urlscan.io logo urlscan.io
SecurityTrails logo

rextester.com Open in urlscan Pro
92.204.4.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://rextester.com/VJRG2381
Submission Tags: falconsandbox
Submission: On June 24 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 7 countries across 21 domains to perform 47 HTTP transactions. The main IP is 92.204.4.78, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is rextester.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 13th 2021. Valid for: a year.
This is the only time rextester.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 92.204.4.78 8972 (GD-EMEA-D...)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 94.31.29.32 33438 (STACKPATH)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 172.217.18.2 15169 (GOOGLE)
1 161.35.94.167 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 63.35.27.158 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
1 54.80.147.122 14618 (AMAZON-AES)
1 2602:803:c004... 26667 (RUBICONPR...)
1 185.255.84.151 200271 (IGUANE-)
1 51.38.120.206 16276 (OVH)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 72.251.249.13 29791 (VOXEL-DOT...)
1 185.33.221.13 29990 (ASN-APPNEX)
1 2a00:1450:400... ()
1 2a00:1450:400... ()
3 2a00:1450:400... ()
2 2a00:1450:400... ()
2 2a02:2638:1::3 ()
4 2a00:1450:400... ()
1 3 2a02:2638:1::13 ()
1 3 185.33.220.243 ()
1 178.250.2.146 ()
47 29
2    92.204.4.78 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: vs242194.vs.hosteurope.de
rextester.com
2    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    94.31.29.32 (Islington, United Kingdom)

ASN33438 (STACKPATH, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
securepubads.g.doubleclick.net
1    161.35.94.167 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-18.buysellads.com
srv.buysellads.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    63.35.27.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-27-158.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    54.80.147.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-147-122.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:812::2002 (None, )

ASN- ()
adservice.google.fr
1    2a00:1450:4001:830::2002 (None, )

ASN- ()
adservice.google.com
3    2a00:1450:4001:810::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
2    2a00:1450:4001:813::2001 (None, )

ASN- ()
63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
2    2a02:2638:1::3 (None, )

ASN- ()
static.criteo.net
4    2a00:1450:4001:808::2001 (None, )

ASN- ()
tpc.googlesyndication.com
3    2a02:2638:1::13 (None, )

ASN- ()
gum.criteo.com
3    185.33.220.243 (None, )

ASN- ()
secure.adnxs.com
1    178.250.2.146 (None, )

ASN- ()
mug.criteo.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com
63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
tpc.googlesyndication.com
50 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
137 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 744
gum.criteo.com
mug.criteo.com
8 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com
7 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2518
mp.4dex.io — Cisco Umbrella Rank: 3646
24 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 8
adservice.google.com
2 KB
3 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 14119
203 KB
2 criteo.net
static.criteo.net
57 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
70 KB
2 google.fr
www.google.fr — Cisco Umbrella Rank: 13250
adservice.google.fr
1 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 390
17 KB
2 rextester.com
rextester.com
139 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 660
645 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
360 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4705
706 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
1 KB
1 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 13761
339 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1342
904 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2138
707 B
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 15811
668 B
0 pubmatic.com Failed
hbopenbid.pubmatic.com Failed
47 21
Domain Requested by
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 secure.adnxs.com 1 redirects 63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
secure.adnxs.com
3 gum.criteo.com 1 redirects static.criteo.net
secure.adnxs.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 cdn4.buysellads.net rextester.com
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 www.googletagservices.com cdn4.buysellads.net
63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 ssl.google-analytics.com 1 redirects rextester.com
2 rextester.com rextester.com
1 mug.criteo.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.fr securepubads.g.doubleclick.net
1 ib.adnxs.com cdn4.buysellads.net
1 ap.lijit.com cdn4.buysellads.net
1 mp.4dex.io cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 onetag-sys.com cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 fastlane.rubiconproject.com cdn4.buysellads.net
1 mantodea.mantisadnetwork.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 ads.servenobid.com cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
1 www.google.fr rextester.com
1 stats.g.doubleclick.net 1 redirects
0 hbopenbid.pubmatic.com Failed cdn4.buysellads.net
47 30

This site contains links to these domains. Also see Links.

