urlscan.io logo urlscan.io
SecurityTrails logo

rentry.co Open in urlscan Pro
51.158.178.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rentry.co/8zstt
Effective URL: https://rentry.co/8zstt
Submission: On February 22 via manual from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 6 countries across 18 domains to perform 89 HTTP transactions. The main IP is 51.158.178.115, located in Paris, France and belongs to Online SAS, FR. The main domain is rentry.co. The Cisco Umbrella rank of the primary domain is 333552.
TLS certificate: Issued by R3 on January 30th 2022. Valid for: 3 months.
This is the only time rentry.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 51.158.178.115 12876 (Online SAS)
1 143.204.101.202 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.194 15169 (GOOGLE)
4 143.204.95.188 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 51.89.7.199 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 142.250.185.226 15169 (GOOGLE)
3 5 72.247.225.98 16625 (AKAMAI-AS)
2 3 185.33.221.90 29990 (ASN-APPNEX)
19 2a00:1450:400... 15169 (GOOGLE)
7 72.247.226.64 16625 (AKAMAI-AS)
1 35.177.223.149 16509 (AMAZON-02)
1 34.252.133.182 16509 (AMAZON-02)
7 23.58.219.40 16625 (AKAMAI-AS)
89 27
5    51.158.178.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: rentry.co
rentry.co
1    143.204.101.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-202.fra50.r.cloudfront.net
dsh7ky7308k4b.cloudfront.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
4    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
11    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
1    51.89.7.199 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p21.id5-sync.com
id5-sync.com
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
5    72.247.225.98 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
19    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    72.247.226.64 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    35.177.223.149 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-223-149.eu-west-2.compute.amazonaws.com
geo.moatads.com
1    34.252.133.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
mb.moatads.com
7    23.58.219.40 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-219-40.deploy.static.akamaitechnologies.com
havasfrorangedcmdisplay758646212611.s.moatpixel.com
Apex Domain
Subdomains		 Transfer
19 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
108 KB
18 googlesyndication.com
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
99 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
191 KB
9 moatads.com
z.moatads.com — Cisco Umbrella Rank: 330
geo.moatads.com — Cisco Umbrella Rank: 588
mb.moatads.com — Cisco Umbrella Rank: 567
px.moatads.com — Cisco Umbrella Rank: 390
111 KB
7 moatpixel.com
havasfrorangedcmdisplay758646212611.s.moatpixel.com — Cisco Umbrella Rank: 239406
2 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
4 KB
5 rentry.co
rentry.co — Cisco Umbrella Rank: 333552
76 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 355
mug.criteo.com — Cisco Umbrella Rank: 3197
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
41 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
3 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1505
id5-sync.com — Cisco Umbrella Rank: 493
11 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
38 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 33045
792 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1595
17 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
37 KB
1 cloudfront.net
dsh7ky7308k4b.cloudfront.net
113 KB
89 18
Domain Requested by
19 s0.2mdn.net rentry.co
s0.2mdn.net
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
7 havasfrorangedcmdisplay758646212611.s.moatpixel.com fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
6 px.moatads.com fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 rentry.co 1 redirects rentry.co
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 c.amazon-adsystem.com rentry.co
c.amazon-adsystem.com
4 securepubads.g.doubleclick.net rentry.co
securepubads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net rentry.co
2 googleads.g.doubleclick.net fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
rentry.co
2 www.google.com tpc.googlesyndication.com
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
2 fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 mug.criteo.com rentry.co
2 gum.criteo.com 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 mb.moatads.com z.moatads.com
1 geo.moatads.com z.moatads.com
1 z.moatads.com s0.2mdn.net
1 www.googletagservices.com fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
1 id5-sync.com cdn.id5-sync.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.fr securepubads.g.doubleclick.net
1 cdn.id5-sync.com rentry.co
1 secure.cdn.fastclick.net rentry.co
1 www.googletagmanager.com rentry.co
1 dsh7ky7308k4b.cloudfront.net rentry.co
89 29

This site contains links to these domains. Also see Links.

Domain
gofile.io
tei.ai
fakeword.org
Subject Issuer Validity Valid
rentry.co
R3		 2022-01-30 -
2022-04-30		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh

This page contains 8 frames:

Primary Page: https://rentry.co/8zstt
Frame ID: D8AE2600FBC306AFD3BB8942E78A59BC
Requests: 25 HTTP requests in this frame

Frame: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ABE925D1AA2BA27535A0C8B1CC34FBF9
Requests: 1 HTTP requests in this frame

Frame: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B37FA246953AD706F865010E29308FA2
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D95B84C85CBF9DF897EBC795FB982305
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C660FE18DE3D78EBF6EA12B2E32A354
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGIv-s8EBMAE&v=APEucNU7asSYAIgR4v6zd7jeNTM3hXftbXbJ07-1yU0o-NSGgDQjZDWbUqpfNy0un-6PSnAqzd9U0AcKoUIwxR2Mz-rgrAQW9QYmDhYXZiREPGadK7JB6j7qEIBpV207whjp2QhuN3zbbD6jc4Hnd52aY0_-WmBpXjZogCFsPsX-VREDSrGEr5GZonoDDMYA-oRrGGX55gAOlmhwXSyJbKFvFJFkjYDciA
Frame ID: B47AA782CDC7FC1B4C38688F03A65DE8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 837C1D2ABF44345B70CC56DC70237882
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Frame ID: 45EA900B11246C80D40507C90F4A40D6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Link: https://gofile.io/d/DcEG9t

Page URL History Show full URLs

  1. http://rentry.co/8zstt HTTP 301
    https://rentry.co/8zstt Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

