www.proxysite.com Open in urlscan Pro
34.225.91.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eu3.proxysite.com/process.php?d=1Y4A6uetvfW0RpHT4HFrC7VgA9nQ85XPk6yPkP284h%2Bm4l3lL2F6OuY%3D
Effective URL:
https://www.proxysite.com/
Submission: On April 04 via manual (April 4th 2022, 9:18:16 am UTC) from FR — Scanned from FR

Summary HTTP 122 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 20 domains to perform 122 HTTP transactions. The main IP is 34.225.91.178, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.proxysite.com. The Cisco Umbrella rank of the primary domain is 207157.
TLS certificate: Issued by Amazon on March 28th 2022. Valid for: a year.

This is the only time www.proxysite.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	178.33.33.138 178.33.33.138	16276 (OVH) (OVH)
1 18	34.225.91.178 34.225.91.178	14618 (AMAZON-AES) (AMAZON-AES)
17	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	192.82.242.209 192.82.242.209	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
122	20

1 178.33.33.138 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip138.ip-178-33-33.eu

eu3.proxysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.225.91.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-91-178.compute-1.amazonaws.com

www.proxysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.82.242.209 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 125	427 KB
22	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	141 KB
19	proxysite.com 2 redirects eu3.proxysite.com www.proxysite.com — Cisco Umbrella Rank: 207157	167 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	146 KB
7	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 7	1 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 579 syndication.twitter.com — Cisco Umbrella Rank: 828	149 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	145 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	3 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 610	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 599	887 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 585	137 KB
2	google.fr adservice.google.fr — Cisco Umbrella Rank: 28668	914 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	18 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	83 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 348	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1485	351 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1104	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	647 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
122	20

	Domain	Requested by
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.proxysite.com googleads.g.doubleclick.net
18	www.proxysite.com	1 redirects www.proxysite.com
17	pagead2.googlesyndication.com	www.proxysite.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
10	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	cm.g.doubleclick.net	www.proxysite.com googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	platform.twitter.com	www.proxysite.com platform.twitter.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	id.rlcdn.com	2 redirects
2	static.xx.fbcdn.net	www.facebook.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.fr	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com www.proxysite.com
2	www.facebook.com	connect.facebook.net www.proxysite.com
2	www.google-analytics.com	www.proxysite.com www.google-analytics.com
2	connect.facebook.net	www.proxysite.com connect.facebook.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	eu3.proxysite.com	1 redirects
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
122	26

This site contains links to these domains. Also see Links.

Domain
eu18.proxysite.com
pryvacy.com

Subject Issuer	Validity	Valid
proxysite.com Amazon	`2022-03-28` - `2023-04-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-04-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.proxysite.com/
Frame ID: DF53B02DE75505DF68A62F133684634F
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html
Frame ID: 81E0876718DC325786FEDAAD50892A29
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.proxysite.com
Frame ID: 61BD452997C8B43BFD182128E3DF0FD1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b7844d5d52494%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff296d04f2a23bc8%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80
Frame ID: 772F7558407EB67863525D92F6F92C24
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890962&bpp=4&bdt=520&idt=162&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=13007650835&frm=20&pv=2&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MOk2rOIOX2&p=https%3A//www.proxysite.com&dtd=181
Frame ID: 2724A5D65E8A7B6230739497658095F4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890966&bpp=1&bdt=524&idt=183&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5fF97hPze3&p=https%3A//www.proxysite.com&dtd=186
Frame ID: 96BFC5B4AF581EE33B14A0E199E0F6CB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1497320946&pi=t.ma~as.6803856480&w=728&lmt=1649063891&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890967&bpp=1&bdt=525&idt=201&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TYAmbi4ktQ&p=https%3A//www.proxysite.com&dtd=205
Frame ID: 201F07BE56B8E091C6F9E1EA0F775A5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1649063891&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890968&bpp=1&bdt=525&idt=209&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=214
Frame ID: DF63D10C91AA2573C7BA6383CE19EF99
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.0af76c3310098d2f8f428367b62351b8.en.html
Frame ID: A299D014135FAAA95825C3714378874D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1084&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6S3rk21YUl&p=https%3A//www.proxysite.com&dtd=30
Frame ID: A8AE27014A59E15AC0A6F3F130E83843
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1083&idt=0&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=jzqOyAltCP&p=https%3A//www.proxysite.com&dtd=42
Frame ID: 049A5C3BB0A4DD2C291D63B3521162F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1EDA2EA482BEB9D98841183ADAE33A97
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C06E813E7B25DADFAD10B9A18F2D65E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B381AE1FC47428F0C6A3BB9304DEF1CE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 32B8550F48B13ACF64413EB229AE82B3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: F98B2A72AF436C4C8C5C765BE4E305E3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 022097B18746C47B5568895CD5C273DB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: BC64C61174D3C738383B0377E547033E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: 947451A5395C82F821C21716F38AB9E7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Frame ID: D073C7416708A7AD91CB7E713A27DEE4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDCD1E7058850766C206EB47DBD8CFAE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4E17ED74864A3EBEAD2015AD0A541C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProxySite.com - Free Web Proxy Site

Page URL History Show full URLs

https://eu3.proxysite.com/process.php?d=1Y4A6uetvfW0RpHT4HFrC7VgA9nQ85XPk6yPkP284h%2Bm4l3lL2F6OuY%3D HTTP 302
https://www.proxysite.com/process.php?d=1Y4A6uetvfW0RpHT4HFrC7VgA9nQ85XPk6yPkP284h%2Bm4l3lL2F6OuY%3D HTTP 301
https://www.proxysite.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

96 %
HTTPS

61 %
IPv6

20
Domains

26
Subdomains

20
IPs

4
Countries

1439 kB
Transfer

3825 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://eu18.proxysite.com/go/youtube.com
Title: YouTube

Search URL Search Domain Scan URL

URL: https://eu18.proxysite.com/go/facebook.com
Title: Facebook

Search URL Search Domain Scan URL

URL: https://eu18.proxysite.com/go/twitter.com
Title: Twitter

Search URL Search Domain Scan URL

URL: https://eu18.proxysite.com/go/reddit.com
Title: Reddit

Search URL Search Domain Scan URL

URL: https://eu18.proxysite.com/go/imgur.com
Title: Imgur

Search URL Search Domain Scan URL

URL: https://eu18.proxysite.com/go/google.com
Title: Google

Search URL Search Domain Scan URL

URL: https://pryvacy.com/
Title: Pryvacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eu3.proxysite.com/process.php?d=1Y4A6uetvfW0RpHT4HFrC7VgA9nQ85XPk6yPkP284h%2Bm4l3lL2F6OuY%3D HTTP 302
https://www.proxysite.com/process.php?d=1Y4A6uetvfW0RpHT4HFrC7VgA9nQ85XPk6yPkP284h%2Bm4l3lL2F6OuY%3D HTTP 301
https://www.proxysite.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI3PlRHqvnpX5JOJsR5aDx-DfRagbxEw5XRLV10oHlBwV5-rMbBPTFMN3hykHucw61obfRWC9s9Qt0UQ_Zm-v3GTzW2KBr0&google_gid=CAESEMEg5t8zMZt6Edrv1FP6sqg&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTvqpIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJM1BsUkhxdm5wWDVKT0pzUjVhRHgtRGZSYWdieEV3NVhSTFYxMG9IbEJ3VjUtck1iQlBURk1OM2h5a0h1Y3c2MW9iZlJXQzlzOVF0MFVRX1ptLXYzR1R6VzJLQnIw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUFA0TDFnTmdsZk50eXVvcWZVR3daVFI4X3g1NTF6S2dUTEtGMnFQNUJqWQ==&google_push