Domain
groups.google.com
www.patreon.com
Subject Issuer Validity Valid
rextester.com
ZeroSSL RSA Domain Secure Site CA		 2021-12-13 -
2022-12-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-06-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.fr
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://rextester.com/VJRG2381
Frame ID: 07570041736A1BF728FD3FB8BC6A2B06
Requests: 32 HTTP requests in this frame

Frame: https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DB5E7E8137CEEFA9C81E5B9C7C3B7AD9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rextester.com
Frame ID: 45699792CDB8271B2AE6502BDB450B80
Requests: 2 HTTP requests in this frame

Frame: https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 89292C8867187BF1768A2A030DB356E2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 795165AA2A09666A9D131D4BC894FBEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EC38FF92EF7FA052871C88436D554E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[Download.123Movies] Jurassic World Dominion 2022 MP4/720p 1080p HD 4K English, C# - rextester

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

91 %
HTTPS

52 %
IPv6

21
Domains

30
Subdomains

29
IPs

7
Countries

718 kB
Transfer

2024 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2060135760&utmhn=rextester.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%5BDownload.123Movies%5D%20Jurassic%20World%20Dominion%202022%20MP4%2F720p%201080p%20HD%204K%20English%2C%20C%23%20-%20rextester&utmhid=1140291021&utmr=-&utmp=%2FVJRG2381&utmht=1656089204119&utmac=UA-15090815-2&utmcc=__utma%3D178476455.2113054454.1656089204.1656089204.1656089204.1%3B%2B__utmz%3D178476455.1656089204.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=293052487&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760 HTTP 302
  • https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760&slf_rd=1&random=360929817
Request Chain 35
  • https://secure.adnxs.com/ttj?id=18678115&size=160x600&cb=1487903196&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l%2526sai%253DAMfl-YRK4BDOypQ3zfHxlJLbxSvPpSboAaIyjgMpBF0BK0uwhdhPdnN7AvcKgWPsIip2BoxgGyu4Nr195KwnSvuFUBpu22a5hwVwn0bY9CgcgncfOOCOVbTAgnT3yuTziwM%2526sig%253DCg0ArKJSzD1sfIRjr4N3EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D HTTP 307
  • https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D160x600%26cb%3D1487903196%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l%252526sai%25253DAMfl-YRK4BDOypQ3zfHxlJLbxSvPpSboAaIyjgMpBF0BK0uwhdhPdnN7AvcKgWPsIip2BoxgGyu4Nr195KwnSvuFUBpu22a5hwVwn0bY9CgcgncfOOCOVbTAgnT3yuTziwM%252526sig%25253DCg0ArKJSzD1sfIRjr4N3EAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D
Request Chain 37
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=rextester.com&sn=ChromeSyncframe&so=0&topUrl=rextester.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=HQys9Xw5U1lEVW03K3F3VGVZUkZIN0htRG1YQ201NkZIbzBvMkt5L1EyL01SR01nUlhGZUVHODhFeThXbzRHakdNaHJWendqejA1aVJlN3lNaG5zNnJKemVxaVpoZVpCazkwKzBYa3BqZzVCdUFPL1M1NDB5YklKWHQ2WGpzMlFYaUJ1bFc2bE1sMTF2eDg2VExNQUNTYlRuL3ladVVoK3BoMUZIcEFaVnF6bXhGSzFXL2V5VlFVcXdTdk5ad1FKV3pTSUdBMzAyT1FTUWJZcElLY2JOSC85N1podFYyVjBKZWRRYnlLTXNaaUIrY1lvU2lBWXpiQWJVbFlxNy9JWnl3bXNSUHY3L216VWZxazFmRlBIYlkvQm1PQT09fA&cppv=2