93 %
HTTPS

42 %
IPv6

18
Domains

29
Subdomains

27
IPs

6
Countries

868 kB
Transfer

2437 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rentry.co/8zstt HTTP 301
    https://rentry.co/8zstt Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frentry.co%2F&domain=rentry.co&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=iKScdXxFSEd6S0daTUlMdS9tSjZQSkxVUEZGK0RPR1dIQVlWdHlhczRjM2UzV3VQRVc0OWRzUGtSV2NFV1EzcHlRUC9Kc2wrbkNoeXYwTFZFNFRRZENTTXJZYThJSDgrQXJtZGdiMCt6dFZzNXpUTFRiVUNLUXc3NllrSHNENS8yRzdwQ3hVNEpzdU1PRHR1QWprQzRleXZpNU9WeFllbFRFYUJHamlQU3NoZ05WV3V1ZlMyODBKdkVKcllKd281by9WTjBLREd4cHNCVm5pOGNLV0Nra2tUQkZBQVBaaWlWOHNJRWdKa2MrcDVLRU1NPXw&cppv=2
Request Chain 38
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxpdufB46sRvsnehrVuN60&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxpdufB46sRvsnehrVuN60&google_cver=1&C=1
Request Chain 39
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhVS-BPh8-1mE0U9JIshpgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECz8pFSjeMpT4dgzUkVHqJY&google_cver=1
Request Chain 40
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMrA9hRFAEtoVC6Y05SuWvI&google_cver=1
Request Chain 41
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5ODU0Njk5ODU0OTI2Mzk3NQ%3D%3D

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8zstt
rentry.co/
Redirect Chain
  • http://rentry.co/8zstt
  • https://rentry.co/8zstt
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
rentry.co
Software
/
Resource Hash
cf270a27aec72d6d60f71684857ea58df1f6fc3600a5ee9ac84b71014628ffbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
cache-control
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

Server
nginx/1.17.10 (Ubuntu)
Date
Tue, 22 Feb 2022 21:17:47 GMT
Content-Type
text/html
Content-Length
179
Connection
keep-alive
Location
https://rentry.co/8zstt
rentryco.min.js
dsh7ky7308k4b.cloudfront.net/publishers/ 		294 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dsh7ky7308k4b.cloudfront.net/publishers/rentryco.min.js
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-202.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2e305217aedbb800239d44c960dbad8d94d9773e428a35141221d54e5bb9691

