rextester.com Open in urlscan Pro
92.204.4.78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rextester.com/IEFZ77733
Submission: On April 08 via manual (April 8th 2022, 10:39:53 pm UTC) from RU — Scanned from FR

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 23 domains to perform 72 HTTP transactions. The main IP is 92.204.4.78, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is rextester.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 13th 2021. Valid for: a year.

This is the only time rextester.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	92.204.4.78 92.204.4.78	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
1 2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
4	94.31.29.32 94.31.29.32	6461 (ZAYO-6461) (ZAYO-6461)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	159.65.16.11 159.65.16.11	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.214.91.80 3.214.91.80	14618 (AMAZON-AES) (AMAZON-AES)
1	52.16.214.41 52.16.214.41	16509 (AMAZON-02) (AMAZON-02)
1	204.237.133.116 204.237.133.116	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
4	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	() ()
1	2a02:2638::1c 2a02:2638::1c	() ()
72	38

2 92.204.4.78 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: vs242194.vs.hosteurope.de

rextester.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.31.29.32 (London, United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.16.11 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-14.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.91.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-91-80.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.214.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-214-41.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.237.133.116 (West Chester, United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c97a84d44b25d52a5d26c3b1f343596c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 c97a84d44b25d52a5d26c3b1f343596c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	91 KB
10	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 95 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	182 KB
6	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	146 KB
6	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 248 cdn.adnxs.com — Cisco Umbrella Rank: 1424 ams1-ib.adnxs.com — Cisco Umbrella Rank: 7279	45 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	2 KB
4	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 15561	212 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1879 mp.4dex.io — Cisco Umbrella Rank: 2587	24 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	100 KB
2	criteo.net static.criteo.net	62 KB
2	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 758 gum.criteo.com mug.criteo.com Failed	6 KB
2	google.fr www.google.fr — Cisco Umbrella Rank: 13547 adservice.google.fr — Cisco Umbrella Rank: 26349	1 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 279	17 KB
2	rextester.com rextester.com	145 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 860	360 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 607	744 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4167	706 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 458	1 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1206	925 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457	114 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1888	709 B
1	mantisadnetwork.com mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 10552	340 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 15685	669 B
72	23

	Domain	Requested by
9	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net cdn4.buysellads.net tpc.googlesyndication.com rextester.com www.googletagservices.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net rextester.com
4	ams1-ib.adnxs.com	cdn4.buysellads.net rextester.com cdn.adnxs.com
4	googleads.g.doubleclick.net	cdn4.buysellads.net googleads.g.doubleclick.net
4	cdn4.buysellads.net	rextester.com
3	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	ssl.google-analytics.com	1 redirects rextester.com
2	rextester.com	rextester.com
1	gum.criteo.com	static.criteo.net
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	cdn4.buysellads.net
1	c97a84d44b25d52a5d26c3b1f343596c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	onetag-sys.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	ap.lijit.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	fastlane.rubiconproject.com	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	ib.adnxs.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	ads.servenobid.com	cdn4.buysellads.net
1	mantodea.mantisadnetwork.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	www.google.fr	rextester.com
1	stats.g.doubleclick.net	1 redirects
0	mug.criteo.com Failed
72	39

This site contains links to these domains. Also see Links.

Domain
groups.google.com
www.patreon.com

Subject Issuer	Validity	Valid
rextester.com ZeroSSL RSA Domain Secure Site CA	`2021-12-13` - `2022-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-03` - `2022-09-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2022-05-18`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2021-10-14` - `2022-11-11`	a year	crt.sh
ads.servenobid.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.google.fr GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://rextester.com/IEFZ77733
Frame ID: 171D4B9E41A79FED30C887EF73B543E8
Requests: 34 HTTP requests in this frame

Frame: https://c97a84d44b25d52a5d26c3b1f343596c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 41E0C84C89BA6A208336B4997DD2E2DC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve5iF4BFkoplhjBQMUelgUcyX2U_-KloGcUW2qCtXH5eEWbNvjj6wUbf9BAyImd-Yl6eE4ptAxqvm6pYjgCFx5fJ7GhW9q80JSAL6QTvMKWcprtr_4mJcCZxnzqz1KNz8dz0bdOoTqu-caW5HmKOJDmMnqltKGQ-paUhHvshPj55M9-eX076KWcq-IUYgbPrE45hYkc7VYFQiOh8WDfg6wG-gpln55w9klIq4BbPPFMZTQd7-T--ESkfWEMwuspWqGC5UqwJpWGZwJSOHb7Zg62Bm3Adh1r_l-L6qnslvINsDy3Sb01sAk1X1flDNPSbvbhRnHBp8Apg&sai=AMfl-YRVcx0CmO4ymdePckAJGsMbkvb0UUm6vd-HUe_zos5aRshUFrxSZsl_XHc-REiV35U9yC00nT8-zNG3QZ1-IH7ysJQtcvYzR0LboICc2aD7hyRylWEOXBnxIPun6nY&sig=Cg0ArKJSzP8HL5Tqv7k4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CBAE4A5E46246D994D9CF1B1AF4B52C5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 159E306BFE8999E9382EFC706BEE6C9B
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4272422E7E33A9FDC51AF6AACE9A7F20
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2793A8A1AE368B6F80C85189F952C224
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js
Frame ID: 509E5FEBEA1DAC7E28EDA702C782AB4D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rextester.com
Frame ID: 33F6DB3EF0955B1A399B4A2DA39DC14A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

www89.duckdns.org, C# - rextester

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

96 %
HTTPS

61 %
IPv6

23
Domains

39
Subdomains

38
IPs

7
Countries

1039 kB
Transfer

2644 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://groups.google.com/g/rextester
Title: Feedback

Search URL Search Domain Scan URL

URL: https://www.patreon.com/rextester
Title: Patreon

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=107089040&utmhn=rextester.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=www89.duckdns.org%2C%20C%23%20-%20rextester&utmhid=1443155931&utmr=-&utmp=%2FIEFZ77733&utmht=1649457588684&utmac=UA-15090815-2&utmcc=__utma%3D178476455.133423568.1649457589.1649457589.1649457589.1%3B%2B__utmz%3D178476455.1649457589.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=394655377&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040 HTTP 302
https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040&slf_rd=1&random=2015361824

Request Chain 63

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODo_7jFkQEQsAkYrAIyCHjq0aJKDWx0 HTTP 301
https://tpc.googlesyndication.com/simgad/14063799417358095134

Request Chain 74

https://gum.criteo.com/sid/json?origin=publishertag&domain=rextester.com&sn=ChromeSyncframe&so=0&topUrl=rextester.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=o8SIwHxvYzZhdWtoMnYxT25JUG0rRjZFaHVta0J2cDJlcmlRR1h2Q1kwR3FSRnErbVZncmN4UlVRSE5RczBrbUVtblFvUm91Y2FORGFLdWEyZ25XNnlZTkYxdnhWTHB3ZlVyQzdWcGtPbHhvcnRUejNiYWpMbkYrNmFrRVhPcExuQllHRm51M1pRK1RxMW9jVGY1a0ErczJkVllodUV0ZnNNMjBoeGJmZnpaSXA2MzlyNTAyd2dvUGZRd2JLQlpGNkVDSmRqeVo5SnBJNUIyR1BybFJUZVptOWY3WFptL05EZFNNeDEvandXREFoZVY5RFBaeDI3cklrcDQ5OEJpRUNRZjNSbTN3NUVRaC9ucmYvNjdwWHQxM2ExUT09fA&cppv=2

72 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request IEFZ77733 Show response
rextester.com/ 289 KB
99 KB 1716ms
91ms Document
text/html 92.204.4.78
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://rextester.com/IEFZ77733
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 92.204.4.78 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs242194.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dfb79c451c535faca9ef3aa006d39f05d4d65f88c42a3182aba34642d19713dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 100990
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Apr 2022 22:40:36 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK jquery-latest.min.js Show response
rextester.com/Scripts/ 112 KB
46 KB 30ms
30ms Script
application/javascript 92.204.4.78
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to