Request Chain 106

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH-BOg-YQpnxaB-45WdSAhY&google_cver=1&google_push=AYg5qPKWUmyeGya-HSjHwOcvk1uNw8j6jntDdII1MKlseViZ3q7etWCqyWaqvtGCWKDKDLOGzPEpXXrA2Xtj2JFNJN0nmap9dpg_ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH-BOg-YQpnxaB-45WdSAhY&google_cver=1&google_push=AYg5qPKWUmyeGya-HSjHwOcvk1uNw8j6jntDdII1MKlseViZ3q7etWCqyWaqvtGCWKDKDLOGzPEpXXrA2Xtj2JFNJN0nmap9dpg_&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D5SHknEuS-6_hhGoWzGa_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKWUmyeGya-HSjHwOcvk1uNw8j6jntDdII1MKlseViZ3q7etWCqyWaqvtGCWKDKDLOGzPEpXXrA2Xtj2JFNJN0nmap9dpg_

Request Chain 107

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH7o-IstQIdwsFFSQjSDJm8&google_cver=1&google_push=AYg5qPIxAjiPTXHm4ymm224MvSFGJFf8nYiJazdt5JKzcvTnfGykw1KuXkpC1seFMzCv95MxL6HBRAeQGnVrRZiUFUE7E9ZWN8Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLSTJBWDYtMUUtM0k2WQ==&google_push=AYg5qPIxAjiPTXHm4ymm224MvSFGJFf8nYiJazdt5JKzcvTnfGykw1KuXkpC1seFMzCv95MxL6HBRAeQGnVrRZiUFUE7E9ZWN8Q

Request Chain 108

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_cver=1&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1

122 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.proxysite.com/
Redirect Chain

https://eu3.proxysite.com/process.php?d=1Y4A6uetvfW0RpHT4HFrC7VgA9nQ85XPk6yPkP284h%2Bm4l3lL2F6OuY%3D
https://www.proxysite.com/process.php?d=1Y4A6uetvfW0RpHT4HFrC7VgA9nQ85XPk6yPkP284h%2Bm4l3lL2F6OuY%3D
https://www.proxysite.com/

14 KB
5 KB

143ms
142ms

Document
text/html

34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3c2b5f176572b72ebd54f1b355c9445275fe6d1f01fd796c026eca0e85443c0d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: no-cache, max-age=0
content-encoding: gzip
content-length: 4222
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:18:10 GMT
expires: Mon, 04 Apr 2022 09:18:10 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

cache-control: max-age=0
content-length: 234
content-type: text/html; charset=iso-8859-1
date: Mon, 04 Apr 2022 09:18:10 GMT
expires: Mon, 04 Apr 2022 09:18:10 GMT
location: https://www.proxysite.com/
server: Apache

GET
H2 200 96f631f.css
www.proxysite.com/css/ 38 KB
8 KB 197ms
197ms Stylesheet
text/css 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 22:05:12 GMT
server: Apache
etag: "97e6-58465952edaf2-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7817
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 logo.png
www.proxysite.com/assets/images/ 3 KB
4 KB 102ms
102ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/logo.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "cd8-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3288
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 privacy.png
www.proxysite.com/assets/images/ 7 KB
8 KB 198ms
197ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/privacy.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "1dbc-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7612
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 speed.png
www.proxysite.com/assets/images/ 5 KB
6 KB 295ms
294ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/speed.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "158b-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5515
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 magnifying.png
www.proxysite.com/assets/images/ 10 KB
10 KB 293ms
292ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/magnifying.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "2690-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9872
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 computer.png
www.proxysite.com/assets/images/ 7 KB
7 KB 295ms
294ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/computer.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "1b25-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6949
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 magnifying2.png
www.proxysite.com/assets/images/ 7 KB
7 KB 293ms
293ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/magnifying2.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "1b58-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7000
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 logo-footer.png
www.proxysite.com/assets/images/ 2 KB
2 KB 295ms
295ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/logo-footer.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "7b4-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1972
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 jquery.js Show response
www.proxysite.com/assets/js/ 95 KB
34 KB 392ms
390ms Script
application/javascript 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/js/jquery.js?v=17030501
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 22:05:12 GMT
server: Apache
etag: "17b8b-58465952c3b12-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33760
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 65f94d5.js Show response
www.proxysite.com/js/ 39 KB
10 KB 199ms
197ms Script
application/javascript 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/js/65f94d5.js?v=17030501
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2019 22:05:13 GMT
server: Apache
etag: "9a33-584659534d630-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9611
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 115ms
53ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

030ead34eeb8aed5d086ad672fc85b904b10a2cc267e8479ffba29ad199512ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54135
x-xss-protection: 0
server: cafe
etag: 9286151275785121370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 09:18:10 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 117ms
19ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F9B) /
Resource Hash: da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 09:18:10 GMT
Content-Encoding: gzip
Age: 1336
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Content-Length: 29457
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:50:29 GMT
Server: ECS (pab/6F9B)
Etag: "f763893db69b9ff52796c20ddfe2ac52+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 70ms
22ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

066868c0fe17d448e7e4a20b3f7c67b5df12fdcf0d3f0278bab1713757c30070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: x2F3iPoaTa0FNg8FWQu5mg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 04 Apr 2022 09:36:26 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: lsA7QCjyrD39K/tticNRwhMUj0uXSF47KDq7TPseA1x9V3BjWGMiPMZOyBGNz4UWOBT1hpkQTF1PDYislPN8vg==
x-fb-trip-id: 686109401
x-fb-content-md5: e54793d39b3155482eef43fd320a440b
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 04 Apr 2022 09:18:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "781f887a936bf1812b5bf51f73388d2a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 bg.png
www.proxysite.com/assets/images/ 236 B
763 B 185ms
184ms Image
image/png 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proxysite.com/assets/images/bg.png
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "ec-5846594182b78"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 236
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 raleway.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 181ms
181ms Font
application/octet-stream 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3ab8-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15032
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 raleway-semibold.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 179ms
178ms Font
application/octet-stream 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway-semibold.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3b18-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15128
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 icomoon.ttf
www.proxysite.com/assets/fonts/ 3 KB
3 KB 183ms
182ms Font
application/font-sfnt 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/icomoon.ttf?-p3bna1
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "a7c-5846594181bd8"
content-type: application/font-sfnt
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2684
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 raleway-bold.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 183ms
182ms Font
application/octet-stream 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway-bold.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3aa0-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15008
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H2 200 raleway-light.woff2
www.proxysite.com/assets/fonts/ 15 KB
15 KB 183ms
183ms Font
application/octet-stream 34.225.91.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proxysite.com/assets/fonts/raleway-light.woff2
Requested by: Host: www.proxysite.com
URL: https://www.proxysite.com/css/96f631f.css?v=17030501
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.91.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-91-178.compute-1.amazonaws.com
Software: Apache /
Resource Hash: d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93

Request headers

Referer: https://www.proxysite.com/css/96f631f.css?v=17030501
Origin: https://www.proxysite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:10 GMT
last-modified: Mon, 18 Mar 2019 22:04:54 GMT
server: Apache
etag: "3a6c-5846594182b78"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14956
expires: Wed, 04 May 2022 09:18:10 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 49ms
23ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ff0f0ffef6a91f3d356d9611737431c3