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 12:15:49 GMT
content-encoding
br
age
6512518
x-cache
Hit from cloudfront
x-amz-meta-ctime
1639052119
x-amz-meta-mode
33188
last-modified
Thu, 09 Dec 2021 12:15:20 GMT
server
AmazonS3
etag
W/"29f197e15670235a11b4e45865c91b4b"
x-amz-meta-uid
0
vary
Accept-Encoding
x-amz-meta-gid
0
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
1huQRVAet6ePizvpJKaCxZzkulGcHIvOTGsNkd1qIpmWGaEgur_DwA==
x-amz-meta-mtime
1639052119
bootstrap.min.css
rentry.co/static/css/ 		172 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rentry.co/static/css/bootstrap.min.css?v=67
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
rentry.co
Software
/
Resource Hash
0f1e31d197fbbf008b19ffaf62195cbc52f1cd661a5d944df0c21b4f50eaa171
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/8zstt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Oct 2021 22:50:23 GMT
etag
W/"616dfa2f-2b144"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-102083007-1
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5274206974a264d388d56235a6bf20fb09bd8b6ecb8f341f785d1a50745c58d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37313
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Feb 2022 21:17:47 GMT
jquery.min.js
rentry.co/static/js/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rentry.co/static/js/jquery.min.js?v=11
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
rentry.co
Software
/
Resource Hash
85f9b3868ce1bfaf386ed00ed4dcb4ef320c7a9a758025cd703f2e82bd616cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/8zstt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Oct 2021 22:50:23 GMT
etag
W/"616dfa2f-16516"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
rentry.co/static/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rentry.co/static/js/bootstrap.min.js?v=11
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
rentry.co
Software
/
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/8zstt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 18 Oct 2021 22:50:20 GMT
etag
W/"616dfa2c-e2d8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
strict-transport-security
max-age=31536000; includeSubDomains
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
c618343ed48a9c28f562581c15a741659ce24598d912fdd6ffd90fa085c23f66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27617
x-xss-protection
0
server
sffe
etag
"1140 / 151 of 1000 / last-modified: 1645531653"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Feb 2022 21:17:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding
gzip
etag
c1da564f59b83b9805e8df92eca012f5
age
603
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1VSNFRSYZ587FTX6BKC1
date
Tue, 22 Feb 2022 21:17:47 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Xpn_hx1rdN6sEmnyGYHoOgFWikwL5biD9mfJKO-qXH0n2yOytwkXfQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102083007-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4375
date
Tue, 22 Feb 2022 20:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 22 Feb 2022 22:04:52 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		619 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frentry.co&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
33685e0552d6dde5163a22558998f88807afbbac4df14efac987cdbcaff4144f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 20:53:36 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server
Server
age
1451
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rentry.co
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
content-length
619
x-amz-cf-id
lix1lL1GFhZl3Vtq8msaPATHwIaKmgrVeBZtJAx1n23dNBv3s6pxPQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frentry.co%2F8zstt&pid=eps5btfTRYhx4&cb=0&ws=1600x1200&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-rentryco39066%22%2C%22s%22%3A%5B%22728x90%22%2C%22750x300%22%2C%22750x200%22%2C%22750x100%22%2C%22930x180%22%2C%22970x250%22%2C%22970x66%22%2C%22970x120%22%2C%22970x90%22%2C%22980x250%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F8095840%2C22521492683%2F.2_A.39066.10_rentry.co_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rentryco39196%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8095840%2C22521492683%2F.2_A.39196.10_rentry.co_tier1%22%7D%5D&schain=1.0%2C1!pubgalaxy.com%2C13143%2C1%2C%2C%2C&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A10000%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
DPF8WS837QJFT8Z9CAS8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://rentry.co