Full URL: https://rextester.com/Scripts/jquery-latest.min.js
Requested by: Host: rextester.com
URL: https://rextester.com/IEFZ77733
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 92.204.4.78 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: vs242194.vs.hosteurope.de
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2c6e0f0e40ee0c2dba52532421f6978b2861deb34e9a8271aa3aa9b52fc4be5c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/IEFZ77733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 22:40:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jan 2022 09:04:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "eb5a26da5c13d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 46715

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 98ms
25ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: rextester.com
URL: https://rextester.com/IEFZ77733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5510
date: Fri, 08 Apr 2022 21:07:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 08 Apr 2022 23:07:58 GMT

GET
H2 200 rextester.js Show response
cdn4.buysellads.net/pub/ 566 KB
201 KB 1096ms
479ms Script
application/javascript 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Requested by: Host: rextester.com
URL: https://rextester.com/IEFZ77733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7ab1553ed370718c86860894afbc8a11bd24e38292b4c332ec8221c3f6873d8a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:49 GMT
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 22:16:36 GMT
server: NetDNA-cache/2.2
x-amz-request-id: G3YTXGBX353NNV0B
etag: W/"8c4e8b418f25236ea70dcbd5353b0352"
x-cache: MISS
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: hd8XeINbri1Bl26Ia7LHCBYMqVg4Ul4H1qoo4+6FFypZpUtlLYFXItEGyZToFTHpuHhGHps6xiw=
expires: Mon, 03 Apr 2023 22:39:49 GMT

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed23eedcffab565677aac0e6a13aa69b5a86b9bbb154a2be0018f2d23a308df

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ga-audiences
www.google.fr/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=107089040&utmhn=rextester.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=www89.d...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040
https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040&slf_rd=1&random=2015361824

42 B
501 B

110ms
36ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040&slf_rd=1&random=2015361824

Requested by

Host: rextester.com
URL: https://rextester.com/IEFZ77733

Protocol

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=133423568.1649457589&jid=394655377&_v=5.7.2&z=107089040&slf_rd=1&random=2015361824
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 117ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5cd905aa894d10423a73dcd993fa623580938b8b7d3407e5fd67e7aa8546ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28370
x-xss-protection: 0
server: sffe
etag: "1182 / 90 of 1000 / last-modified: 1649455652"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Apr 2022 22:39:50 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
366 B 225ms
225ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=10.015423189444558
Requested by: Host: rextester.com
URL: https://rextester.com/IEFZ77733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:50 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: N0EY563XVKNVFBF3
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: KKuWG4P7XoditERRYZU5Vnez+iL9Aa71hTidgGZvde48f65112TMz8Eh46k4nqetHV2XC75/h6g=
expires: Mon, 03 Apr 2023 22:39:50 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
370 B 222ms
221ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=10.015423189444558
Requested by: Host: rextester.com
URL: https://rextester.com/IEFZ77733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:50 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: N0EMJ3Z5KREX8705
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: MqGzwJ8+1B8bqNeIW+TmhlZQPx8n+IPfPPc9HyF9I9FCFh2yJWd6ibHqAB5TrlrjxAhKD+gVYeU=
expires: Mon, 03 Apr 2023 22:39:50 GMT

GET
H2 200 pubads_impl_2022040501.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
126 KB 110ms
24ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 20:46:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128191
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 08:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Apr 2023 20:46:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
894 B 118ms
34ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rextester.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b3c8a48d116a26a0f6f4266bc38c2e3df5971a53dc8cffae9c7edfe05081eb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 08 Apr 2022 22:39:50 GMT

GET
H2 200 CEADP5QE.json Show response
srv.buysellads.com/ads/ 930 B
669 B 179ms
24ms Fetch
application/json 159.65.16.11
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEADP5QE.json?forcebanner=445377&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.65.16.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-14.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 0a004053a874b2b176ed137613172b98d96574ce64f5919ac3c8c6747b09be0a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Apr 2022 22:39:50 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 556
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
944 B 88ms
36ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1517035
x-amz-request-id: tx936e37cd1550438eac0ae-00623993ca
x-amz-id-2: tx936e37cd1550438eac0ae-00623993ca
last-modified: Tue, 22 Mar 2022 09:15:21 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96BzsoxnIg2RYwBd5jIzLW3qSxlfTPgr2nvZNGjbDXi6IQfBu74Wqvxvfddcb%2F%2BRG1DxSHCu6Qx5j29OydfIQiApcEwkDtfKD7%2F44eNm0Z6ClGRfsfV8KY%2FGjfI0iHM7UJrFcP%2FO%2Bc1SgJYO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1647940521027959
cf-ray: 6f8e8054ef01bd54-CDG

GET
H2 200 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
340 B 333ms
116ms XHR
application/javascript 3.214.91.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1649457590491&secure=true&version=9&title=www89.duckdns.org%2C%20C%23%20-%20rextester&url=https%3A%2F%2Frextester.com%2FIEFZ77733&measurable=true&bids[0][bidId]=2b7f4b5b0730ec&bids[0][config][property]=618afaa2b05d000015cf6c50&bids[0][config][zone]=Rextester_S2S_Sidebar_ROS_ATF&bids[0][sizes][0][width]=160&bids[0][sizes][0][height]=600&bids[0][sizes][1][width]=120&bids[0][sizes][1][height]=600&property=618afaa2b05d000015cf6c50&foo
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.91.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-91-80.compute-1.amazonaws.com
Software: / Express
Resource Hash: b121d95d1f20daff015e69ca216421030cf8f924d84c6dd4e218c4453055a288

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:50 GMT
x-powered-by: Express
etag: W/"38-Uj0MLEUTlnogDG3+YL+vZvAZM4A"
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://rextester.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H2 200 adreq Show response
ads.servenobid.com/ 947 B
709 B 319ms
255ms XHR
application/json 52.16.214.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=6135
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.214.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-214-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 509b4f4be02b068df92ec46720e3fad74443002cb8fa9b2ad1dd804b7159e08e

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Apr 2022 22:39:50 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://rextester.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 533ms
187ms XHR
text/plain 204.237.133.116
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.237.133.116 West Chester, United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rextester.com
date: Fri, 08 Apr 2022 22:39:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 20 KB
13 KB 200ms
144ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8d9826f515c5b49268d8651485ba8b3b750b5f00a16c1390e1d1e0ceb3cd8b32

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Apr 2022 22:39:50 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: df9e2255-afa5-4af9-a8b6-7fddbc6ea5cf
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://rextester.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
586 B 94ms
45ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6420ac7fe2c8543b71cc451c1e2668c9f8b94f65580c7c3f7a7d6bbbbb658482

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6f8e8054fed599b0-CDG
pragma: no-cache
date: Fri, 08 Apr 2022 22:39:50 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rextester.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
925 B 81ms
36ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca6f1d785b384908e475a2fff941ffda6456f7abeaffa3cb18444909d3214c5e

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:50 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://rextester.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
1 KB 212ms
88ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=371750&zone_id=2030448&size_id=9&alt_size_ids=8&rp_schain=1.0,1!buysellads.com,856,1,,,&rf=https%3A%2F%2Frextester.com%2FIEFZ77733&tk_flint=pbjs_lite_v4.43.0&x_source.tid=af952637-8218-46d8-bbd5-4a30e310e078&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8843155971467407
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 902292e677dc8b93d730a994e66811fb26715f6a1788167bebc495b23d970a22

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 22:39:50 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://rextester.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
706 B 204ms
121ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Frextester.com%2FIEFZ77733&PublisherDomain=https%3A%2F%2Frextester.com

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d2576dcf5fd7864916107d17ccb23edc8794000eca16afc4eb667a1ff9edab1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:50 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rextester.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 102
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
744 B 138ms
85ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 1f32c0ee3a544c0b765b5c50d5a00fb2b2443ee24cb9ebdd7a29cc922de2f3a0

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Apr 2022 22:39:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://rextester.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 82ms
23ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=39459734126

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Apr 2022 22:39:49 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rextester.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 77ms
24ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://rextester.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://rextester.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 65ms
28ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1515384
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx67b5c6c5e4bd4928833c2-006239945e
x-amz-id-2: tx67b5c6c5e4bd4928833c2-006239945e
last-modified: Tue, 22 Mar 2022 09:15:19 GMT
server: cloudflare
etag: W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aulTrKQyujYZQLPL96eKdlzZPvwLV%2FWlGK4k5fFqRmQcmeX1DBOiToh306ImZD0FK3PPq1ATHnwlASMvIiUPKduQsuA66nYoJ31iqZbMBUyW1kNjCbx6%2Bfg47TiyqAwRby8EMvTJRSyra%2Bp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1647940519211847
cf-ray: 6f8e80555b4a39c9-CDG
access-control-allow-headers: Authorization