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d203674db600008e19567c31f491004256d89e93d4c5e42b6c8b7cb2abc9cfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.proxysite.com/
Origin: https://www.proxysite.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eiyLvQiYhCLukxusUaS3Iw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82730
x-fb-rlafr: 0
x-fb-debug: d9yI1P+oSf6vKi9Nx3PdcWNvIjYzDlFgwN8FpEY2VyPD1YoxDM1rUbDoQ0bBEIqgk/NYQZ2mrqvQEdRFvKO6Og==
x-fb-content-md5: 0edff9daa869b586cdec9193198c3638
x-frame-options: DENY
date: Mon, 04 Apr 2022 09:18:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7be12adba2acef197cf529ecc064000c"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 04 Apr 2023 08:45:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 92ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4404
date: Mon, 04 Apr 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 04 Apr 2022 10:04:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/ Frame 81E0 10 KB
5 KB 89ms
24ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 35350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 23:29:01 GMT
etag: 4044455266028820542
expires: Sun, 17 Apr 2022 23:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.0af76c3310098d2f8f428367b62351b8.html Show response
platform.twitter.com/widgets/ Frame 61BD 319 KB
104 KB 20ms
20ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.proxysite.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F98) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 307540
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Apr 2022 09:18:10 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 31 Mar 2022 19:49:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6F98)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 like.php Show response
www.facebook.com/v2.5/plugins/ Frame 772F 48 KB
18 KB 149ms
103ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b7844d5d52494%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff296d04f2a23bc8%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ff0f0ffef6a91f3d356d9611737431c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3e702d6ca7d0aec0137685efe52fbbb19a15a4327e10d4afbdb73cf41c14312

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 04 Apr 2022 09:18:11 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: HDbCoJmlag9iS77AHH9v2kDmU7nsSAPcsYSFembrMp8D0SRevMmNJmzw2csJcxp2ZcpR2gLtKYpmMZlRxB9gFA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/ 301 KB
108 KB 89ms
53ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com&bust=31066007

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

651dfe42114ec91ccb8c752a7b553983cf96e26df02411a49cddcf734fc61a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110221
x-xss-protection: 0
server: cafe
etag: 14539397045447039586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 61BD 230 B
446 B 184ms
126ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fc3f10e90ea2d21c8c17a7ecb37b3f0d62882e57

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.proxysite.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 04 Apr 2022 09:18:10 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 09:18:11 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6441653d8a3ff5c9b3df275f4aab3ad7ea925c934fa24db8fb6e15fa84f7eae5
content-length: 164

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 79ms
43ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1209295047&t=pageview&_s=1&dl=https%3A%2F%2Fwww.proxysite.com%2F&ul=en-us&de=UTF-8&dt=ProxySite.com%20-%20Free%20Web%20Proxy%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1992989881&gjid=91808887&cid=1125341721.1649063891&tid=UA-45368124-2&_gid=1757120046.1649063891&_r=1&_slc=1&z=605449328

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.proxysite.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.proxysite.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
647 B 107ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.proxysite.com&callback=_gfp_s_&client=ca-pub-5271052033776811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5271052033776811&plah=www.proxysite.com&bust=31066007

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eea3e4c3a1a98ace4a4c0c8e73b5a3e6578e3a2b5e2b71dd964c718ba8e4112e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 148ms
37ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.proxysite.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 104ms
38ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2724 90 KB
32 KB 373ms
338ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890962&bpp=4&bdt=520&idt=162&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=13007650835&frm=20&pv=2&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MOk2rOIOX2&p=https%3A//www.proxysite.com&dtd=181

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d674a7abe3d97fae34625b0f3beb0e68550d8db6ab4b199789fca7a83d1b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32634
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 09:18:11 GMT
expires: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 772F 400 B
648 B 30ms
22ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b7844d5d52494%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff296d04f2a23bc8%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: vJy/QdBC/3cpdJDyp+kcWhdANr+zaptvOW7ZXLvIWyrWpXqG3Ab8Dk3xUQUUXJgmgXngpmjsMNwa5ueY6muHrg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Apr 2023 05:32:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 96BF 89 KB
32 KB 393ms
367ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890966&bpp=1&bdt=524&idt=183&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5fF97hPze3&p=https%3A//www.proxysite.com&dtd=186

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcea43c8af952847c41a0c3bc7d405e698f757c327bc942ea55727be2a569682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32600
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 09:18:11 GMT
expires: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hO3BA8a1wP0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/ Frame 772F 522 KB
136 KB 71ms
24ms XHR
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yc/l/en_US/hO3BA8a1wP0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c7a121317262200d9082cf560cfbbde54765e199c9894f379d9a6c91e9a4ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fLd+H7q3ZlhbhsSj+trDGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139157
x-fb-rlafr: 0
x-fb-debug: kMwsd73mXUz/zVeLkeqToaUabGZ8ErugV1+QQ1eQIJuJv2xB2bMGGwL/4JiOVaE8THA9CRw24gKWBY7Bkv5C2A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 01 Apr 2023 02:55:53 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 201F 430 B
231 B 184ms
178ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&slotname=6803856480&adk=197138127&adf=1497320946&pi=t.ma~as.6803856480&w=728&lmt=1649063891&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fwww.proxysite.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890967&bpp=1&bdt=525&idt=201&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepEbr%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=TYAmbi4ktQ&p=https%3A//www.proxysite.com&dtd=205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ce0a1bebcea86305ae8fe32da98a3260654c0a69fa6fda1a1374f25bda366d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 09:18:11 GMT
expires: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF63 94 KB
32 KB 310ms
309ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&adk=1812271804&adf=3025194257&lmt=1649063891&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.proxysite.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890968&bpp=1&bdt=525&idt=209&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280%2C990x280%2C728x90&nras=1&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd3aa0cd4f2292da42bb8990ee457d4969e1f176656e4d9eb864ef9b28422cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33151
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 09:18:11 GMT
expires: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK button.aa5c8b3b99b08ae2f6493ea7d8cc8590.js Show response
platform.twitter.com/js/ 7 KB
3 KB 19ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.aa5c8b3b99b08ae2f6493ea7d8cc8590.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F9B) /
Resource Hash: 261cf8e55383415eceda39a856866ffd0b64fbb1a5be243e48b097c475ac7128

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Mon, 04 Apr 2022 09:18:11 GMT
Content-Encoding: gzip
Age: 307552
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 2293
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:48:55 GMT
Server: ECS (pab/6F9B)
Etag: "d0a23e7e0339812df29e0bc23fe13bd2+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.0af76c3310098d2f8f428367b62351b8.en.html Show response
platform.twitter.com/widgets/ Frame A299 32 KB
13 KB 20ms
20ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.0af76c3310098d2f8f428367b62351b8.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6F9B) /
Resource Hash: c395d306f173cb32e68acf4ecf179deddcddfb19b8d7e265c37522def3528411

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 307552
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12241
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Apr 2022 09:18:11 GMT
Etag: "f9ac47ef419be7a340744bc9713a364e+gzip"
Last-Modified: Thu, 31 Mar 2022 19:48:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (pab/6F9B)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
DATA 200
OK truncated
/ Frame A299 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 772F 67 B
105 B 73ms
46ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1649063891156&t_start=1649063891156&t_domcontent=1649063891175&t_layout=1649063891279&t_onload=1649063891279&t_paint=1649063891279&t_creport=1649063891279&t_tti=1649063891175&lid=7082675481833513641-0