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request VJRG2381
rextester.com/ 		275 KB
93 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rextester.com/VJRG2381
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.204.4.78 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vs242194.vs.hosteurope.de
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3eb5d405e50dcfcc7597a4e048984ab49638ae4071ffbf502ee8e1c778eb8ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
95085
Content-Type
text/html; charset=utf-8
Date
Fri, 24 Jun 2022 16:47:28 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
jquery-latest.min.js
rextester.com/Scripts/ 		112 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rextester.com/Scripts/jquery-latest.min.js
Requested by
Host: rextester.com
URL: https://rextester.com/VJRG2381
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.204.4.78 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vs242194.vs.hosteurope.de
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2c6e0f0e40ee0c2dba52532421f6978b2861deb34e9a8271aa3aa9b52fc4be5c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/VJRG2381
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 16:47:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jan 2022 09:04:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"eb5a26da5c13d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
46715
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: rextester.com
URL: https://rextester.com/VJRG2381
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3842
date
Fri, 24 Jun 2022 15:42:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 24 Jun 2022 17:42:42 GMT
rextester.js
cdn4.buysellads.net/pub/ 		574 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Requested by
Host: rextester.com
URL: https://rextester.com/VJRG2381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
acf601988735b31762501c7bf8d92eb95a8c011ccdebad5c88821e92af45799b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:44 GMT
content-encoding
gzip
last-modified
Fri, 24 Jun 2022 12:17:02 GMT
server
NetDNA-cache/2.2
x-amz-request-id
JCG3J897AN00ZYSK
etag
W/"8e4b211955fb9ab5eb7d8811b4610de9"
x-cache
MISS
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
6Na07mq9O133B8P5cI9ALLpYFlYwPRY0q+nq+z62brrqQDMXsm9+Xo4+hGqxPHOoNVhXKcptkyM=
expires
Mon, 19 Jun 2023 16:46:44 GMT
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed23eedcffab565677aac0e6a13aa69b5a86b9bbb154a2be0018f2d23a308df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.fr/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2060135760&utmhn=rextester.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%5BDow...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760
  • https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760&slf_rd=1&random=360929817
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760&slf_rd=1&random=360929817
Requested by
Host: rextester.com
URL: https://rextester.com/VJRG2381
Protocol
H2
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 16:46:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 16:46:44 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=2113054454.1656089204&jid=293052487&_v=5.7.2&z=2060135760&slf_rd=1&random=360929817
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4975426d044f7b881923dd9e1ed5427ce2e3460d9e88f3d7188484a99f80bfbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28116
x-xss-protection
0
server
sffe
etag
"1254 / 300 of 1000 / last-modified: 1656068740"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Jun 2022 16:46:45 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=0.42955067825239435
Requested by
Host: rextester.com
URL: https://rextester.com/VJRG2381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:45 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
SJ25AHYVRE08XMDC
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
MBowGHbO5Vq8hE8cebK8J6c8XD7G9etZ3Lg2QRObv34j6wSWCanrfkgJm/gxlVZi3cWOkrwX/tQ=
expires
Mon, 19 Jun 2023 16:46:45 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=0.42955067825239435
Requested by
Host: rextester.com
URL: https://rextester.com/VJRG2381
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:45 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
SJ2FGAS3Q290703B
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
nwvtwDlTu2nzp2t+v1cxWu2T+ZOdODZLGbsZQLQF5n54QG/TM/RA2w3pa0pJ10/lHk4t+DoeTTo=
expires
Mon, 19 Jun 2023 16:46:45 GMT
pubads_impl_2022062101.js
securepubads.g.doubleclick.net/gpt/ 		372 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
b75b3b21ae775a45091f0e3bf542ad86aa9b243dc2d6548d85090c79a1ccf68b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 13:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129096
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 08:34:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Jun 2023 13:37:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		70 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rextester.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
b3c8a48d116a26a0f6f4266bc38c2e3df5971a53dc8cffae9c7edfe05081eb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69
x-xss-protection
0
expires
Fri, 24 Jun 2022 16:46:45 GMT
CEADP5QE.json
srv.buysellads.com/ads/ 		934 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CEADP5QE.json?forcebanner=453793&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
161.35.94.167 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-nl-18.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
a31af325c795e34d8ef7f4144a821670d8a83f509e4dfb4ad975e4ee76ca3fc4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
gzip
server
//srv.buysellads.com
content-length
555
vary
Accept-Encoding
content-type
application/json; charset=utf-8
localstore.js
script.4dex.io/ 		483 B
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8
content-type
application/javascript
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKGmh2kmCZf279HXkiZbDiw3AJOy6eqOGCT1ljbvQ1fZK2rArbWmPlVM%2FrULrb7OTDmCcuIYPwgx0QPK4IlofGOcg%2BFzy0hRwZULX0x8lYNlHwh3121S1v9LGVaWs76OLq9lunvg%2BTiH%2Fhn4"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
7206f0ff8b263bc8-CDG
expires
Fri, 24 Jun 2022 17:16:45 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
adreq
ads.servenobid.com/ 		948 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2577
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.27.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-27-158.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6777ff0ca69fba20389ad13faeafb83c4f713ef652ede4c67ea67706050e442b