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
U8G1GG1ODNovpdtq8ad-8mzjErwYdynOnIhCGzveYE_3k6bN0uzAIA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
kI14R7urpxgHjeMWGWlNpVn0IgFose_t
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
71481
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 19 Feb 2022 01:26:04 GMT
server
AmazonS3
date
Tue, 22 Feb 2022 01:27:02 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
JMqBndLMxX5Ql7RyGcG_gxFlU5LLA4TpRhSVXbORDqw3Bk4xAqoMZQ==
pubads_impl_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 20:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124510
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Feb 2023 20:14:08 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		58 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rentry.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
21294e61d01277b6a544b022ac14733e2c921ca8dfd7cd6242c95a1247158151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-xss-protection
0
expires
Tue, 22 Feb 2022 21:17:47 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2008742579&t=pageview&_s=1&dl=https%3A%2F%2Frentry.co%2F8zstt&ul=en-us&de=UTF-8&dt=Link%3A%20https%3A%2F%2Fgofile.io%2Fd%2FDcEG9t&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1414211011&gjid=1446435563&cid=1657694779.1645564668&tid=UA-102083007-1&_gid=1333585711.1645564668&_r=1&gtm=2ou2g0&z=1172229694
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rentry.co/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rentry.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Tue, 22 Feb 2022 21:32:47 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
date
Tue, 22 Feb 2022 20:25:04 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
rbx1
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10638
x-request-id
780567326
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frentry.co%2F&domain=rentry.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://rentry.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://rentry.co
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1681
date
Tue, 22 Feb 2022 21:17:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frentry.co%2F&domain=rentry.co&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=iKScdXxFSEd6S0daTUlMdS9tSjZQSkxVUEZGK0RPR1dIQVlWdHlhczRjM2UzV3VQRVc0OWRzUGtSV2NFV1EzcHlRUC9Kc2wrbkNoeXYwTFZFNFRRZENTTXJZYThJSDgrQXJtZGdiMCt6dFZzNXpUTFRiVUNLUXc3NllrSH...
350 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iKScdXxFSEd6S0daTUlMdS9tSjZQSkxVUEZGK0RPR1dIQVlWdHlhczRjM2UzV3VQRVc0OWRzUGtSV2NFV1EzcHlRUC9Kc2wrbkNoeXYwTFZFNFRRZENTTXJZYThJSDgrQXJtZGdiMCt6dFZzNXpUTFRiVUNLUXc3NllrSHNENS8yRzdwQ3hVNEpzdU1PRHR1QWprQzRleXZpNU9WeFllbFRFYUJHamlQU3NoZ05WV3V1ZlMyODBKdkVKcllKd281by9WTjBLREd4cHNCVm5pOGNLV0Nra2tUQkZBQVBaaWlWOHNJRWdKa2MrcDVLRU1NPXw&cppv=2
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8afe61c33ffe48d431b803d6701b45443d34462779f90cb0f86bc4aec099228d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2478
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:47 GMT
location
https://mug.criteo.com/sid?cpp=iKScdXxFSEd6S0daTUlMdS9tSjZQSkxVUEZGK0RPR1dIQVlWdHlhczRjM2UzV3VQRVc0OWRzUGtSV2NFV1EzcHlRUC9Kc2wrbkNoeXYwTFZFNFRRZENTTXJZYThJSDgrQXJtZGdiMCt6dFZzNXpUTFRiVUNLUXc3NllrSHNENS8yRzdwQ3hVNEpzdU1PRHR1QWprQzRleXZpNU9WeFllbFRFYUJHamlQU3NoZ05WV3V1ZlMyODBKdkVKcllKd281by9WTjBLREd4cHNCVm5pOGNLV0Nra2tUQkZBQVBaaWlWOHNJRWdKa2MrcDVLRU1NPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://rentry.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1674
content-length
482
expires
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=rentry.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rentry.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Feb 2022 21:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4362718419577789&correlator=2104445018856800&output=ldjh&impl=fifs&eid=31064965%2C31064868&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220222&iu_parts=8095840%3A22521492683%2C.2_A.39066.10_rentry.co_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C750x200%7C750x100%7C930x180%7C970x250%7C970x66%7C970x120%7C970x90%7C980x250%7C980x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=pubcid%3D8979d05c-4859-45d9-a9c3-b5e8b8c47e83&cookie_enabled=1&bc=31&abxe=1&dt=1645564667790&lmt=1645564667&dlt=1645564667293&idt=459&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=527&adks=3264216144&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frentry.co%2F8zstt&vis=1&scr_x=0&scr_y=0&psz=1124x300&msz=728x0&ga_vid=1657694779.1645564668&ga_sid=1645564668&ga_hid=2008742579&ga_fc=true&fws=4&ohw=1124&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