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.facebook.com/v2.5/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1b7844d5d52494%26domain%3Dwww.proxysite.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.proxysite.com%252Ff296d04f2a23bc8%26relation%3Dparent.parent&container_width=105&href=https%3A%2F%2Fwww.proxysite.com%2F&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: iQbBLYzHdbTKWTMqlqr4tVbHKV3o4tOhIBTIxLnG43zWUUBReCstB37VUrSommpTQM9WapTHwkCZXvuo2qP0AQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 04 Apr 2022 09:18:11 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
356 B 132ms
131ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.proxysite.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1649063891375%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22f9f80a909a60b%3A1648751432723%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Mon, 04 Apr 2022 09:18:11 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 6441653d8a3ff5c9b3df275f4aab3ad7ea925c934fa24db8fb6e15fa84f7eae5
x-transaction: 203162813defa2ce
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/ 145 KB
51 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203290101/reactive_library_fy2019.js?bust=31066007

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab2d4484623a33050de5e23317626be91e0a554eb449ea09fb766aae5d4da871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52632
x-xss-protection: 0
server: cafe
etag: 14247324828841415543
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H3 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
122 B 82ms
41ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.proxysite.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 78ms
36ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.proxysite.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8AE 97 KB
34 KB 379ms
378ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1084&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6S3rk21YUl&p=https%3A//www.proxysite.com&dtd=30

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95c55194fb076e4bd63806f501caa5eb7ce01c3eb4bfd7e06706aa137c0894a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34323
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 09:18:11 GMT
expires: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 049A 430 B
232 B 494ms
491ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=90&adk=676745548&adf=3560341080&pi=t.aa~a.4080220755~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x90&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1083&idt=0&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0%2C1200x280&nras=3&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=jzqOyAltCP&p=https%3A//www.proxysite.com&dtd=42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b75c8d89030c148cd23d7dbcecc2fcc507c08a04d6cd85d7398604cfca333a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 09:18:12 GMT
expires: Mon, 04 Apr 2022 09:18:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 2724 9 KB
4 KB 109ms
25ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890962&bpp=4&bdt=520&idt=162&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=13007650835&frm=20&pv=2&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MOk2rOIOX2&p=https%3A//www.proxysite.com&dtd=181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 03:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 03:02:07 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 2724 8 KB
4 KB 109ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 19:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 19:34:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2724 8 KB
965 B 120ms
38ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 07:34:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 09:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 2724 2 KB
904 B 69ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:17:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 2724 19 KB
8 KB 106ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:17:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 2724 2 KB
1 KB 66ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:16:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2724 119 KB
37 KB 137ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 2724 15 KB
6 KB 107ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:13:35 GMT

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame 2724 29 KB
12 KB 62ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 96BF 9 KB
4 KB 106ms
28ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890966&bpp=1&bdt=524&idt=183&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5fF97hPze3&p=https%3A//www.proxysite.com&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 03:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 03:02:07 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 96BF 8 KB
4 KB 107ms
29ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 19:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 19:34:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 96BF 8 KB
1 KB 112ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 08:16:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 09:18:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 96BF 2 KB
904 B 34ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:17:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 96BF 19 KB
8 KB 107ms
30ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:17:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 96BF 2 KB
1 KB 33ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:16:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 96BF 119 KB
36 KB 155ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 96BF 15 KB
6 KB 128ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:13:35 GMT

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame 96BF 29 KB
12 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/ Frame 1EDA 10 KB
4 KB 28ms
28ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 33160
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 00:05:31 GMT
etag: 4044455266028820542
expires: Mon, 18 Apr 2022 00:05:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1EDA 0
0 79ms
75ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co_HV07dKYuSMDY_U3gO-oKyYCPPY0plpj5SJ6LEOzcTDtIkpEAEggfOTKWD7AaABkYPBiAPIAQKoAwHIA8kEqgTAAU_QB4lBxqnPAplAS5r_dyX3nLhseG5kZQWB5e9aeqHbo45G9kYG7KuvUyOedcWdgrGeD8DTOuzjYbU0fJXRHT02BriYj5QqcwiZlo308tcUlMmxZ_O43xi6-LjArkBxHYlRmA7_n4JaZsmRyys3nhk2seFRUvaxlhjQzYJuZBg64ZuqCq30WhUvIVIsONQJ90btq7_OLeq79BlEYZV_IKheloJyPR1G82EXPCSgxVLZ7KbYMa754jCtLythBhR-dcAEm9Te3NUDkgUECAQYAZIFBAgFGASgBgKAB9_4yTOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDe0APSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=ioGLhfw9WPs&uach_m=[UACH]

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 1EDA 19 KB
8 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:17:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:17:04 GMT

GET
H2 200 4201921531503782688
tpc.googlesyndication.com/simgad/ Frame 1EDA 21 KB
22 KB 61ms
58ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4201921531503782688?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qltd9ULY_blwMR6aHmCDjEPEMrU0w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a78e75714c5f86a5202ae4359e48db6db4e824de535fa76367cb666e22700de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:09:36 GMT
x-content-type-options: nosniff
age: 324515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21834
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 20:37:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 31 Mar 2023 15:09:36 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 1EDA 2 KB
1 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:16:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EDA 119 KB
36 KB 99ms
97ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 1EDA 15 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:13:35 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 1EDA 29 KB
12 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ad67d144ec3b03d42d7b919cc1610d4996a298a5826d6b4d4caf1e2cc80f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 06:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11953
x-xss-protection: 0
server: cafe
etag: 10221244845210318712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 06:58:57 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2724 0
0 79ms
75ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxWYB07dKYrHgDI3L3gOCg6OYD4vgrJxpspL64uIP7KCVvKAOEAEggfOTKWD7AaAB4t_SsyjIAQGoAwHIA8sEqgTOAU_Qm4yMPOztWKhws48spSlK7JkR66ZfUuidzIAJyFLbsWPn8HaOxEPM7AVMW5vTa8T8uxpCywG2_n8-a6vHCsKSx-juJr8FXrfqojjx4wmlqMLJPA7AvXtHLtJeNAKd5Fi44ZuMTYKK3CLexfArWXZwFgJ-9qdgpvkf2qp6AZxI2gayYQvT9uQD-atDn1iLmPN-gfotTpbcSLA2dLjUPw24SA673Cxfa5iCwBNkhXI6aP6456WHw74Rvz7bmO_gjJBnyGk0mgnp57CCpwNPwASp6LGu-wOSBQQIBBgBkgUECAUYBIAH4pejkwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDYjwPSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=IteajmRU8o0&uach_m=[UACH]&cid=CAQSGwCNIrLM12FIkDdmvLFFlycW_49tACVRWBlpZxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890962&bpp=4&bdt=520&idt=162&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=13007650835&frm=20&pv=2&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MOk2rOIOX2&p=https%3A//www.proxysite.com&dtd=181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C06E 143 B
163 B 30ms
28ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=2867599685&adk=3927345067&adf=3573213364&pi=t.ma~as.2867599685&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=3&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890962&bpp=4&bdt=520&idt=162&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&correlator=13007650835&frm=20&pv=2&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=191&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MOk2rOIOX2&p=https%3A//www.proxysite.com&dtd=181
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:07:14 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 96BF 0
0 76ms
75ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrkvF07dKYsLnDZWS7APJhpjgAovgrJxpspL64uIP7KCVvKAOEAEggfOTKWD7AaAB4t_SsyjIAQGoAwHIA8sEqgTRAU_Qg0NBxdX4YbtGmNJxgTQLs0kgfsDxQsB7tEFpq59823ofTh3KdpIVyPkXPaPJCQ5G_xaJzdnqc6JTaqUiobL1QYa-SJO1Fnr1FjIKuXDnXez43RqB2TbnP3lkZJ1hIMGUFiRvRYpUc14K1CkfwRq6huuIFt-ld91aZTG51D81v8OTtXt--uuL1RjEzCU737elhE2RThMKfXnlSqf3SRlcBH9ygRsK365Qmc6_Q2rfVsW5kKq8G3D5u1LhOHTARfRonP2BN6wVJn38IrV5sUIJwASp6LGu-wOSBQQIBBgBkgUECAUYBIAH4pejkwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDv8APSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTI3MTA1MjAzMzc3NjgxMRgA&sigh=EQOkZwlfSYw&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890966&bpp=1&bdt=524&idt=183&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5fF97hPze3&p=https%3A//www.proxysite.com&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 09:18:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Apr 2022 09:18:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B381 143 B
163 B 39ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&slotname=4344332884&adk=523175106&adf=1005968846&pi=t.ma~as.4344332884&w=990&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&psa=0&format=990x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063890966&bpp=1&bdt=524&idt=183&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&prev_fmts=990x280&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=702&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5fF97hPze3&p=https%3A//www.proxysite.com&dtd=186
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:07:14 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 32B8 143 B
163 B 25ms
25ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:07:14 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 96BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef2875688db6bec1089e738630f0c11c4b3371f77cd2c573c6c6d16a2b614f1d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1EDA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b85061d5bd6728e74e78e16551dc0e0c160a4bce29b40b7f704cf262b2a7b284