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://rextester.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c3a09e4405667121bac91ebd0cc5d1bc8e23cfcca426c649f255964a4911464a

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rextester.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1656089205627&secure=true&version=9&title=%5BDownload.123Movies%5D%20Jurassic%20World%20Dominion%202022%20MP4%2F720p%201080p%20HD%204K%20English%2C%20C%23%20-%20rextester&url=https%3A%2F%2Frextester.com%2FVJRG2381&measurable=true&bids[0][bidId]=107a4c2451cd027&bids[0][config][property]=618afaa2b05d000015cf6c50&bids[0][config][zone]=Rextester_S2S_Sidebar_ROS_ATF&bids[0][sizes][0][width]=160&bids[0][sizes][0][height]=600&bids[0][sizes][1][width]=120&bids[0][sizes][1][height]=600&property=618afaa2b05d000015cf6c50&foo
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.147.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-147-122.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e59103fe07be86acf4cdc83115a89270d707b3aa24cdbaccd7d42bd43f6093aa

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 16:46:45 GMT
x-powered-by
Express
etag
W/"38-BBMSz9Lu1MGfWDilsBQsmOt+8UM"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://rextester.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ 		345 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=371750&zone_id=2030448&size_id=9&alt_size_ids=8&rp_schain=1.0,1!buysellads.com,856,1,,,&rf=https%3A%2F%2Frextester.com%2FVJRG2381&tg_i.pbadslot=8691100%2FRextester_S2S_Sidebar_ROS_ATF%23bsa-zone_1573677541197-0_123456&tk_flint=pbjs_lite_v4.43.0&x_source.tid=74d4aebb-b9c8-4a22-babb-1a2525013604&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8415307395936784
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
713bd3c906b27cf6546f7331b212369439b5b6491390b9c50550aadbe62361ea

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 16:46:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://rextester.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
345
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		358 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Frextester.com%2FVJRG2381&PublisherDomain=https%3A%2F%2Frextester.com
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
6741f85bbe26edb785cf7c1344f8a2130c992cb47051bfa8cca18d614b49ec3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 16:46:45 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rextester.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
112
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
358
expires
0
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://rextester.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=28168352159
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rextester.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ 		114 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aa9cf8f46aa22092513e03da08560894b4afd3aeb09ec693493d0bb6fcdd7b8

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
7206f0ffab88cdab-CDG
pragma
no-cache
date
Fri, 24 Jun 2022 16:46:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Selecting bids. No selected bids
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rextester.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
bid
ap.lijit.com/rtb/ 		24 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
132f8f17ba6e8f704985f10b5dc40e92a53f10d422c14fa6178ff018c5ec12a9