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 131ms
33ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=rextester.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
33ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rextester.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 129ms
57ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=3970639036035441&vrg=2022040501&nw_id=8691100&nslots=1&eid=31060837%2C31066023%2C31061829&pub_url=https%3A%2F%2Frextester.com%2FIEFZ77733&sig=1&req=0&req_cnt=1&dm=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
10 KB 110ms
78ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3970639036035441&correlator=3550195449755483&eid=31060837%2C31066023%2C31061829&output=ldjh&gdfp_req=1&vrg=2022040501&ptt=17&impl=fifs&iu_parts=8691100%2CRextester_S2S_Sidebar_ROS_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600&ifi=1&adks=1248755704&sfv=1-0-38&ecs=20220408&fsapi=false&prev_scp=optimize_refresh_int%3D0%26optimize_ad_unit_id%3Dbsa-zone_1573677541197-0_123456%26optimize_inview%3Dfalse%26hb_size_appnexus%3D160x600%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D28eeeff9f3331ee%26hb_bidder_appnexus%3Dappnexus%26hb_size%3D160x600%26hb_pb%3D0.01%26hb_creative%3D78827817%26hb_adid%3D28eeeff9f3331ee%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.01&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddev%26optimize_env%3Dprod%26optimize_pub%3Drextester%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1649457591048&lmt=1649457591&dlt=1649457588201&idt=2089&biw=1600&bih=1200&adxs=1429&adys=99&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frextester.com%2FIEFZ77733&frm=20&vis=1&scr_x=0&scr_y=0&psz=162x933&msz=160x0&fws=0&ohw=0&ga_vid=133423568.1649457589&ga_sid=1649457589&ga_hid=1443155931&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2e00941853c2efc0bbbca0af3d0238eb6f0a885413e1ff8602a5d74ddb0ae7b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10217
x-xss-protection: 0
google-lineitem-id: 5936457971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383349304
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rextester.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 111ms
40ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5758ffb77707186b2a9abd30cf8e1c19d2f7348cd1b7ea0503eb9062060f32b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10644
x-xss-protection: 0

GET
H2 200 container.html Show response
c97a84d44b25d52a5d26c3b1f343596c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 41E0 6 KB
4 KB 121ms
32ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c97a84d44b25d52a5d26c3b1f343596c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rextester.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 22:39:51 GMT
expires: Sat, 08 Apr 2023 22:39:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CBAE 0
0 62ms
61ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve5iF4BFkoplhjBQMUelgUcyX2U_-KloGcUW2qCtXH5eEWbNvjj6wUbf9BAyImd-Yl6eE4ptAxqvm6pYjgCFx5fJ7GhW9q80JSAL6QTvMKWcprtr_4mJcCZxnzqz1KNz8dz0bdOoTqu-caW5HmKOJDmMnqltKGQ-paUhHvshPj55M9-eX076KWcq-IUYgbPrE45hYkc7VYFQiOh8WDfg6wG-gpln55w9klIq4BbPPFMZTQd7-T--ESkfWEMwuspWqGC5UqwJpWGZwJSOHb7Zg62Bm3Adh1r_l-L6qnslvINsDy3Sb01sAk1X1flDNPSbvbhRnHBp8Apg&sai=AMfl-YRVcx0CmO4ymdePckAJGsMbkvb0UUm6vd-HUe_zos5aRshUFrxSZsl_XHc-REiV35U9yC00nT8-zNG3QZ1-IH7ysJQtcvYzR0LboICc2aD7hyRylWEOXBnxIPun6nY&sig=Cg0ArKJSzP8HL5Tqv7k4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: rextester.com
URL: https://rextester.com/IEFZ77733

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 08 Apr 2022 22:39:51 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame CBAE 26 KB
10 KB 19ms
18ms Script
application/javascript 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: rextester.com
URL: https://rextester.com/IEFZ77733
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4b849c029d79403f00e62773f95223cfd9d2b9864d548ee7321d76be8ff08414

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: gzip
last-modified: Fri, 08 Apr 2022 22:33:14 GMT
server: NetDNA-cache/2.2
x-amz-request-id: F5C4KKV4G2SHRDW5
etag: W/"b66808e5410bb259f426ef23fca602b6"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: C4F+FfExb4A6E238bv1uBQf+YXRAM1P/obPXpRCg5gO177EiO98DCUjVRmZ/J1UTjmCucsiwlGk=
expires: Mon, 03 Apr 2023 22:39:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBAE 119 KB
36 KB 67ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 22:39:51 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 108ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 22:39:51 GMT

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 159E 13 KB
5 KB 96ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rextester.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 10061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 19:52:10 GMT
etag: 12223946614886178233
expires: Sat, 09 Apr 2022 19:52:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame CBAE 11 KB
5 KB 99ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 21:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2965
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4875
x-xss-protection: 0
server: cafe
etag: 7698967424627035244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Apr 2022 22:50:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBAE 0
20 B 89ms
57ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-AzM8Ajkok2VpdW9v9E-E5Lbtll6FoitFXvPu3HZkDn-z1IHjdgajwd9_la_DEbm8A1opHC2Lws6NNGmrY3BpxfvffLww

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame CBAE 85 KB
29 KB 74ms
18ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 08 Apr 2022 22:39:51 GMT
Content-Encoding: gzip
Age: 3764481
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21967-LGA, cache-cdg20758-CDG
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1649457591.272856,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 2704936

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame CBAE 0
813 B 76ms
20ms Image
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Frextester.com%252FIEFZ77733&e=wqT_3QKEBsgEAwAAAwDWAAUBCLbzwpIGEI6Jp8L6lY-IHxgAKjYJELIsmPijmD8RQFu9eWC2kz8ZAAABAgz4PyFADRIAKREkyDEAAACgmZmpPzCHwr0IOMpBQOUeSGVQqaLLJViY1VJgAGjP-Gt4r-sFgAEBigEDVVNEkgUG8GWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIfaHR0cHM6Ly9yZXh0ZXN0ZXIuY29tL0lFRlo3NzczM4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHQFNWBwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uBUUJHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvRTAV9iPUFLQW1mLUJ5UzRva29FV09OM21xMk1PR01INDdrb2JiTjVGd2dHWnB0Rm16TGNMYjdIV0dRU2Z6Tnk0bmREZ3c0Ymtvem5TMWR2Qm0taGt6WlhXbzV3R1owZThBTHNPU1lBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzIyMzgzNTU3Mzk5NDM0ODY2MDYiCDc4ODI3ODE3KgQzOTQxOgEwwAOsAsgDANgDzZmnAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OS4xNjQuOTioBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKmiyyWIBQGYBQCgBfzUtqvkkr-6CcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBennMvoFBAgAEACQBgCYBgC4BgDBBgBBSjAA8D_QBu6PAdoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE3NzMxNTEyMza6Bw8IAAEpRCAAMAA4qy5AAMgHr-sF0gcNCRFKAR4I2gcGCSdE4AcA6gcCCADwB7nbAooIAhAA&s=596e351eb453951b0416ba68bf0c2e96436b25c0