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2724 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f106248cf7d877d8bf371c41f5a611acbd0bb63cd73e0ac389579f540fcaec5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 96BF 28 KB
28 KB 276ms
24ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 469890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 2724 28 KB
28 KB 273ms
49ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 469890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C06E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

69ms
68ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:18:12 GMT
expires: Mon, 04 Apr 2022 09:18:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:18:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame A8AE 9 KB
4 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1084&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6S3rk21YUl&p=https%3A//www.proxysite.com&dtd=30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 03:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 03:02:07 GMT

GET
H3 200 00503a990ef139b9c679b68d30da2f64.js Show response
www.gstatic.com/mysidia/ Frame A8AE 14 KB
6 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/00503a990ef139b9c679b68d30da2f64.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03e8cab8d94137b2f39d2d432ccb7fea1bae757201413e3f1f22b1689aee232a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 22:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5923
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:46:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 22:37:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A8AE 8 KB
892 B 78ms
41ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 07:34:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 04 Apr 2022 09:18:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Apr 2022 09:18:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A8AE 2 KB
902 B 31ms
31ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:12:37 GMT

GET
H3 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame A8AE 6 KB
2 KB 33ms
28ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 28 Mar 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 555822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Jun 2022 22:54:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame A8AE 19 KB
8 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a1471ca7e22e8d7fbd213278b0ae7fb0aceb5315df9342f27b5c935f572a873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7837
x-xss-protection: 0
server: cafe
etag: 11989895151606364259
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:00:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A8AE 2 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:17:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 09:17:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A8AE 119 KB
36 KB 81ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 09:18:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame A8AE 15 KB
6 KB 32ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 08:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 1939740185073438140
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 08:43:06 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A8AE 0
0 189ms
33ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfx9yuiQES5kIWiBeqdbBcTjOSjBR-F00Ae__vwPQGjLT1QUuC3Yo9eQNhssmo0_TMkm_wOcK_2WJ5qxB35UwVtw8x_A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1084&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6S3rk21YUl&p=https%3A//www.proxysite.com&dtd=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 dfa9fdc9b45632ba17ba59fe64d4dcb5.js Show response
www.gstatic.com/mysidia/ Frame A8AE 29 KB
12 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfa9fdc9b45632ba17ba59fe64d4dcb5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 11:21:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12015
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 18:36:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 11:21:33 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B381
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

158ms
158ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:18:12 GMT
expires: Mon, 04 Apr 2022 09:18:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:18:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 32B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

93ms
93ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:18:12 GMT
expires: Mon, 04 Apr 2022 09:18:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Apr 2022 09:18:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame F98B 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220330/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 08:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 08:21:48 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13728309733131386975/ Frame A8AE 27 KB
27 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13728309733131386975/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d1b31786a5f401007de34a2c5486a001955e0ba242827f00a8f0fd4a562bf4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 17:05:19 GMT
x-content-type-options: nosniff
age: 231173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27771
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 14:44:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 01 Apr 2023 17:05:19 GMT

GET
DATA 200
OK truncated
/ Frame A8AE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A8AE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A8AE 0
0 71ms
68ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZWuc07dKYvq1Jeas7AOJ9ZrYCrWl755p5NjWmcwPChABIIHzkylg-wGgAfzjzs8DyAEJqQLY4aKjCImyPqgDAcgDywSqBMEBT9C7RG6cj50DY3n_kcockPCrSmpRTHEVfXlwcein2DT24DYFbrPrPj07DPDwndqt6vmxM7zAqgooj6zl8TJZbZCdTsscWdA0bxP1vX07RqKX77Q42PqHJB9LPTz5C0ZcEWqJ8ZOsaHINn3E6OcK2KwzVCVQemiWT-aawOh5H9G_hnrTD8CPS5_UDLTRjzUt9skeIzMlZwe-MBtIPCrXqd6DjQoccvvKHIq5eZuuabDIKq2WI7UBW-B-2QrVrBIh45sAEz534pcIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-ybsTCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDQnAPSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBmBYBgBcBshccChoIABIUcHViLTUyNzEwNTIwMzM3NzY4MTEYAA&sigh=Bjs_Zsd1-9I&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1084&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6S3rk21YUl&p=https%3A//www.proxysite.com&dtd=30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 04 Apr 2022 09:18:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0220 1 KB
749 B 25ms
25ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 71520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 04 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A8AE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a28939c5d367c7da6c9d0f863c432cf086e85241b313609258f91ceb735eae82

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0220 35 B
464 B 88ms
26ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAVxSmebKk7tkBk9sZQlN2I&google_cver=1&google_push=AYg5qPKoesmB7v-fQi92E2aryVZ9oDEywiJaNuYgZtKjJcYnkVNDDDdVIH5dY5_GxCoUYr8oIxUvkWLpU7la0MTOThwnhrBnJ94

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0220
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI3PlRHqvnpX5JOJsR5aDx-DfRagbxEw5XRLV10oHlBwV5-rMbBPTFMN3hykHucw61obfRWC9s9Qt0UQ_Zm-v3GTzW2KBr0&google_gid=CAESEMEg5t8zMZt6Edrv1FP6sqg&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTvqpIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJM1BsUkhxdm5wWDVKT0pzUjVhRHgtRGZSYWdieEV3NVhSTFYxMG9IbEJ3VjUtck1iQlBURk1OM2h5a0h1Y3c2MW9iZlJXQzlzOVF0MFVRX1...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUFA0TDFnTmdsZk50eXVvcWZVR3daVFI4X3g1NTF6S2dUTEtGMnFQNUJqWQ==&google_push

170 B
329 B

41ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUFA0TDFnTmdsZk50eXVvcWZVR3daVFI4X3g1NTF6S2dUTEtGMnFQNUJqWQ==&google_push