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 24 Jun 2022 16:46:45 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://rextester.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		19 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 16:46:45 GMT
X-Proxy-Origin
178.33.144.178; 178.33.144.178; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c48e4719-c743-4570-8513-cd1f3d86a500
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://rextester.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1482308
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8b4c3b0113934880868d5-00629f4c31
x-amz-id-2
tx8b4c3b0113934880868d5-00629f4c31
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3cbIzm4BA0xJGTOPovmA5ifX2rNlQLD%2FzlX7WkED75e7GLqAv%2B%2Bji6DCDVGgpzWQmNjqcWH89HtH56E9oes%2FZrHQy6HeE2nVIc8Ai7dOtvagcVLjZWKkE8w6v%2FqOVMSRfIc66aKCPFazpqs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
7206f0fff98199a2-CDG
access-control-allow-headers
Authorization
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=rextester.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rextester.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1082979829775297&correlator=3939454967304703&eid=31067915%2C31068189%2C44761477%2C42531605&output=ldjh&gdfp_req=1&vrg=2022062101&ptt=17&impl=fifs&iu_parts=8691100%2CRextester_S2S_Sidebar_ROS_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600&ifi=1&adks=1248755704&sfv=1-0-38&ecs=20220624&fsapi=false&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1573677541197-0_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddev%26optimize_env%3Dprod%26optimize_pub%3Drextester%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1656089208140&lmt=1656089208&dlt=1656089203914&idt=1617&biw=1600&bih=1200&adxs=1429&adys=99&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Frextester.com%2FVJRG2381&frm=20&vis=1&scr_x=0&scr_y=0&psz=162x1649&msz=160x0&fws=0&ohw=0&ga_vid=2113054454.1656089204&ga_sid=1656089204&ga_hid=1140291021&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
45bca0a954b23107ea233db414040803d7ef8bc52ddc1ea0fefff0061a827e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9312
x-xss-protection
0
google-lineitem-id
5320060794
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305489228
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rextester.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022062101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3fff0bc2437623f23094250e64ff9e1d1d93b5df13dafacf2e6881d164990413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10668
x-xss-protection
0
container.html
63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DB5E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 16:46:48 GMT
expires
Sat, 24 Jun 2023 16:46:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1656088800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jun 2022 16:46:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 16:46:48 GMT
syncframe
gum.criteo.com/ Frame 4569 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rextester.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 16:46:47 GMT
server-processing-duration-in-ticks
2454
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Jun 2022 16:46:48 GMT
container.html
63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8929 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js?cb=31068189
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 16:46:48 GMT
expires
Sat, 24 Jun 2023 16:46:48 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8929 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
URL: https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 10:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Jun 2023 10:45:56 GMT
bounce
secure.adnxs.com/ Frame 8929
Redirect Chain
  • https://secure.adnxs.com/ttj?id=18678115&size=160x600&cb=1487903196&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AI...
  • https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D160x600%26cb%3D1487903196%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjst-wmeD78_Zc9gUAThS...