8121938975bc27038fcfd98357a05877b3de824ebf0a57791979324e1fb2315a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7902
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rentry.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ABE9 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 22 Feb 2022 21:17:47 GMT
expires
Wed, 22 Feb 2023 21:17:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
341.json
id5-sync.com/g/v2/ 		213 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/341.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.199 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p21.id5-sync.com
Software
/
Resource Hash
90f18b704016a9d6d9fa44baa7d05c07294fec298180a219f403e7402bc453a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://rentry.co/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://rentry.co
Date
Tue, 22 Feb 2022 21:17:47 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=iKScdXxFSEd6S0daTUlMdS9tSjZQSkxVUEZGK0RPR1dIQVlWdHlhczRjM2UzV3VQRVc0OWRzUGtSV2NFV1EzcHlRUC9Kc2wrbkNoeXYwTFZFNFRRZENTTXJZYThJSDgrQXJtZGdiMCt6dFZzNXpUTFRiVUNLUXc3NllrSHNENS8yRzdwQ3hVNEpzdU1PRHR1QWprQzRleXZpNU9WeFllbFRFYUJHamlQU3NoZ05WV3V1ZlMyODBKdkVKcllKd281by9WTjBLREd4cHNCVm5pOGNLV0Nra2tUQkZBQVBaaWlWOHNJRWdKa2MrcDVLRU1NPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1186
date
Tue, 22 Feb 2022 21:17:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19a077968b352d6601016b76ad7b220b3de2db2ae2d13294b139ddc039031209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Feb 2022 21:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9989
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Feb 2022 21:17:48 GMT
container.html
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B37F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 21:17:47 GMT
expires
Wed, 22 Feb 2023 21:17:47 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D95B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 20:49:19 GMT
expires
Wed, 22 Feb 2023 20:49:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
1709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3C66 		783 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d76522c0748502535923350b203ee6c00eff5a5e3047d209ea075cd6db47a369
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BL5ND3anaj4NQZp5/p23Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 22 Feb 2022 21:17:48 GMT
date
Tue, 22 Feb 2022 21:17:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BL5ND3anaj4NQZp5/p23Mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame B47A 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGIv-s8EBMAE&v=APEucNU7asSYAIgR4v6zd7jeNTM3hXftbXbJ07-1yU0o-NSGgDQjZDWbUqpfNy0un-6PSnAqzd9U0AcKoUIwxR2Mz-rgrAQW9QYmDhYXZiREPGadK7JB6j7qEIBpV207whjp2QhuN3zbbD6jc4Hnd52aY0_-WmBpXjZogCFsPsX-VREDSrGEr5GZonoDDMYA-oRrGGX55gAOlmhwXSyJbKFvFJFkjYDciA
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 22 Feb 2022 21:17:48 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Feb 2022 21:17:48 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B37F 		74 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPVhA8MCjuGBQ-eJud16HWIj1qaXK_-tEr1YtX1cgQLwnG9FpDRQsYE6VDlwqQispou-zxRkc-PIrxC9mxvNmpS-_AhP0OYh51zqSx7aXTlfVXJa-Tu3e-9BzZwc4u38afvF5dW559X0pD0PHPfxIgoZBHYA&dbm_d=AKAmf-BvtwsBFNcpUNW-DFv8NktbmTmlDA6RA_gWllrFAsH-o5JIozqogrlMozMbyO1b1t3oWqtdKg1MoeTICwxJWYvTmklxx0400y-ogZWutXYPKQbN6lrvAH8w-LmWuuEclLskyheHC5ay7CJpCGibNwYcy8z0Ka5OvERJfTgDAMNyRHkdPTLzfG3ildMZL8qmW5qd2QSB3dvw_FS-dz5NqpvcFIHYOAH-VcxN0OU0Z4fqFKsqYDO0dqpuQAJaIeCXPqzf4Uwyw8NU4_m6iWmxvIif49Y4J-N1ZxIsCZz01QH9JNXcXdRv71cH_RCNE9YnwZlrQkDGoPpACOrQ9PlhNNYrLHLOqahwo-blDxSZbKlyDlAWSEO02nuoUBuxQBhmwoBnwWm1lqSErkaAohpAVs2Zyj7AEBvsvsxyZR5x24CD6e2FSJJs6aEfHJ8WWpojwtzOetjFkiPmtKnD7rTX__mE9Qfkbc3gMs9mkh995C4JJ9HHgXhAMYPhNcMpL-Iy0rJmSbFowOdsiTojFw5bWD2Yv4F1EcYNvbfUoRPnMac29fOF4VM7QUtomHBxBM_8C1oQMRJb445AQ9FccDtSp8YT72mqQeQf1feI2urOYxpCAknDnKpiXo1PNlVPAp13O3GFI7BFJpm1VzHSjaGtvvaXX8DGSfcqZSKQfb23iScg66VDyFZOklCoQbDa4yqzJQMdZWEnd3JdNgnfGZZbEBkepP5g-Ic6yY1Jzlds90vhJOZthjJRdDD97DOy2AN4VFxPvM6EIWMyhc87H9Gv-SxtPLys1R15qrIOsgpeVw_llfCBLHNOyLQRV0uA4W-2nfXQl7ducgIesSweghy_rZi4eZUolgTrvu0pCBSaGVYC-fGTaQFuA_ho7JZPqb6IFJoaORZIFa2ePuwMq5WukfBrerCSM-wwqlgiNPPuwuXKSZUReqxEIjK1E3PAPp_737tPbHjr906dpDsZBcSY8EjTHnSU39Wtwz-2gGB5OUudoq1R6rsI_KvMiJNHfZsEVTAlKlBvTuuGHwrQyKMCHpfoMNbxG-FvuPjmjzn9fEy2jAyr83HPo3hZm3ylOrgndRcvsG0k9kQMfIh0U9HG9BkteVTXvGISQb6kmtg5_qHP5M5-b7MvU53lMvzn-YlJzsL5PwgwFBGCEvbmn23R1X-QCMLd76hskiUe88przzlNxGTEL-lRBqpfPEEC11PSlg_N85Orcpx1HcWla8TvQpPiux_L5HsDNWlXElgsP4cyxUPcDx3sh1LnMBogBFnrlMj-AC-SX06lt6l5vuPX0u5Ga1ENRFJRTVJFb9asXC5-48y34lmGoppRx0_09btQWYJOUNBqg8_lSDIeh7JUaMmZq2Hzmrwu-Wd6Uz1fccXO40JVUTRN5mZxrRphBlojz_rmHR8exlKHLKJVamwuloogmo-qcKGdWZK1kTBhjylt1rqXowJGM8mDuYMjP7z_pNUGa5SUeky6XJIaoDa8TbL9WvfGFQKI_54QNtdH7u9F32up1G50sLrkGgRx3nbwH_Pm8eirQdLMwCiPUeuLVrigL_MFgloc3cJHjNGIfq9jw8JrSUU5Jz5JGfDrfd0E7YFCQvBSWPQvVYO1a4l_e8skxk37xuKy1BQMMIyxmaauLkLq_4CbmKnX9JVCgf1eBDmx1EAyeUX5tr6sTHGKCBOeRXYsBVy0hM_FFttP0DyWAy6ox-RMcD4uzT4coRaxlDKmqfJBLnNAfv4etNlHrQjXM2yNm3hOVCdNasrScGebSC_UfHoud3iJ5_y-neb4kKurSmL2P74TreT-FhLVcGah4429e7q95-aYsiqB8hbriWuvHe5mZN9JP6GW85G7ktgjYzF2UcNA7CICYcWyHIMjhwUap-icXvzHKp2x6W7Ac9UitfKvJ-Xth_yUdVGCHb0MrRcbhQA07LeSqFs7gTmiPjsOZ_y5O1Gd4dGmrGGJF7GhYY0BwsXLkld3CGwslhz_jJFHehKD_Z_HpIwG-4RW6OkYPIkchIXBGgzYbfG-hy4CRUal82QQv3dYaCXqjqIzaXwPccd-r9FjnDLz_FOQR16BY20OHMWxnATxIekAbPegF9MMe-eFKt8OlIPz24AU-UbsYb2ZZt0a5KysDYXP86DNL6ZgaiXSwfKWOFR7QHHAcuP0r4KCwJIJuqIFlDJcDYrLgo617lMGcR67hWg3YaXFM32zieYcGfwKY47zZAA-_1Q2B5MlQDfY07-8lUB4QaTrwTSu8mZeiIMyCT2-FjNFeV47Xb4oDRnj4NyBWb9qd96nxT33DF_1ajTYpGmg98y648u_EDS0ueXxjQhouSTdcIXU9_rpNTY8Tm0er3iv7cAJta7Va5zA2QLAWrwVp_6sAmtYQRCHZ5UnQa4EZcVjkq0RVKPWUd3-jv-bwfkQIeQxDCW9LDJsMEXdhTk3fRpd4YQvSSGYk6cDfwA9OqMBKPN-EKY2PiCLdWefv1qvBncnfU4FkX4MDmSBhG8bl6ieWtlWNWcK5xiipPBrhAvikJn1-Wo4MInpxPHymdgwPC18gGpeo_O3d3-acGYUdK93mNq0vDxGPrBd9AvL5wpIKFuICo0Y5PjlrGnQoH3EKAcj1kHLVomMQ8lWo9XDZ4J0cXIKvffxRcx-Y4qPRzKJYp6M7JXCusSNSKK3Mlz6cMUw00yiOi-iMQhtAIn22s-Zf7mT0S9_i0xX2KjFM2XvcjWLoydm_g9vOGfgtiBzk20W6cQAjcAyrXMpaM5WznJ0fznp5-TKzdSCMbvBvKCWw5rgSoA1sF-nOXDRnRqOUnPRQGLd_6d1_DP4h5EI1GZZeLzS56qokJCYzAvQuuhhXOVtHHwWHMP7_1rRm8L_PxjHgouNJ_BJyk1G43SVWw8HxWD6Iw2zYjtivwA7ejhqrVLk8SQxajxtJnN3UBve7D642k1LnD4NhlbsP-XgNg5fG-FXEBKr9SgybBfx60dJ8gQmUvXadTS91Ol1tP8vTniV7j6FioCP8vyOssOe3gN0go_D05Hsn-TRbapm0zfdile1XsLQC15i5YNbwEgbAV4&cid=CAASFeRoOpqhcaRA0YUoIvSg3KT5hiQGlA&rfl=1%2Chttps%253A%252F%252Frentry.co%252F%240
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8390ffdd404b9b31db598136642770da0dfd17c82e6bba8d2195722c5ccccf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31521
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B37F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRQsF93uitNaPxc7z4cLASIIPKpzaiBdotgfy1HyWSz-3YLM_SRWmFLpnp6_cBs-NglA-jrtF8vkobXEhupO59PYqsE9sLktA7C92CkbtIy5oo8iM
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame B37F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/window_focus_fy2019.js
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Mar 2022 21:08:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B37F 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38723
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645015031201889"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Feb 2022 21:17:48 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/ Frame B37F 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220217/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6438
x-xss-protection
0
server
cafe
etag
12093742715590823996
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Mar 2022 21:06:59 GMT
l
www.google.com/ads/measurement/ Frame B37F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsiQHvmQdcQjTaK1yKg_vRU_z4uDrid4aG0Pbq6m5NtM9RxAfRRKSI3WRSXTVcEAauiqa5Gy79n1XwV8Z-A8Mur8YwFQ
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame D95B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
177873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 19:53:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3C66 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=4362718419577789&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame B47A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxpdufB46sRvsnehrVuN60&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxpdufB46sRvsnehrVuN60&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxpdufB46sRvsnehrVuN60&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGIv-s8EBMAE&v=APEucNU7asSYAIgR4v6zd7jeNTM3hXftbXbJ07-1yU0o-NSGgDQjZDWbUqpfNy0un-6PSnAqzd9U0AcKoUIwxR2Mz-rgrAQW9QYmDhYXZiREPGadK7JB6j7qEIBpV207whjp2QhuN3zbbD6jc4Hnd52aY0_-WmBpXjZogCFsPsX-VREDSrGEr5GZonoDDMYA-oRrGGX55gAOlmhwXSyJbKFvFJFkjYDciA
Protocol
HTTP/1.1