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 04 Apr 2022 09:18:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUFA0TDFnTmdsZk50eXVvcWZVR3daVFI4X3g1NTF6S2dUTEtGMnFQNUJqWQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 0220 43 B
351 B 68ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJqsphN5qpBdehGNPATl1II&google_cver=1&google_push=AYg5qPKCXQdTJe215YNR803TCbQSni-N_J_2RVaHBMBP21wwdQNMRJ2qkMbP0E71zmEzLdPVqvaxIKdxKWBQYgdA2tE_G3GLVqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271052033776811&output=html&h=280&adk=3625593270&adf=3099719705&pi=t.aa~a.4226026281~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1649063891&rafmt=1&to=qs&pwprc=8717720231&psa=1&format=1200x280&url=https%3A%2F%2Fwww.proxysite.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1649063891526&bpp=1&bdt=1084&idt=-M&shv=r20220330&mjsv=m202203290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0579a301ea74b3a6-22c148d36dcd004c%3AT%3D1649063891%3ART%3D1649063891%3AS%3DALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ&prev_fmts=990x280%2C990x280%2C728x90%2C0x0&nras=2&correlator=13007650835&frm=20&pv=1&ga_vid=1125341721.1649063891&ga_sid=1649063891&ga_hid=1209295047&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1451&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065545%2C31066007%2C21065725%2C31064019&oid=2&pvsid=1451503873070789&pem=684&tmod=1259685905&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=6S3rk21YUl&p=https%3A//www.proxysite.com&dtd=30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:12 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ukgmv1841ac74org57qoo036ufbev6gk

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0220
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D5SHknEuS-6_hhGoWzGa_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D5SHknEuS-6_hhGoWzGa_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKWUmyeGya-HSjHwOcvk1uNw8j6jntDdII1MKlseViZ3q7etWCqyWaqvtGCWKDKDLOGzPEpXXrA2Xtj2JFNJN0nmap9dpg_

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D5SHknEuS-6_hhGoWzGa_A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKWUmyeGya-HSjHwOcvk1uNw8j6jntDdII1MKlseViZ3q7etWCqyWaqvtGCWKDKDLOGzPEpXXrA2Xtj2JFNJN0nmap9dpg_
date: Mon, 04 Apr 2022 09:18:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0220
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH7o-IstQIdwsFFSQjSDJm8&google_cver=1&google_push=AYg5qPIxAjiPTXHm4ymm224MvSFGJFf8nYiJazdt5JKzcvTnfGykw1KuXkpC1seFMzCv95MxL6H...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLSTJBWDYtMUUtM0k2WQ==&google_push=AYg5qPIxAjiPTXHm4ymm224MvSFGJFf8nYiJazdt5JKzcvTnfGykw1KuXkpC1seFMzCv95MxL6HBRAeQGnVrRZiUFUE7E9ZWN8Q

170 B
188 B

78ms
41ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLSTJBWDYtMUUtM0k2WQ==&google_push=AYg5qPIxAjiPTXHm4ymm224MvSFGJFf8nYiJazdt5JKzcvTnfGykw1KuXkpC1seFMzCv95MxL6HBRAeQGnVrRZiUFUE7E9ZWN8Q

Requested by

Host: www.proxysite.com
URL: https://www.proxysite.com/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFLSTJBWDYtMUUtM0k2WQ==&google_push=AYg5qPIxAjiPTXHm4ymm224MvSFGJFf8nYiJazdt5JKzcvTnfGykw1KuXkpC1seFMzCv95MxL6HBRAeQGnVrRZiUFUE7E9ZWN8Q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 0220
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuO...

0
0

GET googleredir
googlecm.hit.gemius.pl/ Frame 0220 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0220 0
223 B 125ms
49ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjFoW4lPbaPpM7Eear09yjFnwG6E3tOg1pPFjlaPX9mGY8_qUyWjAZwkNS3T_5gPM_Gr_A4g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame A8AE 28 KB
28 KB 60ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 469890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Mar 2023 22:46:42 GMT

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame BC64 35 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 08:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 08:21:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8AE 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgpICAQqRG15c2lkaWFfYW5hbHl0aWNzX2V4cDMscGVyZl92aWRlb19jb250cm9sXzVwLHBlcmZfdmlkZW9fY29udHJvbDJfMTBwCg0QKyEAAAAAAKBiQDAECg0QAyEAAAA0M9uDQDAECg0QCiEAAAAAkJnZPzAECg0QDSEAAAAAwJm5PzAECg4QHioIMTIwMHgyODAwBAoOEBkqCDEyMDB4MjgwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAADQz44NAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAAGNAMAQKDRAFIQAAAJqZ5YNAMAQKDRAQIQAAAADg5-BAMAQKDRARIQAAAAAA6sxAMAQKDRASIQAAAAAAABRAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAADQz34RAMAQKDRAUIQAAAACwufJAMAQKDRAVIQAAAAAAAC5AMAQKDRAWIQAAAAAAABhAMAQKDRAYIQAAADQzI4pAMAQSGkNMcnI0dHVKLXZZQ0ZXWVdld29kaWJvR3F3Igl0ZXh0L3J5dWsoFQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/00503a990ef139b9c679b68d30da2f64.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9474 35 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 08:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 08:21:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A8AE 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoKCAEqBmJhbm5lcgoKCAIqBnNlcnZlcgpICAQqRG15c2lkaWFfYW5hbHl0aWNzX2V4cDMscGVyZl92aWRlb19jb250cm9sXzVwLHBlcmZfdmlkZW9fY29udHJvbDJfMTBwCg0QMiEAAAAAAADgPzAECg0QMyEAAAAAAADgPzAECg0QNCEAAAAAAADgPzAECg0QNSEAAAAAAADgPzAECg0QNiEAAAAAAADgPzAECg0QNyEAAAAAAADgPzAECg0QOCEAAAAAzcwSQDAECg0QOSEAAACYmel3QDAECg0QOiEAAADMzBx4QDAECg0QOyEAAADMzNyEQDAECg0QPCEAAADMzNyEQDAECg0QPSEAAAA0M9-EQDAECg0QPiEAAABmZtKJQDAECg0QPyEAAABmZtKJQDAECg0QQCEAAABmZjKKQDAEEhpDTHJyNHR1Si12WUNGV1lXZXdvZGlib0dxdyIJdGV4dC9yeXVrKBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/00503a990ef139b9c679b68d30da2f64.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 84ms
40ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220330&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10e8ab5fece9e1a9dc08ae624fabbbdcd2a1de8b1fbda8c45e6141d551a5f46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 04 Apr 2022 09:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10629
x-xss-protection: 0

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame D073 35 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 08:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 08:21:48 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 09:18:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDCD 13 KB
5 KB 25ms
25ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 2746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 08:32:26 GMT
expires: Tue, 04 Apr 2023 08:32:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C4E1 783 B
535 B 74ms
37ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c95720313e22fb5b05298e4cff6635bbc5527fd9d34e8f1688dc0d3f50a81c04