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 22:39:51 GMT
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2d2d2250-e66b-4f3d-8034-4baf2217e485
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4272 13 KB
5 KB 59ms
24ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rextester.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 3054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 21:48:57 GMT
expires: Sat, 08 Apr 2023 21:48:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2793 783 B
536 B 70ms
35ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f4a10f8f155f2841bdcb939e86251e3a48915659fd5e48e58584ebc4529138ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OgzCE86V/BaWf2qrQ5LhgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rextester.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-OgzCE86V/BaWf2qrQ5LhgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 22:39:51 GMT
expires: Fri, 08 Apr 2022 22:39:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame CBAE 0
813 B 21ms
20ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Frextester.com%2FIEFZ77733&e=wqT_3QKVMsgVGQAAAwDWAAUBCLbzwpIGEI6Jp8L6lY-IHxgAKjYJELIsmPijmD8RQFu9eWC2kz8ZAAABAgz4PyFADRIAKREkyDEAAACgmZmpPzCHwr0IOMpBQOUeSGVQqaLLJViY1VJgAGjP-Gt4r-sFgAEBigEDVVNEkgUG9HUBmAGgAaAB2ASoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCH2h0dHBzOi8vcmV4dGVzdGVyLmNvbS9JRUZaNzc3MzPyAg0KBkhFSUdIVBIDNjAw8gIMCgVXSURUSBIDMTYw8gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIYCgpJRlJBTUVfS0VZEgoxNzExOTEzMjA28gK_FQoLUFJFX1NDUklQVFMSrxU8c2NyaXB0PihmdW5jdGlvbigpey8qCgogQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4KIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCnZhciBoPXRoaXN8fHNlbGY7dmFyIGs9QXJyYXkucHJvdG90eXBlLmluZGV4T2Y_ZnVuY3Rpb24oYSxjKXtyZXR1cm4gQXJyYXkucHJvdG8uLQBQLmNhbGwoYSxjLHZvaWQgMCl9OmZ1Dc0FPzRpZigic3RyaW5nIj09PQE7KG9mIGEpcmV0dXJuERoAIRUawGN8fDEhPWMubGVuZ3RoPy0xOmEuaW5kZXhPZihjLDApO2Zvcih2YXIgZD0wO2Q8YS4JKVw7ZCsrKWlmKGQgaW4gYSYmYVtkXT09PWMNaAggZDsJcRgtMX07LyoKojoBEcw4IGwoYSl7bFsiICJdKGEpDU4IIGF9CRMAPREoECgpe307EQ0EIG4BNQRhPSkaOD09PWE_ZG9jdW1lbnQ6YRVDJC5jcmVhdGVFbGUBGRgoImltZyIpHUUAcCFIdCxkKXthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KFoaABA9W10pOyEsFGI9bihhLhF8BCk7ISkEKXsBGgBlLroAGRcEZj1aUwBALGc9ayhmLGIpOzA8PWcmJkE6QwIUc3BsaWNlSRV0ZixnLDEpfWIucmVtb3ZlRXZlbnRMaXN0ZW5lciYmUhcANCgibG9hZCIsZSwhMSk7UiMAYjoAEGVycm9yDTsYfTtiLmFkZEJzAD4UAD5wAD4gAAFtPhQAACg2agAcYi5zcmM9YztaMQEYLnB1c2goYi7RAQRxKCl8BGE9MZI0LmN1cnJlbnRTY3JpcHRNGgAoMjkCLG51bGw6YSkmJiI3N2FJbGEuZ2V0QXR0cmlidXRlKCJkYXRhLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHSxyPVJlZ0V4cCgiXmihIdg_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7eSsAdBXgAGgFYQxjPVtdBQkEZD0Bxgw7ZG97QXsYYj1hO3RyeQUMAGVBkxhlPSEhYiYmASRQIT1iLmxvY2F0aW9uLmhyZWYpYjp7AS2QbChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfQFeCGY9ZRkXAGYBFgxpZihmKXkAZz5eAAw7ZD1idR8h9DVCJHJlZmVycmVyfHwBlyR9ZWxzZSBnPWQsDcsAYynfMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF_0x9fXdoaWxlKGEmJmIhPWEpO2I9MIXVAGGV9nQtMTtiPD1hOysrYiljW2JdLmRlcHRoPWEtYjtiPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHACtYQA9HXUAKaFbFGE9MTthPLGATDsrK2EpZz1jW2FdLGcudXJsfHwoBQguQgE6dgAUW2EtCjFdIQwYLGcuaD0hMAHjKSIAaBmrIdVl5QBnJRYlAgRkPTIEARwwPD1kOy0tZKHYMGY9Y1tkXSwhZyYmci7hvQQoZgGPICkmJihnPWYpLAUOLCYmIWYuaCl7Yj1mO0UbAH0NXQBkFeYEJiYBzAE7BDswQWUlWggmJmQFSAEbCCk7YwWtEHYoYixntegUYy5nP2MuBfoMOmMuaQFAAH215gB2oaEcKXt0aGlzLmlB1QEJCGc9YxkiAHUdIgh1cmwRJBRoPSEhYzsFLwWIJQq9-gB3dUkUdCgpLGM9-Qo8Ij8iKTtzZXRUaW1lb3V0KBGMDTEAZNlzGGQ_LjAxOmRBNUQhKE1hdGgucmFuZG9tKCk-ZClpDwxiPXEoIaQAImX_NDovLyIrKGImJiJ0cnVlgWsAYlZrBDgtcmNkIik_InBhZ2VhZDLNnRBzeW5kaWm5IC1jbi5jb20iOmYjAAUgDCkrIi8JRXgvZ2VuXzIwND9pZD1qY2EmamM9NzcmdmVyc2lvbj0ihUUMZT0oZQGxDCkmJmVamQANMTAiKXx8InVua25vd24iYeNcK2UrIiZzYW1wbGU9IitkO2I9d2luZG93BVgAZjk0FGY_ITE6ZiEzNGU9Yi5uYXZpZ2F0b3IpMg4AUC51c2VyQWdlbnQsZT0vQ2hyb21lL0mbIGUpJiYhL0VkZxkRHD8hMDohMTtlYZMVUTAuc2VuZEJlYWNvbj8KHWkdGCQoZCk6cChiLGQsIkUICZ4IKX19Dg4JFtYIKCAwPD1jP2Euc3ViFmsJHCgwLGMpOmF9CeAMLnJmbC7oBw01aGVuY29kZVVSSUNvbXBvbmVudCh3KCkpfTt9KenBQZoUKTsKPC9zxZhsPvICyQIKCkVYVFJBX1RBR1MSugI8ZGl2IHN0eSFSDHBvc2mhsWQ6IGFic29sdXRlOyBsZWZ0OiAwcHg7IHRvcA0KZHZpc2liaWxpdHk6IGhpZGRlbjsiPjxpbWcg4UtVh0kUSlkCQTYNHi4yAhRhd2JpZCYFBvCGX2I9QUtBbWYtQXpNOEFqa29rMlZwZFc5djlFLUU1TGJ0bGw2Rm9pdEZYdlB1M0haa0RuLXoxSUhqZGdhandkOV9sYV9ERWJtOEExb3BIQzJMd3M2Tk5HbXJZM0JweGZ2ZmZMd3ciIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiMRqAZGlzcGxheTpub25lIj48L2Rpdj7yApoBCgxQT1NUX1NDFhEMCIkBPClqNggBFvYJUGFkcy5nLmRvdWJsZWNsaWNrLm5ldDEGPHhiZmVfYmFja2ZpbGwuanMBZQlLAD4NUwA-nSQsIHtyM3B4KCcxNzExFp0MHCcpO30pKCk7PesQ7BMKEEgBnjRQT1JUX1BBUkFNUxLXE5EkipUA8HlhZGZldGNoP2Fkaz0yMjUzOTM2MDEmYWRzYWZlPW1lZGl1bSZjbGllbnQ9Y2EtcHViLTMwNzY4OTAwMTI3NDE0NjcmZm9ybWF0PTE2MHg2MDBfYXMmaXA9MzcuNTkuMTY0Ljk4Jm91dHB1dD1odG1sJnVudmlld2VkX1GKIF9zdGFydD0xJqF1EboAclb-DRQmc3ViX2MJjwBiQZXwfXItMzA1NjQ0NyZobD1mciZhY2VpZD1NTnNPdEFDc0dyUUFNTlRtQVBsVk5BSGlZRFFCTG1NMEFaeHhOQUhJY2pRQnFuTTBBVnQwTkFHdGREUUJLSFUwQVhWMU5BSEhkVFFCMTNVMEFmMTFOQUU2ZGpRQlNYWTBBVkIyTkFGVQEQLFgzWTBBV3AyTkFGcwEQBGJuARAAOQEQADABEABlARAYWDEyTkFHTwEQGGtIWTBBWkoBEABlARAAbwFABGFaARAAdgEQFHRYWTBBYgUQADcBEAB2ARAYY2gyTkFIUwEQADIBEARlUgFg9H8ITGMwRUJVM05CQVpPRUJ3S3FIVndDUEI1Y0F0ZjJpQUt5LVlnQ3NqMnFBbmhBcWdMcVFhb0NKMEtxQWloQ3FnSmNSNm9DZldLcUFraHlxZ0taZXFvQ2VZV3FBaWlLcWdLQW02b0NnWnVxQW9LYnFnSVNvNm9DeWFPcUFxS29xZ0lycktvQ0E2LXFBdWV4cWdJSnM2b0N0clNxQW1XX3FnTHd5Nm9DTjg2cUF0X1NxZ0liMUtvQzI5YXFBazdacWdMSTRxb0MyT09xQWx6bHFnS2c1YW9DT09tcUFsRHBxZ0lwNnFvQ1B1cXFBZ2ZzcWdLTjdLb0NPdTJxQXRmeHFnTFo4YW9DdWZLcUFpWHpxZ0tFODZvQ29fU3FBdWIwcWdJTDlhb0NQUFdxQXZQMXFnTEQ5cW9DVGZpcUFvVDRxZ0ltLTZvQ1F2dXFBb2Y3cWdMUS02b0NCX3lxQWhMOHFnS0tfS29DdV95cUFrWDlxZ0pKX2FvQ1lmMnFBb2I5cWdLTF9hb0N3XzJxQWd6LXFnSmdfcW9DZ182cUFrUF9xZ0pjXzZvQ2VQLXFBdV9fcWdJMEFLc0M5UUNyQWdRQnF3STZBYXNDUEFHckFyMENxd0x0QXFzQ1JRT3JBdFltRUFPNnM4VUZ2TmkyQndadzlndHd6UHNTY2NfN0VuN1oteEs2M1BzU2VOMzdFczNnLXhMVzRmc1NNLUw3RXVfbS14SWg3UHNTUXU3N0VpRHgteEoxOGZzU0ZfVDdFclAwLXhMaDlQc1NWZlg3RXFMMS14TFo5dnNTRnZmN0VsdWY2aFJjb3VvVVhOT1dHZmRXYXhwaXk3VXUmZXhrPTE3MTE5MTMyMDYmYXdiaWRfYz1BS0FtZi1BMW5oY0pUMm84cGJTRGs5dkt6LWJwRzhEX3lpMzNjM25mX1V4N2Q0bWpSdHpGaWxRdDdqTXNMLTBibXBFREhGcVBKZWxqR0pnSkN5bUVoX21zOGQ2RHUxZDhGNnZuaEFCbllBRXhxTFVmV3BaaGs0clJGc3hMVnpId3JhQTFrWm9tUmlJRjdKZ1FqTGxFZ1lNRDdDR1dscG4wdFc0dUJhcldFcmdqblNxLU80ZVNhN00mYXdiaWRfZD1BS0FtZi1DZUlxQU8tUVV0Z2Itd01KZGV1eFdSZWduV2JqUV9qU0NCcjg3N2dUSFoyWVBDMk9qSlBFanNwMGMzSjJHUldaUjFhWnppakdIalU2RnpGeTVQdGNRNVNBN3RtV0JUTlhRZUlyUnZDX09CYlRWOU5sRzU5QXFBRzBEbU9SNUw5cWtyOTJISjRQc0VDOVdsQUpwRjhQNzVyeVRCUkZRa2pSbGxpd1lNOU8tNkljWEx6eTRMRnRqRkNscGJnOFBSVndTWFREbFNWQ2FSNTkzdF9pVUlKeklKenVTRGpuOVBIOWM4OVF5Rk1sMnZvVG10dzQ2Ul9vcVhhOWluQ1dLM01tZUZ3elpMbV9UT3hzY3pNTmJDc2Frek5fRmY2RUdfd1VxYjd0cm1OdG5Ea09aeG5xeGJZNU9VWFpraVdiVUIxX295U19ydlduS2EtMHA0RjFnUnlDSjI5dmo1c1RHMUNYUm9XSlJOamVJdGtKRXo5Vzg1clNudXNWVXJnWFpPUHJoQ1NIajNQRU9TUk1PcS1CUHZGb1ppaUN2SnhrWVIzdVlqX3llRG1ERDZ0WWJJcEZSdUlleC1mS0dDUE1TU2IxYjBVWm1vM3FhR0RSc1c5c2FGLTJnNnczdU1zTTQ0X203cFR5VEluUjhGeVM3QnNfVW1WRGhhYlB6bWs2bVFHVy1ad1dodTNYUEtaZmpwNzJZM1FxNnd0Q192bjJhT3JiYnRudzdSekJDTzVCTDA3cUpPbFlYMHpQN3FZX0xiUWVlaTVsbE52OWhINUVqR1pIN1FLZVVLam5jS2kxNVdORXVFRmRxT2R4cU5pbXZ3c3NkX0VkM3NaMlQwT1Y0UXVqSDdnRkhrU05fWHVDckpoWjczbFdrWGw0M3BGVTdHakJVQXV0Y3RNZnpQSG9CQWQxS3hEb3FFOV91UWJfOHpsY3lVd2dkMnc1czZ2NEIxcy04VXoxX0s4SFNhLUREanIxQm5JLXZiSWZLaFdsOUFaZGlrZHpJUTMzRmlzdGZfdEVIRmJFVE1yd1FLWU9ucGplWC10YkthamhOal9kbXVCOWJJdEVKRU9JVUxPSGxodDFxVURiVkZxQmd6TzFvakhXdmpqejV2WXAzR09SZGMwTXlXV0NvUUZqcDZEN0NMakZUbnJPQmhWRVZKREtZY283eFZyaEVfUW9nU3dGem9kWHVSdWI0M2FHYWdqWDdYR1Zaak0wVGFFaVRNN1dwbDY0SFNhV01tSkRkeGtnR1p3QnZacXRWOHpwNUZGZUFBc09aN01YZjBZZUkydEFNQV9lWkdJV1NuSmhDaFU0RnlDMmltR3NBa1dJTlpKQUxiNXBZZlFrLTJkRTktVzF2bUo5U2o1THRUbFJYS1RGX3VtRUczZkVDOEVpRnAtTnZxV1huSF9wTnRpR05SdlBnQWJyY200ZVlkUjFZUFF2dlczdk83Q1dGZk9VY05YRE53bW11NzV3WDlyRkR3MjB2aTRQaVdDTzdsZDZ1RkF2eV9DejY3dWJEc1lPSnItZFp3QjZIUXpLXzEmY2lkPUNBQVNCT1JvWUFvJmFfY2lkPYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA82ZpwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQMMzcuNTkuMTY0Ljk4qAQAsgQQCAAQARigASDYBCgAMAA4ArgEAMAEAMgEANoEAggB4AQB8ASpossliAUBmAUAoAX81Lar5JK_ugnABQDJBQ4pGBwAAPA_0gUJCQkMeAAA2AUB4AUB8AXp5zL6BQQIABAAkAYAmAYAuAYAwQYJJSzwP9AG7o8B2gYWChAJEhkBmBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMTc3MzE1MTIzNroHDwFYSBgAIAAwADirLkAAyAev6wXSBw0VhgFHCNoHBgknROAHAOoHAggA8Ae52wKKCAIQAA..&s=74f1a3b7f35bfb939ac54704b0f9d3a778e7d292&bdref=https%3A%2F%2Frextester.com%2FIEFZ77733&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2FIEFZ77733,https%3A%2F%2Frextester.com%2FIEFZ77733&