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Feb 2022 21:17:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Feb 2022 21:17:48 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Feb 2022 21:17:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxpdufB46sRvsnehrVuN60&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 22 Feb 2022 21:17:48 GMT
rum
dsum-sec.casalemedia.com/ Frame B47A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhVS-BPh8-1mE0U9JIshpgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECz8pFSjeMpT4dgzUkVHqJY&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECz8pFSjeMpT4dgzUkVHqJY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGIv-s8EBMAE&v=APEucNU7asSYAIgR4v6zd7jeNTM3hXftbXbJ07-1yU0o-NSGgDQjZDWbUqpfNy0un-6PSnAqzd9U0AcKoUIwxR2Mz-rgrAQW9QYmDhYXZiREPGadK7JB6j7qEIBpV207whjp2QhuN3zbbD6jc4Hnd52aY0_-WmBpXjZogCFsPsX-VREDSrGEr5GZonoDDMYA-oRrGGX55gAOlmhwXSyJbKFvFJFkjYDciA
Protocol
HTTP/1.1
Server
72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-225-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Feb 2022 21:17:48 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Feb 2022 21:17:48 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECz8pFSjeMpT4dgzUkVHqJY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B47A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMrA9hRFAEtoVC6Y05SuWvI&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMrA9hRFAEtoVC6Y05SuWvI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGIv-s8EBMAE&v=APEucNU7asSYAIgR4v6zd7jeNTM3hXftbXbJ07-1yU0o-NSGgDQjZDWbUqpfNy0un-6PSnAqzd9U0AcKoUIwxR2Mz-rgrAQW9QYmDhYXZiREPGadK7JB6j7qEIBpV207whjp2QhuN3zbbD6jc4Hnd52aY0_-WmBpXjZogCFsPsX-VREDSrGEr5GZonoDDMYA-oRrGGX55gAOlmhwXSyJbKFvFJFkjYDciA
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Feb 2022 21:17:48 GMT
X-Proxy-Origin
37.59.164.110; 37.59.164.110; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
236b2691-1618-4bc3-b65a-c71359e78c7e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMrA9hRFAEtoVC6Y05SuWvI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B47A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5ODU0Njk5ODU0OTI2Mzk3NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5ODU0Njk5ODU0OTI2Mzk3NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfiYRD79ucBGIv-s8EBMAE&v=APEucNU7asSYAIgR4v6zd7jeNTM3hXftbXbJ07-1yU0o-NSGgDQjZDWbUqpfNy0un-6PSnAqzd9U0AcKoUIwxR2Mz-rgrAQW9QYmDhYXZiREPGadK7JB6j7qEIBpV207whjp2QhuN3zbbD6jc4Hnd52aY0_-WmBpXjZogCFsPsX-VREDSrGEr5GZonoDDMYA-oRrGGX55gAOlmhwXSyJbKFvFJFkjYDciA
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Feb 2022 21:17:48 GMT
X-Proxy-Origin
37.59.164.110; 37.59.164.110; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6c9469f3-feed-4eba-af68-e4fdd6062e69
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc5ODU0Njk5ODU0OTI2Mzk3NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D95B 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=4362718419577789&bg=!e3ileDzNAAbf-5Dq3_s7ACkAdvg8WtiLJqqLrShSWJKCUmWTJaBo-IhY04ZxKWDT5x61RDTVf0VthwIAAABRUgAAAAFoAQeZAsib-FWVIT_KS8AMM-gqjpgqa7mdTjRPAolwSQlRq2qXo3pRxNRcJPioRk_DGJ1-QYou4e8xEbo9oN0urvkufXENLzAR2gFvGPiz7hZIbvewgiUVRv7qluG0FcZmsRjMrGJvINPWBFNCD5avBDxfgDRTryKJP_JJxNxoQA0cYAcfwFBEcYsTkUOiyB044eMJmvGnne5TVqw9MUw1Gb3y-Tt-a0Yva8e3jg-bkdTq261Ku41ZmUKcu3Dzh00FnxJMKz7FqP82XWR1GS-qFeefSYdpYHmulfJmcrzU0V4kDNB54AFW6jXX0aBQhKnOwGShgfm9bUThKypp064D20ESd2XabaFdKxn-84J6ku3Hkn0OtcpfrDbaI4xw71YWSgHXjR2zE4SrKfxPB-Qndx02XUbq7ZbzijrEozvfHQHVBtoF-tHy5gVQ1UhNqiXb085UK-UqFg2TN2FIZX-d2naBJaXibNYuYVXbfTgV3PNu9pF3LRRz6fz3nzDDjJ-P3DsI3gIOdeM1uaI-0AH_FteReiq9vB7qkmcJD2bWylQ9qP7l08o0TABd7_QYfXcwS20NeDc7or4KEhvgIiTeBgqukeu92bQ8A4qdilBLlU0GojEh_ImgifjgEO7EimUcEo_uHmaXInnyv2bnwpSVuR2bPA8c6YkM6ifJUz0odkQrrmkwSaCeC8zcc1ofN8SF4uFF0pHq5tCjONCggrouJ2mvYb9aGg_3hi1OWhOU09XFO-OdkBYB8wPr6n0rLwpL4czD4GBJfvvtXCUtifLxruG2onhyrL7Kn3hQUNe3bbA8yiAvK-FkOFK-pi98Idi1Gic8F8VzDRbFJmUcj6Z5tO1hCNpRbh4KH_p55_4Z-4qee4CJ1qfc1_TnG2oDiQGSObZzxOO8VPJpZQCByxtY1usmQq6rSYM-BXpQse8ldkGwQsu2gCfCrnnDHEDU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://rentry.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame B37F 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
Origin
