e63cabd80494e562f106afbe971089256bf7ecd49677723c
3340f73e9aa78dadb65443b84f1902b5e4b5bc06cd90ed8f0dc530ea3cdd2e34
37f81dfa473e551ebde3be297dee64b41c2c3d67707ad27c2ea238c37764d8bb
3b6dfeb59f7464899e64068a09afaa80fdae61e9767a041f9bc60aae5362c599
3c343a4f63cb76b7d46897a63e8cb682cfa94aa1944d0784f01eebf8762c9731
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48eb40f350c841936cec9da7b9ef414c36d99ee9b65fe878cdaf7a9af14d70e4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5198b4b9434e8096a62ef0b08309a7835e40508875b5cb3f2daa929fe28757ba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
577f3234cafbad1a32ee6f284ed5d238eb4ba87d820f6651fb547d1ca758863f
57f6d3807b91f5746bee342a67bb053029f637f59ed6afee9f224ab8ef394757
5afededf857a56b1143a91f7491581bf87aadbc6d2fe3f50f7a601719f0409bb
5ba431addebca895832667d33e2ad51e4da1a1f2fbab72116d716c08077695a6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d520933760d014890c6e71d5a7d0539cea020f6036a54d2408489d2177b0cbf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68e6debbca0f5a6d9e09df427cb1240db92aae6e4ad2040ef1f605b2fc3d7f0e
6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917
702ecd49a02e24f6a8cd90db757f3da97673e55f9d64a5bd97de20c99921e440
707476a6a35e28d895197d41a8da0d2313e4ce7e8716a1069df531e47a532b90
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
737473b145a0fb2d97963ba71104b42ea59d434e17d43de3db67ddffc24200ac
7e9768365c5139e82cf561e695c43d2fd3d9fcbd9c19636aded5edf08c5882ac
83b6c3c74f5af6f322e21ba41f54efe00a2dca2854bc67ad1b41d49795003a3d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855fa6d88cb3eeb5086b2b76f9838e2df9cd0e80680586a7a8c59090da4954dd
874a57370535dbaac73cf5c47cce9611d4e8762b9d1821e73532e9c35a07f32f
8895c83287e65a12c85a2b9c9b284b021a906f42e407f9aa3d5969f4931b60dd
89454803a1c10aa3fdfd0eb977bae8022578222850052b4559ef19de04caf5e2
89e8d5fe12750f6c1db492d2e3a68c16c088070f49a8c5e609af0bf59f001e46
8d6d08e2940adc13dd8dd07dadbd18adb94d06b2a71b7a10f825028bd061fdd7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90de7853590323e051b677e0cac27fe663de4a451dbd8e51fdc790bbfa15ef39
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
9a03674bfe83fe09eee7aae6106943918be73a009be21468c2bdb1b4ce958fdc
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a73ec51d0e62c2fdb04d631b841b43d1d61a18fd1c09ffc243db565ef05bbe4
9af9f78c8200d8188207b39f75dabbb6dbaef9492b8669133fc4fc769efb8c66
9d7858fcf072cca6ec23f9b871b0ea6f8c03f0ebda25bfa8e5f19ed9b62c082e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a0eb2411715ffea0b8c45caf4f06f98c6f6e9fa7014acb70136f1bbe97862e5b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
abc3e5b7c4f477ff2289ebccbba4d30443495451f9a51c7cb7bd5fca87fbfc4f
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1127616e70adcf895ad38ff2eeac1fa12419b6522f4c58df704d3dae8305d49
b1f29ad6d7de3a9990e82d0d110b5f44fffe32fd176efc4416f87d539c6d6332
b8aae2e2f1175a805f19d819249b3cd343cb601e263a8d70d373219041e116c6
baed48ced9fef36e780eb8f3da79274274c7c307f027f3b263dd9a433df41981
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
c72c5cdb8ee97ed1e23f49f9cc0884c795f9c70e85a566453d9701f12cebfe9f
c8fe8fbd507b15673c6e850c234144bd98bf1851b1e5de70a90a55ddcb455144
c936bca314b30e3c48bbad667c920cac28e3e43b72f5f372c706e885a0aa2743
ca93458417a6bcf859a6e4076c81f40970e62ab25cf4e1ba4d5f2dec92801401
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
cfd86eed5b662601ed1effa05e0922030a1bbfb3111d160df9b4f71630198c37
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d67d1f7f4b747425486e728a75813fc736c65a9390d70f4170ff7f16875998b3
db668b70fd0021a224a50338fc80f62881fc5e678e84987ff62785d86ab3f320
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de606d7f17fdea6f8d1196af6f511160a1836614524e9c857edc8f5fb12e4641
df66204eb54c7073b70407473b387912d1222b06960641d26d860f93ecb240f8
e04a40af8692b8e76780c014a3f5ad8d55d98fe8a6cd671bbebd32413117888d
e3aa53c315728f91fbddb3c69c19cf54725f38c93b70d11ac6a6c862ea8a5aae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1bccd5bd591ef9692b2d24f3f10b79483b891fd217cd4e7d115e33c1fce4d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5f2eab887fc0fd70b970b68a012bd5e52cbc791788e15fece50024dd40868de
f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da
fbc65ce1833cc6c77f5bc2581dd2808d566de926e13c5fc21702df50e1c29474
fd15dccc78b33bb29115461ac9504869f4af29b5bdc93111b8ecff5d58469206