Requested by

Host: rextester.com
URL: https://rextester.com/IEFZ77733

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 22:39:51 GMT
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 58227105-b201-4366-aea4-68598e71fb28
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 159E 110 KB
35 KB 168ms
135ms XHR
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

974af008171f2e99e5b40534efc03e3c05f81ea08cc6077006c980ebef4872eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35343
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CBAE 0
0 92ms
60ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzGKJVRNws_kkXfTRjToGLylqNYfkH4xNPati3iTNJja1DY6rA6x2MhKAiXpD266OvySpdxl5rOakPoQz9HMEAt7LpxM183gCuZhGrMvmdJsKcHQIVuOS-eEFohN0LRgMh6edRcUu3OthsdyhgFJLe6AihkU1w0wMWF-7nRSD5mEhSPJQeTgQVya4NsDHNENg3f9Ljal6T2oS75mZmVj3KE_XWy-xz0JpYjjXKMcfU4HWAR-i7jOzAqudDE6kDSc0Wd-_CHpDcInWIQzeqq6Si-iwKoGDQER96w6D-CT1nx67XyDnFNt8NCrAPJHV2sbWXLDR5wE7UHpMm&sai=AMfl-YQJ6-fWY1LrdsQjAYaSofVQ5HxHm5QeXwnVacvZung-ahRKALqDUd-4HGwdnxNNzceKgCm0u92r-w7gH90t5LRW0d0vL29PlCvQs9_kTk8U5deO7zEPXXczlWkWEXA&sig=Cg0ArKJSzOuy_geQvylIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 08 Apr 2022 22:39:51 GMT

GET
DATA 200
OK truncated
/ Frame CBAE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad91c6d0e34d91410838752487e4d82ecfa32a5def5e1da73d8793e6d3ae1f18

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame CBAE 0
833 B 21ms
20ms Ping
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Frextester.com%2FIEFZ77733&e=wqT_3QKEBsgEAwAAAwDWAAUBCLbzwpIGEI6Jp8L6lY-IHxgAKjYJELIsmPijmD8RQFu9eWC2kz8ZAAABAgz4PyFADRIAKREkyDEAAACgmZmpPzCHwr0IOMpBQOUeSGVQqaLLJViY1VJgAGjP-Gt4r-sFgAEBigEDVVNEkgUG8GWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIfaHR0cHM6Ly9yZXh0ZXN0ZXIuY29tL0lFRlo3NzczM4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHQFNWBwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uBUUJHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvRTAV9iPUFLQW1mLUJ5UzRva29FV09OM21xMk1PR01INDdrb2JiTjVGd2dHWnB0Rm16TGNMYjdIV0dRU2Z6Tnk0bmREZ3c0Ymtvem5TMWR2Qm0taGt6WlhXbzV3R1owZThBTHNPU1lBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzIyMzgzNTU3Mzk5NDM0ODY2MDYiCDc4ODI3ODE3KgQzOTQxOgEwwAOsAsgDANgDzZmnAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OS4xNjQuOTioBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKmiyyWIBQGYBQCgBfzUtqvkkr-6CcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBennMvoFBAgAEACQBgCYBgC4BgDBBgBBSjAA8D_QBu6PAdoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE3NzMxNTEyMza6Bw8IAAEpRCAAMAA4qy5AAMgHr-sF0gcNCRFKAR4I2gcGCSdE4AcA6gcCCADwB7nbAooIAhAA&s=596e351eb453951b0416ba68bf0c2e96436b25c0&type=nv&nvt=5&jm=1003&px=1429&py=99&bw=160&bh=600&sid=5259687451972890023&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=17785095&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 22:39:51 GMT
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1868cd3d-4bcd-4645-9ef9-df31ccea26d2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://rextester.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2793 0
0 60ms
60ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040501&jk=3970639036035441&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js Show response
pagead2.googlesyndication.com/bg/ Frame 4272 35 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 13:59:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13564
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 13:59:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4272 0
9 B 24ms
24ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?G-45Hw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 159E 2 KB
1 KB 91ms
33ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 20:51:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Apr 2022 22:39:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Apr 2022 22:39:51 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 159E 2 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
server: cafe
etag: 17441257144546641969
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:06:23 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/ Frame 159E 25 KB
10 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9790
x-xss-protection: 0
server: cafe
etag: 8169034061967891973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:27:55 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 159E 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:26:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 159E 119 KB
36 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649247338736001"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Apr 2022 22:39:51 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/ Frame 159E 19 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220406/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7667
x-xss-protection: 0
server: cafe
etag: 7504708142712926003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 22:26:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 159E 0
0 32ms
32ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2I6ly1gANflGOi-ROWQCIs2h_cPUuEpvMlT3Es0TcP1ZIvJ_n58yL30SgmW6Ifiq1a9r7VSJIT7VV70uUthpbOCyDoA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 387e3e2078b688a73d34c2ce2c981e9e.js Show response
www.gstatic.com/mysidia/ Frame 159E 38 KB
15 KB 82ms
24ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/387e3e2078b688a73d34c2ce2c981e9e.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

594befbd8e54b702cc00938e8066561b1487f44bd97fad602d4c699b5a8eb77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 07:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14777
x-xss-protection: 0
last-modified: Tue, 05 Apr 2022 23:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Jul 2022 07:53:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 159E 0
17 B 70ms
70ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNEjVtrlQYuPuJI-O7_UP_MSjiA_v5rOfaejigo71D8a6pYniLRABIOaX1iVg-wGgAa2N1acoyAEJqAMByAPLBKoEwQFP0LDqZs_6SGiPE2BYkyb6W9TJhk8dTFqpe-0SG_2Bb_7zuOiQxynud-3VDRqxeIvFj9r67ROrx3f6XuoJcs8PDhbBrqchmZNzzeVjOw4ZGEIL5U6HydPg31ujJ4xfB0lyLsGaximxYyovkQ61FpvENytP8JmZEihUOnxQKABevj4ky5fptHSiWIZc5QhcHp4oXOc8DNl50CMgd7saA3UtHEC_gt5BPWuNGyfD7vGSl4n_fNSvrNwP3R3cgbKa5ejIwASE8Kry6gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHrcWlhwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDSCAkIgOGAEBABGADyCA5iaWRkZXItMzA1NjQ0N4AKBMgLAdgTDIgUAdAVAZgWAYAXAbIXCAoGCAASABgA&sigh=AgfgCl_wWNw&uach_m=[UACH]&pr=10:0.024063&template_id=494&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 08 Apr 2022 22:39:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 159E 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a6d2ee69d7102ad16ee0b04e90b722b7d154488e01f8860067f221dab852b0e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 159E 13 KB
13 KB 89ms
25ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRR1TaSKsuE020td83Hh2u4GqEK-C4Y3pivI6187PNQGPWO4Bz3FSMkxX6a5Q&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e54391df90ca754d64c6b6d78dd04b7a7ea15c1e2ac12809f45b6155a2ff60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 15:52:50 GMT
x-content-type-options: nosniff
age: 370021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12967
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 21:53:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Apr 2023 15:52:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 159E 33 KB
34 KB 96ms
25ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTM-ObOCLXQjWA91BsmFk3GDx033Ze6Jv0z9LVWrwsdcuqXh8ZPYEtZmC07Hg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e762871ff31a2dfe45b3195b1e58d670178ef2ec67e3bd96f9fa96a20e72684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 04:03:09 GMT
x-content-type-options: nosniff
age: 239802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34232
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 11:14:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 06 Apr 2023 04:03:09 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 159E 24 KB
24 KB 99ms
25ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSaT5t286AJblufO6pElri-v3xNDDzP4QkkcP7PfP-UjYtK-Ps0qXavbtx3TA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

953d7abbaaa23f239d11ec42ad5711330dec60e50a522a7cd582380d23112aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:16:16 GMT
x-content-type-options: nosniff
age: 393815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24235
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 00:38:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 04 Apr 2023 09:16:16 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 159E 38 KB
39 KB 98ms
24ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSJ-OTNvoFv-i-R-GhrR7C1Xepmp94PJu76BWuFTbZsa55ZOCn9Zs-KhtqsqVA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3204bd3ee84e9b712bc08614c979a19ae482ae2ad7ebc99815331a046c3c451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 04:39:58 GMT
x-content-type-options: nosniff
age: 237593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39219
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 07:07:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 06 Apr 2023 04:39:58 GMT

GET
H3

200

14063799417358095134
tpc.googlesyndication.com/simgad/ Frame 159E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODo_7jFkQEQsAkYrAIyCHjq0aJKDWx0
https://tpc.googlesyndication.com/simgad/14063799417358095134

18 KB
18 KB

25ms
25ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14063799417358095134

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef49f6b9ad313d67bd4af593773e01e26aa4efcaaabcf178a90f83db7a5834b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 06:29:47 GMT
x-content-type-options: nosniff
age: 403804
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18293
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 03:16:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Apr 2023 06:29:47 GMT