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o+s2e8N/8dXckxVD6QEcAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-o+s2e8N/8dXckxVD6QEcAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Apr 2022 09:18:12 GMT
expires: Mon, 04 Apr 2022 09:18:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js Show response
pagead2.googlesyndication.com/bg/ Frame CDCD 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 08:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Apr 2023 08:21:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C4E1 0
0 77ms
77ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220330&jk=1451503873070789&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1EDA 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwlkVVYnl9EU1_UwOAt2doZA1gWpyu5VgMin4IZMU-JLq4lFnYsmLbYlg3fJYqEqJ-CVVeD7Zqt3ZKIdCaFFE2Kd0fPam9sWNcEgBHtRTYRR1X0G_SFQ&sai=AMfl-YQbqkHIG944YxqXN_mS1ekK6LqI29CNSz1dBt7RtGv413yDr4QbwZZPfcejiBBg7I0BDueSeKAGP-YN&sig=Cg0ArKJSzCq3o3Yfj_VGEAE&id=lidar2&mcvt=1007&p=0,0,124,1005&mtos=96,744,1007,1051,1093&tos=96,648,263,44,42&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649063891650&rpt=260&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CDCD 0
9 B 28ms
27ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yUJOZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 04 Apr 2022 09:18:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2724 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4sWTNOu5M3qq0djORVmFWlMFkWlmy8fFt1dUXfEy3G7LR0LYjyRuwJFvJwynW9YbBdfZIuVrDAKDfT-bs9oWHoxHt2ld90VS7nt3GGaKkzKJLwmg4ZA&sai=AMfl-YR8aLs4DAknNzYoG0HHCg3GrE4LoEYha7T4SDynM1BEJwTxPbPMtktigvudiC12DzWYOKiXd2ZJW73z&sig=Cg0ArKJSzOxOiRGBKkVXEAE&cid=CAQSGwCNIrLM12FIkDdmvLFFlycW_49tACVRWBlpZxgB&id=lidar2&mcvt=1000&p=0,0,280,990&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3927345067&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649063891145&rpt=1229&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 96BF 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqo_kTlwQPVL4D5Waw3yLIK7xP-Bs7O91joZrSmtysugB9SnA8f2w0tVpI3GvbjJYR6RoPNhyoR4XDkbEsnwES7RbMJDGgv_EOrkCRAClUh9HS5QBk-g&sai=AMfl-YSAmh1lCsaw5Kus5NC-S9vfexZ-tXlCedA8-IF63xhMyDGBEPWACOSW1aM6QX_6SX06dRPD4-1L1JL5&sig=Cg0ArKJSzKXkCoOjmF6cEAE&id=lidar2&mcvt=1001&p=0,0,280,990&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=523175106&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649063891153&rpt=1433&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220330&jk=1451503873070789&bg=!REelRwPNAAZku-1yRLs7ACkAdvg8Wmemlueqpab1c-15il6tyoYngl_Y_taLYTlxQM6bDoUT0WFRCwIAAABqUgAAAAJoAQcKALeygzdZbWD3V8aTckx7WGa_SeSWdjXdOsqctbO_jCDndoR6Sg8GwXjZq8s7unmA-d_v5dGm7_C8hKQRm4taM20N1GoNjnL15byxDXNxDs9DQlAHd89x_DheqXj263LMX7WfV_FX-Dz0fJn5lrQqnXOgmKLLOIpaxURtdCnzwSRc9T0hzq4m-jzpq_6ia-WpplQpSbLNL0w5aJDsMda4P21CUg-m7QLT45q7d-56PINd979gPWLRX6yZAuC3fjc0j9kHMzCESpn9pr2d6z6SYFI0A-9Ptm17wM41-5z64joB897e5l71nJCeZV-lH6X6V_lZWxcaNpcSw4wimUmccNRrBBTTROiJ_YMz3fIQXo-pyQdQgiE1yDpvhoCHVou5h4CGzjOviWOsMDHkXZYqwMyaQWfENJguFeF_2PSzj8DjXJlspPvcC4pLe7Smg4dP16VUS-y4vNRBhMXYXiYTGO5APTnaKXg_AwjKoMuvcjQziBNUTUUINzaTbd5aOjSSohz5NlDC9SLLxM4c_5d1jF0DDFSMV6EHDAf255i2BuOQTW-YPG_4oSa6ow8XcTXm4YTKPRDby5C2FpwZGTcDU6aCM1CaurJJLYtFb7OG2EwYtx7bvfsTosumL-_OnG79R1G_-NXw-ahWBMH8ov30WEbkSaWSLGf3y3st1BFyhQr5Nn0Gp7rdRbP2Hr5Oh-l8RnrXduSQarV4K3OLAuurCcQ4iBA-WF2xSXQuQGA07nuYUkg4s-EmKXtyCg3nEr5hp3tl2yDWy6HQHVfYanFn0RNM-IrBTFwXFv6TVjtiMvUiJkclwqaDT2yYka2_efHc3AaPkpfLuuEY3EMP7j4h-jYnAx3KQzMgfpzCaljTj6uRqPrbkr6cWSuVm5vXUyLGLh9dlF_emuy5xO6KzPDcyKFX_PlVKZxW-tJqiIzoqjpEzuYCR5oKBHr7dnqk4YaImWX7ctc_9jX7FeCmcgR983V4I7XN0bpGUNvZfxt65IjIeTPzVfXzarxu1GGB3Ef1XktwPjKAbXKmRd8w3EbymPcNUO59o51_8zVyBL6taIApZ1-9tzBK7tDch2KPm_R0X-j9lJ2Zg3pMSSVq2f5Vzq65spu5oijLz7mUyqpdJ_jOa9rh_1WXHbvLMxE49RSAtiI7oogQfDnXwu9Tmh4hesVWiay3VS6zrjY5KNXR6y2DwzwDivu9tdtPhMs1Fp_Js1PMZerBTlEPpX9o

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.proxysite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Apr 2022 09:18:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEmD2PAjtN0O6fkHoHG8QSY&google_cver=1&google_push=AYg5qPKnCq4R1aMwhRN7oi3dMeg4-wkMKM0VXs1MktZ2a40fcJ4X87ujSuDqKbFSywjOyKIq1GOvR9fQ3YuyLaKzljiEqvR46KHj5A

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eu3.proxysite.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ppj4lup21dc06ts4ifcm3vsdb7
www.proxysite.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9mfcmdlnum74uh83aq5fvhjoi1
www.proxysite.com/	1970-01-20 10:49:59	Name: hl Value: en
www.proxysite.com/	1970-01-20 02:14:28	Name: AWSALB Value: PnGUqvDeGjmphgqMmrQqtVXxcwzkMt/ki3KM2OWQpgnyDnv1BdA4UFeVY9tdsM47unqeUWQNKJ2+DMmoGo2qgmHNYdOI2PDATKDxDvf3HPgBMviASv/MXZYJoCYV
www.proxysite.com/	1970-01-20 02:14:28	Name: AWSALBCORS Value: PnGUqvDeGjmphgqMmrQqtVXxcwzkMt/ki3KM2OWQpgnyDnv1BdA4UFeVY9tdsM47unqeUWQNKJ2+DMmoGo2qgmHNYdOI2PDATKDxDvf3HPgBMviASv/MXZYJoCYV
.proxysite.com/	1970-01-20 19:35:35	Name: _ga Value: GA1.2.1125341721.1649063891
.proxysite.com/	1970-01-20 02:05:50	Name: _gid Value: GA1.2.1757120046.1649063891
.proxysite.com/	1970-01-20 02:04:23	Name: _gat Value: 1
.proxysite.com/	1970-01-20 11:25:59	Name: __gads Value: ID=0579a301ea74b3a6-22c148d36dcd004c:T=1649063891:RT=1649063891:S=ALNI_MaoluF1mfh3GPJ-1_BdUzAE1jORYQ
.doubleclick.net/	1970-01-20 11:25:59	Name: IDE Value: AHWqTUlIssIhrZP84zywmFuaxAYZZe8zsobfVg5ohJH5qAbLpId0Dljad0ONxuFyMgY
.doubleclick.net/	1970-01-20 02:04:27	Name: DSID Value: NO_DATA
.rlcdn.com/	1970-01-20 10:49:59	Name: rlas3 Value: 7UtZFSrY6WfrTXY4u0aGpXAYQ0HxEBkc69awyuBj3s4=
.quantserve.com/	1970-01-20 04:13:59	Name: d Value: EFQBCQHpJYEA
.quantserve.com/	1970-01-20 11:34:38	Name: mc Value: 624ab7d4-5e4cb-a3bd6-1301a
.rlcdn.com/	1970-01-20 03:30:47	Name: pxrc Value: CNTvqpIGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 10:49:59	Name: CMID Value: Ykq31DHw-aYxUcCIGk6EDwAA
.casalemedia.com/	1970-01-20 04:13:59	Name: CMPS Value: 1214
.casalemedia.com/	1970-01-20 04:13:59	Name: CMPRO Value: 1205
.casalemedia.com/	1970-01-20 02:05:50	Name: CMST Value: Ykq31GJKt9QA
.pubmatic.com/	1970-01-20 02:05:50	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:13:59	Name: KADUSERCOOKIE Value: 0F948792-712E-4BEE-BF86-11A85B319AFC