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D160x600%26cb%3D1487903196%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l%252526sai%25253DAMfl-YRK4BDOypQ3zfHxlJLbxSvPpSboAaIyjgMpBF0BK0uwhdhPdnN7AvcKgWPsIip2BoxgGyu4Nr195KwnSvuFUBpu22a5hwVwn0bY9CgcgncfOOCOVbTAgnT3yuTziwM%252526sig%25253DCg0ArKJSzD1sfIRjr4N3EAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D
Requested by
Host: 63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
URL: https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
185.33.220.243 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
b9e8f14a53c3c6e6d8dc2382d75dd496681261d4b5c2e377017c69b304473100
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Fri, 24 Jun 2022 16:46:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.33.144.178; 178.33.144.178; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cd5412f7-49f9-43d7-871b-f2ddea3240e1
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 16:46:48 GMT
X-Proxy-Origin
178.33.144.178; 178.33.144.178; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0a173321-259c-4bb7-ae92-95c847eb4447
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D160x600%26cb%3D1487903196%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l%252526sai%25253DAMfl-YRK4BDOypQ3zfHxlJLbxSvPpSboAaIyjgMpBF0BK0uwhdhPdnN7AvcKgWPsIip2BoxgGyu4Nr195KwnSvuFUBpu22a5hwVwn0bY9CgcgncfOOCOVbTAgnT3yuTziwM%252526sig%25253DCg0ArKJSzD1sfIRjr4N3EAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8929 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
URL: https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43180
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655912982481896"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 16:46:48 GMT
sid
mug.criteo.com/ Frame 4569
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=rextester.com&sn=ChromeSyncframe&so=0&topUrl=rextester.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=HQys9Xw5U1lEVW03K3F3VGVZUkZIN0htRG1YQ201NkZIbzBvMkt5L1EyL01SR01nUlhGZUVHODhFeThXbzRHakdNaHJWendqejA1aVJlN3lNaG5zNnJKemVxaVpoZVpCazkwKzBYa3BqZzVCdUFPL1M1NDB5YklKWHQ2WG...
433 B
639 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HQys9Xw5U1lEVW03K3F3VGVZUkZIN0htRG1YQ201NkZIbzBvMkt5L1EyL01SR01nUlhGZUVHODhFeThXbzRHakdNaHJWendqejA1aVJlN3lNaG5zNnJKemVxaVpoZVpCazkwKzBYa3BqZzVCdUFPL1M1NDB5YklKWHQ2WGpzMlFYaUJ1bFc2bE1sMTF2eDg2VExNQUNTYlRuL3ladVVoK3BoMUZIcEFaVnF6bXhGSzFXL2V5VlFVcXdTdk5ad1FKV3pTSUdBMzAyT1FTUWJZcElLY2JOSC85N1podFYyVjBKZWRRYnlLTXNaaUIrY1lvU2lBWXpiQWJVbFlxNy9JWnl3bXNSUHY3L216VWZxazFmRlBIYlkvQm1PQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b201506aa8491c13c8e29cfdd9fc29e63033a6fdca02fb989c594273d2f5e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5077
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Jun 2022 16:46:48 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=HQys9Xw5U1lEVW03K3F3VGVZUkZIN0htRG1YQ201NkZIbzBvMkt5L1EyL01SR01nUlhGZUVHODhFeThXbzRHakdNaHJWendqejA1aVJlN3lNaG5zNnJKemVxaVpoZVpCazkwKzBYa3BqZzVCdUFPL1M1NDB5YklKWHQ2WGpzMlFYaUJ1bFc2bE1sMTF2eDg2VExNQUNTYlRuL3ladVVoK3BoMUZIcEFaVnF6bXhGSzFXL2V5VlFVcXdTdk5ad1FKV3pTSUdBMzAyT1FTUWJZcElLY2JOSC85N1podFYyVjBKZWRRYnlLTXNaaUIrY1lvU2lBWXpiQWJVbFlxNy9JWnl3bXNSUHY3L216VWZxazFmRlBIYlkvQm1PQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1629
content-length
541
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8929 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l&sai=AMfl-YTlrWjxTM6OoM3WKcGhjjlie_GSaw5xV5B5h0dwd_UTL-38t0R3ytwVuJlQIs3yV0vJvfbSsqN-8K64sQTpV2Yy_ma_zkh_1s5JNANZB0BwVynRgU4y9qNdA2MYFNo&sig=Cg0ArKJSzIhKYZfI5WT4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
URL: https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 16:46:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 24 Jun 2022 16:46:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7951 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 16:44:22 GMT
expires
Sat, 24 Jun 2023 16:44:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7EC3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bf3508c13cafbbabd4158834967986e8125951916b97a3a41fd5a72d40fd8510