Redirect headers

date: Fri, 08 Apr 2022 06:21:12 GMT
x-content-type-options: nosniff
server: cafe
age: 58719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/14063799417358095134
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 08 May 2022 06:21:12 GMT

GET
DATA 200
OK truncated
/ Frame 159E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8216fd3fdbfd45f65baf1834ca0567eae27b21144adbb825cea1b154c24e7d5a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 159E 20 KB
21 KB 82ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 01:52:30 GMT
x-content-type-options: nosniff
age: 74841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Apr 2023 01:52:30 GMT

GET
H3 200 VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js Show response
pagead2.googlesyndication.com/bg/ Frame 509E 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VZx5lKL-R1DYt4uczQuO7ewneocOxZLDwOE_DB7Gp_E.js

Requested by

Host: rextester.com
URL: https://rextester.com/IEFZ77733

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 13:59:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13564
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Apr 2023 13:59:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022040501&jk=3970639036035441&bg=!iIuli8_NAAZAkm7qYJI7ACkAdvg8WnbaMGh0HXbVFqn5puaH-ZJLTA5g1PhrSsEZ9d-WL27fr9AHuwIAAABXUgAAAAJoAQcKAPTdy8HrHDSXdF760SbXezt7zXlQiZoHdjIVVbXAwlwa-rn0EVuQ8rmFKAzkIttn1fBE182zHu61UGVGmkjY6eTqp5kLuG_zlS9N7n_-q9dT70mKPn9aa-GYjhhOTHRSZHFAJHXr7uMMMiu4n3yOqCxFUWtv2SoX4bCbdKUZoeSsIHPaAwOB-3radO7MXaTaZaaOK2GVW3idmmkCed1qLiUOxGamXE7MsZkpPAvG0kOgy2MF5xF-v-8QhyNBnUvZMwrFVZ_7TmOZZvRdIUDeF3Ot-dEJQsh0B61wtScckaVEsEV12ke5n5rLpReLOSXYIMRsWHfWmQKYy_v6HkJqqaVPoG0c3s0k1entTHlAiIskTmyImVUXDGr-kXu5G0u424hOCDVuPxL_MRXXYZRT_sl0YtH1gKaDl4i5htuA9NwDL8R9GnvIAEa__HKL7-JfOJBMuuIJJ6umWLe4_3AyF3qobSTQ1ZWNGcPtS7R4N5eEia6_rEnDJV_Qwi4R1Xjjl1k97VU2-dDVW7VFylK5vwxw5tDsgVWS8sBgrpmU6T8YPS3bbwYQR89VzM9HwEy2_ukExjrzXGZMq3BmpCjtpN1Zjg3GmZhkgetcGXbcmUuXXTsxivTZ2fGhcQ7Pv2BXqKNaBCx9Ubwvkp5YFaVywZaXbswPcurSLps4waizilYzskKt-nrAWXa2je1oFmOYmeWh6b9-bI7PM81QSul_ksdn8gMcJlBejqIPzR5FwqEYU6vc2Lw07IryK0ArjMAgKG61Q8hTyjG8TM3NtJlxxskgbS_YTF9mdPd6QR3mm4YkSLGZXNY5DuP3HpVjp6_gGUyZsF0u8nB6SgDeHLQJx8tTbPn1QI_gX0ycogGuWjeJFZE24tnvttapxTkowGqOIn4rQsvyf2k7_H-F_hjmBFWsrryIdNr-oKHeF3Dmt0AnXoMapq6fHFeahenEPrTPzOvyKdNf9b2Si8qFzEzbcIZXCv5-aMwfRrPNn6GWMHeHm1SUxFzI2-QGE3dQCUGzx2n-W-08bSkS28iPEYW40cgRwLry8jpDH_BBmzUIm5SjdHyUcGZm9fF9fgRWvMPcXgmUyBPtxmsyxZ_1D2puy3NI3qOopBJJjEjnlcz1yHvn2I_62pg0UNKDys-8rpvINHigSECZOCGI3tNpJ4IGgT99aqXV7QojJcBD04y5-KKIYiLZ76lzS_pd8A0hceGwiA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBAE 42 B
64 B 90ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuCRRGCbhX6DpJGT79jvOtZ9kpfrCa3cuMwq12otzPARrT8XWxxtq6Y62XFQfpIf1Zh5n1T2n5jxNYctfurKViQXh8fl3jV5BpxaEh6rD-TYVcPcz7&sig=Cg0ArKJSzPdMBLHf8zWjEAE&id=lidar2&mcvt=1000&p=99,1429,699,1589&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1248755704&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649457591178&rpt=187&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame CBAE 0
833 B 20ms
20ms Ping
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Frextester.com%2FIEFZ77733&e=wqT_3QKEBsgEAwAAAwDWAAUBCLbzwpIGEI6Jp8L6lY-IHxgAKjYJELIsmPijmD8RQFu9eWC2kz8ZAAABAgz4PyFADRIAKREkyDEAAACgmZmpPzCHwr0IOMpBQOUeSGVQqaLLJViY1VJgAGjP-Gt4r-sFgAEBigEDVVNEkgUG8GWYAaABoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACn_A_6gIfaHR0cHM6Ly9yZXh0ZXN0ZXIuY29tL0lFRlo3NzczM4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHQFNWBwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uBUUJHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvRTAV9iPUFLQW1mLUJ5UzRva29FV09OM21xMk1PR01INDdrb2JiTjVGd2dHWnB0Rm16TGNMYjdIV0dRU2Z6Tnk0bmREZ3c0Ymtvem5TMWR2Qm0taGt6WlhXbzV3R1owZThBTHNPU1lBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzIyMzgzNTU3Mzk5NDM0ODY2MDYiCDc4ODI3ODE3KgQzOTQxOgEwwAOsAsgDANgDzZmnAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAwzNy41OS4xNjQuOTioBACyBBAIABABGKABINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKmiyyWIBQGYBQCgBfzUtqvkkr-6CcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBennMvoFBAgAEACQBgCYBgC4BgDBBgBBSjAA8D_QBu6PAdoGFgoQBREdAaAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzE3NzMxNTEyMza6Bw8IAAEpRCAAMAA4qy5AAMgHr-sF0gcNCRFKAR4I2gcGCSdE4AcA6gcCCADwB7nbAooIAhAA&s=596e351eb453951b0416ba68bf0c2e96436b25c0&type=pv&jm=1003&px=1429&py=99&bw=160&bh=600&sf=1&sid=5259687451972890023&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=17785095&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Apr 2022 22:39:52 GMT
X-Proxy-Origin: 37.59.164.98; 37.59.164.98; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 781adc99-c10c-4fb3-81aa-ed2e0d23a9f5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://rextester.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 159E 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu27wzTta2oyYPQqmgR4dPeU_wELRp_CySjFeeDoZx59NZevGcUHwbNI_Sx3AfZl0oZnKmK6ZaQSNAGIjkzQgkRwtpM3BaqWdni2y_9M_HJmBk2RqKZmQ&sig=Cg0ArKJSzGpMAQ7ThP1QEAE&cid=CAASF-RocO4fd7O65ld3LJ9wNaWAaQJUgllS&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220406&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=225393601&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649457591207&rpt=532&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Apr 2022 22:39:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 206ms
26ms Script
text/javascript 2a02:2638:1::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1649457000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:53 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Apr 2022 22:39:53 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 33F6 13 KB
5 KB 305ms
20ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rextester.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c -, , ASN (),

Reverse DNS

Software

Resource Hash

2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://rextester.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5136
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Apr 2022 22:39:53 GMT
server-processing-duration-in-ticks: 1969
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 74ms
26ms XHR
text/javascript 2a02:2638:1::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://rextester.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 22:39:53 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Apr 2022 22:39:53 GMT

GET

sid
mug.criteo.com/ Frame 33F6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=rextester.com&sn=ChromeSyncframe&so=0&topUrl=rextester.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=o8SIwHxvYzZhdWtoMnYxT25JUG0rRjZFaHVta0J2cDJlcmlRR1h2Q1kwR3FSRnErbVZncmN4UlVRSE5RczBrbUVtblFvUm91Y2FORGFLdWEyZ25XNnlZTkYxdnhWTHB3ZlVyQzdWcGtPbHhvcnRUejNiYWpMbkYrNmFrRV...