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEmD2PAjtN0O6fkHoHG8QSY&google_cver=1&google_push=AYg5qPKnCq4R1aMwhRN7oi3dMeg4-wkMKM0VXs1MktZ2a40fcJ4X87ujSuDqKbFSywjOyKIq1GOvR9fQ3YuyLaKzljiEqvR46KHj5A Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ykq31DHw_aYxUcCIGk6EDwAABLUAAAAB&google_gid=CAESEKEzshPUeL4xLm2uBQ0Y-WQ&google_push=AYg5qPIXRHKhZ_xn-YLnsSttHrKYgr0Tk-H7cLNCami-a7khEuOcjvTsW09Gz1T2vmi7ikbijR04yhIZ8MzDAqHc17jC4Tlf91XF&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
eu3.proxysite.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform.twitter.com
rtb.openx.net
static.xx.fbcdn.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.proxysite.com
cm.g.doubleclick.net
googlecm.hit.gemius.pl
104.244.42.200
142.250.185.226
142.250.186.98
178.33.33.138
192.82.242.209
2606:2800:234:59:254c:406:2366:268c
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.225.91.178
35.227.252.103
35.244.174.68
69.173.144.139
030ead34eeb8aed5d086ad672fc85b904b10a2cc267e8479ffba29ad199512ab
036a97f58ae41233cce615d76fb5511d15d9db41201bae08f0099eeb07faec28
03e8cab8d94137b2f39d2d432ccb7fea1bae757201413e3f1f22b1689aee232a
066868c0fe17d448e7e4a20b3f7c67b5df12fdcf0d3f0278bab1713757c30070
0ac9094e17f405afb1a4cb915170e1051a048db8597a64460222f03fab4dcc76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10e8ab5fece9e1a9dc08ae624fabbbdcd2a1de8b1fbda8c45e6141d551a5f46e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
261cf8e55383415eceda39a856866ffd0b64fbb1a5be243e48b097c475ac7128
2f1513a46b73f5ada51bafe9acd73abc1489f912de163236e4b6480a8311fb18
35d4a453929aeb9cb4ca18e20087e72d2b251d050a6a7ec20931c152049d341f
3c2b5f176572b72ebd54f1b355c9445275fe6d1f01fd796c026eca0e85443c0d
3cee69d07c93d87ecbb03f206ddb86c9d4ba12638a18ed177de725be2eb8333a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4ce0a1bebcea86305ae8fe32da98a3260654c0a69fa6fda1a1374f25bda366d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5054a54db3ef08ce6320ae9a8d59ca6e4d6f0c66b5cd92a03caccf9d0448040a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b75c8d89030c148cd23d7dbcecc2fcc507c08a04d6cd85d7398604cfca333a3
60738e0c21e145c63411dab779e72942f078ede817a5cdf57466ef0e61ff8d49
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651dfe42114ec91ccb8c752a7b553983cf96e26df02411a49cddcf734fc61a87
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
724acb468e6daf873120d385f6717f09d84ffb51b33c81cb135597dad94ab4d7
770da7643a54e06b63d0c10b9386c21eebe7fe791bbd43e760a9f763aa95d26f
7a1471ca7e22e8d7fbd213278b0ae7fb0aceb5315df9342f27b5c935f572a873
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7f106248cf7d877d8bf371c41f5a611acbd0bb63cd73e0ac389579f540fcaec5
7ffcb15458cc6d82ade6166ddb0788afe839679e06d01368d615e8f2c0c6a5f1
8a78e75714c5f86a5202ae4359e48db6db4e824de535fa76367cb666e22700de
938bb7a4fe2818088711d433b38bb086516f778d8614faaf479ac89cf62968ec
9428518d1b1c9e441b6dcf1effddc210ce3ab2d1e0913be29695e907b4c82c43
95c55194fb076e4bd63806f501caa5eb7ce01c3eb4bfd7e06706aa137c0894a4
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7a121317262200d9082cf560cfbbde54765e199c9894f379d9a6c91e9a4ff4
9d1b31786a5f401007de34a2c5486a001955e0ba242827f00a8f0fd4a562bf4d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28939c5d367c7da6c9d0f863c432cf086e85241b313609258f91ceb735eae82
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
aa0992b4e17a3324d53313c014452f8636a4c6b1b84d3187886c386140911535
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab2d4484623a33050de5e23317626be91e0a554eb449ea09fb766aae5d4da871
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
b85061d5bd6728e74e78e16551dc0e0c160a4bce29b40b7f704cf262b2a7b284
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c395d306f173cb32e68acf4ecf179deddcddfb19b8d7e265c37522def3528411
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c82a58123e9f042fb6f68695578cff668b16b22915e0a8cb8acca14741df2bac
c95720313e22fb5b05298e4cff6635bbc5527fd9d34e8f1688dc0d3f50a81c04
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d1d674a7abe3d97fae34625b0f3beb0e68550d8db6ab4b199789fca7a83d1b96
d203674db600008e19567c31f491004256d89e93d4c5e42b6c8b7cb2abc9cfc1
d3e702d6ca7d0aec0137685efe52fbbb19a15a4327e10d4afbdb73cf41c14312
d3f154bd52d039a8d725c3a790c0887142a2963f09b28c6280e4629ca8521e93
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b
dc2261fa7fc402f3869461ab510796c6a45c58b4910d7eaaf674bfefd5274e6c
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ad67d144ec3b03d42d7b919cc1610d4996a298a5826d6b4d4caf1e2cc80f24
eaee2371582b8c319e9f7b6432b570d1c7cc5bda80a6d7819521c6df355c3f9b
ecb0a51c8bccd33964654ecedc1115640eec2c15b217d843df9ed2c36d358060
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
eea3e4c3a1a98ace4a4c0c8e73b5a3e6578e3a2b5e2b71dd964c718ba8e4112e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2875688db6bec1089e738630f0c11c4b3371f77cd2c573c6c6d16a2b614f1d
fcea43c8af952847c41a0c3bc7d405e698f757c327bc942ea55727be2a569682
fd3aa0cd4f2292da42bb8990ee457d4969e1f176656e4d9eb864ef9b28422cbc

www.proxysite.com Open in urlscan Pro 34.225.91.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

96 %HTTPS

61 %IPv6

20 Domains

26 Subdomains

20 IPs

4 Countries

1439 kBTransfer

3825 kBSize

21 Cookies

7 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.proxysite.com Open in urlscan Pro
34.225.91.178 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

96 %
HTTPS

61 %
IPv6

20
Domains

26
Subdomains

20
IPs

4
Countries

1439 kB
Transfer

3825 kB
Size

21
Cookies

122 HTTP transactions
7 data transactions