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QiqvF6cbpkkxfthflNG5LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-QiqvF6cbpkkxfthflNG5LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Jun 2022 16:46:48 GMT
expires
Fri, 24 Jun 2022 16:46:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync
gum.criteo.com/ Frame 8929 		51 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=160x600&cb=1487903196&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l%2526sai%253DAMfl-YRK4BDOypQ3zfHxlJLbxSvPpSboAaIyjgMpBF0BK0uwhdhPdnN7AvcKgWPsIip2BoxgGyu4Nr195KwnSvuFUBpu22a5hwVwn0bY9CgcgncfOOCOVbTAgnT3yuTziwM%2526sig%253DCg0ArKJSzD1sfIRjr4N3EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:48 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3528
strict-transport-security
max-age=31536000; preload;
content-length
169
expires
60
ttj
secure.adnxs.com/ Frame 8929 		0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1656089208&bdh=N5sJN3-mo6DxKRCilnM2yGSs2n4.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=160x600&cb=1487903196&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l%2526sai%253DAMfl-YRK4BDOypQ3zfHxlJLbxSvPpSboAaIyjgMpBF0BK0uwhdhPdnN7AvcKgWPsIip2BoxgGyu4Nr195KwnSvuFUBpu22a5hwVwn0bY9CgcgncfOOCOVbTAgnT3yuTziwM%2526sig%253DCg0ArKJSzD1sfIRjr4N3EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=160x600&cb=1487903196&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst-wmeD78_Zc9gUAThS_ARPHnOjVU9UfT7k7UFF0MBpAFHf8tV3KsSZz1AIMdo9LYxYPv_5fiYONLSntHDgVe9eozmTe22bjdOrIwy1w4MWBPXfvbxXb_z0BVNav_HXyxt0o4J19Hgq_JRCSMbFNkQBXfgmluUg5srSvM0fzrR3m8NWbO134nEtUqCdE6w_6GRwjiVvpDzZ7R_13Ky81DdRtrF5rNjpVphBmX6Lltzx0x5sd4KkPabnkHHugfvsN8BldYW8W0fw9snkpYbXUw359NRI0bf6TdgIhcMVunCwajfIjYpLvisDpOfmCUvlwreAOZhQkvgaPk9l%2526sai%253DAMfl-YRK4BDOypQ3zfHxlJLbxSvPpSboAaIyjgMpBF0BK0uwhdhPdnN7AvcKgWPsIip2BoxgGyu4Nr195KwnSvuFUBpu22a5hwVwn0bY9CgcgncfOOCOVbTAgnT3yuTziwM%2526sig%253DCg0ArKJSzD1sfIRjr4N3EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Jun 2022 16:46:48 GMT
X-Proxy-Origin
178.33.144.178; 178.33.144.178; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
29ce741c-cdc9-4a40-ac08-ba6afe5182b5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
pagead2.googlesyndication.com/bg/ Frame 7951 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
972198b02b9e13cc91f17a0e0cea3af056c3ad7fc8eb79d4881c9dc427ca8aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13789
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Jun 2023 16:44:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7EC3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022062101&jk=1082979829775297&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
truncated
/ Frame 8929 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06578566c0e688560d34c0a0890255ebbfcc43fe414ddde4fde1a088bd95e6d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8929 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUsfvv2QMFi0MRTA7U3Fr7lGr0lFncVIoD8WekBYJAKgng7Sc45QplnyAASU91RkK3GZwgzMFHRH6NV2_a_Sz3nVFmAziL0rYydcvr9TXCMO3f1DhjhoQOALu0untk74oBnsAxLyQDcTE471TmDTYf_GGX39OdqW9nXpE2OafZNy9Zk7tDZFbYAj3ADjhxP30y8UKosYjmxuztyr8iJ0OM4HkYWlBBr7BsrrM8-N1MwguF6VPG0of_TV4HyT7bDOQsWiq-WSImN_lVz2u8gOUTIG8bI3-TsYDrFd7qkJEhJVa8emLV066FycznWE0RN0fvCALzrP7a093-LRI&sai=AMfl-YRBRIv_lZQahKD5iDmgLxq0U_Zylp0lrHEisNV12AiQVQCJFUJKVO19Ken6rvsdG_BFaVqBuLQOFxELmh8Up_T15KWXPpb_KPIvjpdwQi2s7xQkos1Mr557CsDi_EY&sig=Cg0ArKJSzCjTAgcgjcFcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 24 Jun 2022 16:46:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 24 Jun 2022 16:46:48 GMT
generate_204
tpc.googlesyndication.com/ Frame 7951 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M47-lQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 16:46:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| _gaq function| CodeMirror boolean| has_changes object| GlobalEditor function| Save function| RunClientSide function| RunNonCS number| total_runs function| Run object| _gat object| gaGlobal object| bsagpt object| bsaheaderbid object| googletag function| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| Criteo object| sas object| apntag object| _ADAGIO string| mantis_uuid