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=o8SIwHxvYzZhdWtoMnYxT25JUG0rRjZFaHVta0J2cDJlcmlRR1h2Q1kwR3FSRnErbVZncmN4UlVRSE5RczBrbUVtblFvUm91Y2FORGFLdWEyZ25XNnlZTkYxdnhWTHB3ZlVyQzdWcGtPbHhvcnRUejNiYWpMbkYrNmFrRVhPcExuQllHRm51M1pRK1RxMW9jVGY1a0ErczJkVllodUV0ZnNNMjBoeGJmZnpaSXA2MzlyNTAyd2dvUGZRd2JLQlpGNkVDSmRqeVo5SnBJNUIyR1BybFJUZVptOWY3WFptL05EZFNNeDEvandXREFoZVY5RFBaeDI3cklrcDQ5OEJpRUNRZjNSbTN3NUVRaC9ucmYvNjdwWHQxM2ExUT09fA&cppv=2

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rextester.com/	1970-01-20 19:42:09	Name: __utma Value: 178476455.133423568.1649457589.1649457589.1649457589.1
.rextester.com/	1969-12-31 23:59:59	Name: __utmc Value: 178476455
.rextester.com/	1970-01-20 06:33:45	Name: __utmz Value: 178476455.1649457589.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.rextester.com/	1970-01-20 02:10:58	Name: __utmt Value: 1
.rextester.com/	1970-01-20 02:10:59	Name: __utmb Value: 178476455.1.10.1649457589
.adnxs.com/	1970-01-20 04:20:33	Name: icu Value: ChgIvahBEAoYASABKAEwtvPCkgY4AUABSAEQtvPCkgYYAA..
.adnxs.com/	1970-01-20 04:20:33	Name: uuid2 Value: 1438447583152345704
.rubiconproject.com/	1970-01-20 10:56:33	Name: khaos Value: L1R0GMEK-8-984D
.rubiconproject.com/	1970-01-20 10:56:33	Name: audit Value: 1\|hLZGFuTafB25xNkNPuXabRB7cS23Qz/c+yqNcA0fc/ZFzE2tfjmqAUy8O/Kak/Dm3IPTGbnMv5BymPvo8pleP+bPGxj3zScZKb/MXuuoKek=
.rextester.com/	1970-01-20 11:32:33	Name: __gads Value: ID=0edce98aaa1a4497-22fe450173cd0091:T=1649457591:S=ALNI_MbELp8K6AsdGAm1GQPnD28FWMrf_w
.doubleclick.net/	1970-01-20 11:32:33	Name: IDE Value: AHWqTUli_86NLhOY83RFLlUi7-3-AVIagvSCv53526To9Vy5o68PRnhGPx_DexUmBt0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.servenobid.com
adservice.google.com
adservice.google.fr
ams1-ib.adnxs.com
ap.lijit.com
bidder.criteo.com
c97a84d44b25d52a5d26c3b1f343596c.safeframe.googlesyndication.com
cdn.adnxs.com
cdn4.buysellads.net
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
mantodea.mantisadnetwork.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
prebid.media.net
rextester.com
script.4dex.io
securepubads.g.doubleclick.net
srv.buysellads.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.fr
www.googletagservices.com
www.gstatic.com
mug.criteo.com
142.250.185.162
151.101.193.108
159.65.16.11
178.250.2.131
185.255.84.150
185.33.221.13
185.33.221.15
204.237.133.116
2602:803:c004:200::140
2606:4700:20::ac43:4bf1
2606:4700::6812:272
2a00:1450:4001:800::2003
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9b
2a02:2638:1::3
2a02:2638::1c
3.214.91.80
34.107.148.139
51.89.9.252
52.16.214.41
72.251.249.13
92.204.4.78
94.31.29.32
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
0a004053a874b2b176ed137613172b98d96574ce64f5919ac3c8c6747b09be0a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1f32c0ee3a544c0b765b5c50d5a00fb2b2443ee24cb9ebdd7a29cc922de2f3a0
1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52
214a4e6d1b76b8f804bf74ddd53aba8493b4d61e9609d75d8923a34ed97b80e5
2c6e0f0e40ee0c2dba52532421f6978b2861deb34e9a8271aa3aa9b52fc4be5c
2d97ecc3fc54beb500cfdfaab6e611f49e22c5dbaf368ede1c612e50bfd5099f
2e00941853c2efc0bbbca0af3d0238eb6f0a885413e1ff8602a5d74ddb0ae7b5
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
49e54391df90ca754d64c6b6d78dd04b7a7ea15c1e2ac12809f45b6155a2ff60
4b849c029d79403f00e62773f95223cfd9d2b9864d548ee7321d76be8ff08414
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed23eedcffab565677aac0e6a13aa69b5a86b9bbb154a2be0018f2d23a308df
4ef49f6b9ad313d67bd4af593773e01e26aa4efcaaabcf178a90f83db7a5834b
509b4f4be02b068df92ec46720e3fad74443002cb8fa9b2ad1dd804b7159e08e
559c7994a2fe4750d8b78b9ccd0b8eedec277a870ec592c3c0e13f0c1ec6a7f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5758ffb77707186b2a9abd30cf8e1c19d2f7348cd1b7ea0503eb9062060f32b0
594befbd8e54b702cc00938e8066561b1487f44bd97fad602d4c699b5a8eb77d
5c35ba43b7900752a3023550de81888bb9fa36138e72edf3db3bd20e1dc09186
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6420ac7fe2c8543b71cc451c1e2668c9f8b94f65580c7c3f7a7d6bbbbb658482
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
738b0dff97289a490e0472cca7d25e291a7ea70c850bfee1e264e9ad87a4a97b
7ab1553ed370718c86860894afbc8a11bd24e38292b4c332ec8221c3f6873d8a
7e762871ff31a2dfe45b3195b1e58d670178ef2ec67e3bd96f9fa96a20e72684
8216fd3fdbfd45f65baf1834ca0567eae27b21144adbb825cea1b154c24e7d5a
8a6d2ee69d7102ad16ee0b04e90b722b7d154488e01f8860067f221dab852b0e
8d9826f515c5b49268d8651485ba8b3b750b5f00a16c1390e1d1e0ceb3cd8b32
8e5cd905aa894d10423a73dcd993fa623580938b8b7d3407e5fd67e7aa8546ef
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
902292e677dc8b93d730a994e66811fb26715f6a1788167bebc495b23d970a22
953d7abbaaa23f239d11ec42ad5711330dec60e50a522a7cd582380d23112aff
974af008171f2e99e5b40534efc03e3c05f81ea08cc6077006c980ebef4872eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad91c6d0e34d91410838752487e4d82ecfa32a5def5e1da73d8793e6d3ae1f18
b121d95d1f20daff015e69ca216421030cf8f924d84c6dd4e218c4453055a288
b3c8a48d116a26a0f6f4266bc38c2e3df5971a53dc8cffae9c7edfe05081eb1a
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
c3204bd3ee84e9b712bc08614c979a19ae482ae2ad7ebc99815331a046c3c451
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
ca6f1d785b384908e475a2fff941ffda6456f7abeaffa3cb18444909d3214c5e
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
d2576dcf5fd7864916107d17ccb23edc8794000eca16afc4eb667a1ff9edab1e
dfb79c451c535faca9ef3aa006d39f05d4d65f88c42a3182aba34642d19713dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a56b7248517b052849b0d606b0c402c9a147d231cfba361af5dfb5794a3766
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4a10f8f155f2841bdcb939e86251e3a48915659fd5e48e58584ebc4529138ff

rextester.com Open in urlscan Pro 92.204.4.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

61 %IPv6

23 Domains

39 Subdomains

38 IPs

7 Countries

1039 kBTransfer

2644 kBSize

11 Cookies

2 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rextester.com Open in urlscan Pro
92.204.4.78 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

61 %
IPv6

23
Domains

39
Subdomains

38
IPs

7
Countries

1039 kB
Transfer

2644 kB
Size

11
Cookies

72 HTTP transactions
4 data transactions