7 Cookies

Domain/Path Name / Value
.rextester.com/ Name: __utma
Value: 178476455.2113054454.1656089204.1656089204.1656089204.1
.rextester.com/ Name: __utmc
Value: 178476455
.rextester.com/ Name: __utmz
Value: 178476455.1656089204.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.rextester.com/ Name: __utmt
Value: 1
.rextester.com/ Name: __utmb
Value: 178476455.1.10.1656089204
.rubiconproject.com/ Name: khaos
Value: L4SOR5CV-S-BQ45
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2WcZVvKidOoMWxZQUMNpzzGXFcqoZw1m6Ux6cKWPZL9zdgk5dZUQzY3IPTGbnMv5BymPvo8pleP+bPGxj3zScZKb/MXuuoKek=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63520fadf0e2ac50bb54406e0e7d15c9.safeframe.googlesyndication.com
ads.servenobid.com
adservice.google.com
adservice.google.fr
ap.lijit.com
bidder.criteo.com
cdn4.buysellads.net
fastlane.rubiconproject.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
mantodea.mantisadnetwork.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
prebid.media.net
rextester.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
srv.buysellads.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.fr
www.googletagservices.com
hbopenbid.pubmatic.com
161.35.94.167
172.217.18.2
178.250.2.131
178.250.2.146
185.255.84.151
185.33.220.243
185.33.221.13
2602:803:c004:200::140
2606:4700:20::681a:8a9
2606:4700::6812:372
2a00:1450:4001:800::2008
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c1b::9c
2a02:2638:1::13
2a02:2638:1::3
34.107.148.139
51.38.120.206
54.80.147.122
63.35.27.158
72.251.249.13
92.204.4.78
94.31.29.32
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
06578566c0e688560d34c0a0890255ebbfcc43fe414ddde4fde1a088bd95e6d2
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
132f8f17ba6e8f704985f10b5dc40e92a53f10d422c14fa6178ff018c5ec12a9
2c6e0f0e40ee0c2dba52532421f6978b2861deb34e9a8271aa3aa9b52fc4be5c
3b201506aa8491c13c8e29cfdd9fc29e63033a6fdca02fb989c594273d2f5e2a
3fff0bc2437623f23094250e64ff9e1d1d93b5df13dafacf2e6881d164990413
45bca0a954b23107ea233db414040803d7ef8bc52ddc1ea0fefff0061a827e89
4975426d044f7b881923dd9e1ed5427ce2e3460d9e88f3d7188484a99f80bfbb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed23eedcffab565677aac0e6a13aa69b5a86b9bbb154a2be0018f2d23a308df
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6741f85bbe26edb785cf7c1344f8a2130c992cb47051bfa8cca18d614b49ec3b
6777ff0ca69fba20389ad13faeafb83c4f713ef652ede4c67ea67706050e442b
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
713bd3c906b27cf6546f7331b212369439b5b6491390b9c50550aadbe62361ea
7aa9cf8f46aa22092513e03da08560894b4afd3aeb09ec693493d0bb6fcdd7b8
972198b02b9e13cc91f17a0e0cea3af056c3ad7fc8eb79d4881c9dc427ca8aa9
a31af325c795e34d8ef7f4144a821670d8a83f509e4dfb4ad975e4ee76ca3fc4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
acf601988735b31762501c7bf8d92eb95a8c011ccdebad5c88821e92af45799b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b3c8a48d116a26a0f6f4266bc38c2e3df5971a53dc8cffae9c7edfe05081eb1a
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b75b3b21ae775a45091f0e3bf542ad86aa9b243dc2d6548d85090c79a1ccf68b
b9e8f14a53c3c6e6d8dc2382d75dd496681261d4b5c2e377017c69b304473100
bf3508c13cafbbabd4158834967986e8125951916b97a3a41fd5a72d40fd8510
c3a09e4405667121bac91ebd0cc5d1bc8e23cfcca426c649f255964a4911464a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eb5d405e50dcfcc7597a4e048984ab49638ae4071ffbf502ee8e1c778eb8ea
e59103fe07be86acf4cdc83115a89270d707b3aa24cdbaccd7d42bd43f6093aa
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629