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 14:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Feb 2022 14:21:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/elements/html/ Frame B37F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPVhA8MCjuGBQ-eJud16HWIj1qaXK_-tEr1YtX1cgQLwnG9FpDRQsYE6VDlwqQispou-zxRkc-PIrxC9mxvNmpS-_AhP0OYh51zqSx7aXTlfVXJa-Tu3e-9BzZwc4u38afvF5dW559X0pD0PHPfxIgoZBHYA&dbm_d=AKAmf-BvtwsBFNcpUNW-DFv8NktbmTmlDA6RA_gWllrFAsH-o5JIozqogrlMozMbyO1b1t3oWqtdKg1MoeTICwxJWYvTmklxx0400y-ogZWutXYPKQbN6lrvAH8w-LmWuuEclLskyheHC5ay7CJpCGibNwYcy8z0Ka5OvERJfTgDAMNyRHkdPTLzfG3ildMZL8qmW5qd2QSB3dvw_FS-dz5NqpvcFIHYOAH-VcxN0OU0Z4fqFKsqYDO0dqpuQAJaIeCXPqzf4Uwyw8NU4_m6iWmxvIif49Y4J-N1ZxIsCZz01QH9JNXcXdRv71cH_RCNE9YnwZlrQkDGoPpACOrQ9PlhNNYrLHLOqahwo-blDxSZbKlyDlAWSEO02nuoUBuxQBhmwoBnwWm1lqSErkaAohpAVs2Zyj7AEBvsvsxyZR5x24CD6e2FSJJs6aEfHJ8WWpojwtzOetjFkiPmtKnD7rTX__mE9Qfkbc3gMs9mkh995C4JJ9HHgXhAMYPhNcMpL-Iy0rJmSbFowOdsiTojFw5bWD2Yv4F1EcYNvbfUoRPnMac29fOF4VM7QUtomHBxBM_8C1oQMRJb445AQ9FccDtSp8YT72mqQeQf1feI2urOYxpCAknDnKpiXo1PNlVPAp13O3GFI7BFJpm1VzHSjaGtvvaXX8DGSfcqZSKQfb23iScg66VDyFZOklCoQbDa4yqzJQMdZWEnd3JdNgnfGZZbEBkepP5g-Ic6yY1Jzlds90vhJOZthjJRdDD97DOy2AN4VFxPvM6EIWMyhc87H9Gv-SxtPLys1R15qrIOsgpeVw_llfCBLHNOyLQRV0uA4W-2nfXQl7ducgIesSweghy_rZi4eZUolgTrvu0pCBSaGVYC-fGTaQFuA_ho7JZPqb6IFJoaORZIFa2ePuwMq5WukfBrerCSM-wwqlgiNPPuwuXKSZUReqxEIjK1E3PAPp_737tPbHjr906dpDsZBcSY8EjTHnSU39Wtwz-2gGB5OUudoq1R6rsI_KvMiJNHfZsEVTAlKlBvTuuGHwrQyKMCHpfoMNbxG-FvuPjmjzn9fEy2jAyr83HPo3hZm3ylOrgndRcvsG0k9kQMfIh0U9HG9BkteVTXvGISQb6kmtg5_qHP5M5-b7MvU53lMvzn-YlJzsL5PwgwFBGCEvbmn23R1X-QCMLd76hskiUe88przzlNxGTEL-lRBqpfPEEC11PSlg_N85Orcpx1HcWla8TvQpPiux_L5HsDNWlXElgsP4cyxUPcDx3sh1LnMBogBFnrlMj-AC-SX06lt6l5vuPX0u5Ga1ENRFJRTVJFb9asXC5-48y34lmGoppRx0_09btQWYJOUNBqg8_lSDIeh7JUaMmZq2Hzmrwu-Wd6Uz1fccXO40JVUTRN5mZxrRphBlojz_rmHR8exlKHLKJVamwuloogmo-qcKGdWZK1kTBhjylt1rqXowJGM8mDuYMjP7z_pNUGa5SUeky6XJIaoDa8TbL9WvfGFQKI_54QNtdH7u9F32up1G50sLrkGgRx3nbwH_Pm8eirQdLMwCiPUeuLVrigL_MFgloc3cJHjNGIfq9jw8JrSUU5Jz5JGfDrfd0E7YFCQvBSWPQvVYO1a4l_e8skxk37xuKy1BQMMIyxmaauLkLq_4CbmKnX9JVCgf1eBDmx1EAyeUX5tr6sTHGKCBOeRXYsBVy0hM_FFttP0DyWAy6ox-RMcD4uzT4coRaxlDKmqfJBLnNAfv4etNlHrQjXM2yNm3hOVCdNasrScGebSC_UfHoud3iJ5_y-neb4kKurSmL2P74TreT-FhLVcGah4429e7q95-aYsiqB8hbriWuvHe5mZN9JP6GW85G7ktgjYzF2UcNA7CICYcWyHIMjhwUap-icXvzHKp2x6W7Ac9UitfKvJ-Xth_yUdVGCHb0MrRcbhQA07LeSqFs7gTmiPjsOZ_y5O1Gd4dGmrGGJF7GhYY0BwsXLkld3CGwslhz_jJFHehKD_Z_HpIwG-4RW6OkYPIkchIXBGgzYbfG-hy4CRUal82QQv3dYaCXqjqIzaXwPccd-r9FjnDLz_FOQR16BY20OHMWxnATxIekAbPegF9MMe-eFKt8OlIPz24AU-UbsYb2ZZt0a5KysDYXP86DNL6ZgaiXSwfKWOFR7QHHAcuP0r4KCwJIJuqIFlDJcDYrLgo617lMGcR67hWg3YaXFM32zieYcGfwKY47zZAA-_1Q2B5MlQDfY07-8lUB4QaTrwTSu8mZeiIMyCT2-FjNFeV47Xb4oDRnj4NyBWb9qd96nxT33DF_1ajTYpGmg98y648u_EDS0ueXxjQhouSTdcIXU9_rpNTY8Tm0er3iv7cAJta7Va5zA2QLAWrwVp_6sAmtYQRCHZ5UnQa4EZcVjkq0RVKPWUd3-jv-bwfkQIeQxDCW9LDJsMEXdhTk3fRpd4YQvSSGYk6cDfwA9OqMBKPN-EKY2PiCLdWefv1qvBncnfU4FkX4MDmSBhG8bl6ieWtlWNWcK5xiipPBrhAvikJn1-Wo4MInpxPHymdgwPC18gGpeo_O3d3-acGYUdK93mNq0vDxGPrBd9AvL5wpIKFuICo0Y5PjlrGnQoH3EKAcj1kHLVomMQ8lWo9XDZ4J0cXIKvffxRcx-Y4qPRzKJYp6M7JXCusSNSKK3Mlz6cMUw00yiOi-iMQhtAIn22s-Zf7mT0S9_i0xX2KjFM2XvcjWLoydm_g9vOGfgtiBzk20W6cQAjcAyrXMpaM5WznJ0fznp5-TKzdSCMbvBvKCWw5rgSoA1sF-nOXDRnRqOUnPRQGLd_6d1_DP4h5EI1GZZeLzS56qokJCYzAvQuuhhXOVtHHwWHMP7_1rRm8L_PxjHgouNJ_BJyk1G43SVWw8HxWD6Iw2zYjtivwA7ejhqrVLk8SQxajxtJnN3UBve7D642k1LnD4NhlbsP-XgNg5fG-FXEBKr9SgybBfx60dJ8gQmUvXadTS91Ol1tP8vTniV7j6FioCP8vyOssOe3gN0go_D05Hsn-TRbapm0zfdile1XsLQC15i5YNbwEgbAV4&cid=CAASFeRoOpqhcaRA0YUoIvSg3KT5hiQGlA&rfl=1%2Chttps%253A%252F%252Frentry.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Mar 2022 21:14:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/ Frame B37F 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220217/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPVhA8MCjuGBQ-eJud16HWIj1qaXK_-tEr1YtX1cgQLwnG9FpDRQsYE6VDlwqQispou-zxRkc-PIrxC9mxvNmpS-_AhP0OYh51zqSx7aXTlfVXJa-Tu3e-9BzZwc4u38afvF5dW559X0pD0PHPfxIgoZBHYA&dbm_d=AKAmf-BvtwsBFNcpUNW-DFv8NktbmTmlDA6RA_gWllrFAsH-o5JIozqogrlMozMbyO1b1t3oWqtdKg1MoeTICwxJWYvTmklxx0400y-ogZWutXYPKQbN6lrvAH8w-LmWuuEclLskyheHC5ay7CJpCGibNwYcy8z0Ka5OvERJfTgDAMNyRHkdPTLzfG3ildMZL8qmW5qd2QSB3dvw_FS-dz5NqpvcFIHYOAH-VcxN0OU0Z4fqFKsqYDO0dqpuQAJaIeCXPqzf4Uwyw8NU4_m6iWmxvIif49Y4J-N1ZxIsCZz01QH9JNXcXdRv71cH_RCNE9YnwZlrQkDGoPpACOrQ9PlhNNYrLHLOqahwo-blDxSZbKlyDlAWSEO02nuoUBuxQBhmwoBnwWm1lqSErkaAohpAVs2Zyj7AEBvsvsxyZR5x24CD6e2FSJJs6aEfHJ8WWpojwtzOetjFkiPmtKnD7rTX__mE9Qfkbc3gMs9mkh995C4JJ9HHgXhAMYPhNcMpL-Iy0rJmSbFowOdsiTojFw5bWD2Yv4F1EcYNvbfUoRPnMac29fOF4VM7QUtomHBxBM_8C1oQMRJb445AQ9FccDtSp8YT72mqQeQf1feI2urOYxpCAknDnKpiXo1PNlVPAp13O3GFI7BFJpm1VzHSjaGtvvaXX8DGSfcqZSKQfb23iScg66VDyFZOklCoQbDa4yqzJQMdZWEnd3JdNgnfGZZbEBkepP5g-Ic6yY1Jzlds90vhJOZthjJRdDD97DOy2AN4VFxPvM6EIWMyhc87H9Gv-SxtPLys1R15qrIOsgpeVw_llfCBLHNOyLQRV0uA4W-2nfXQl7ducgIesSweghy_rZi4eZUolgTrvu0pCBSaGVYC-fGTaQFuA_ho7JZPqb6IFJoaORZIFa2ePuwMq5WukfBrerCSM-wwqlgiNPPuwuXKSZUReqxEIjK1E3PAPp_737tPbHjr906dpDsZBcSY8EjTHnSU39Wtwz-2gGB5OUudoq1R6rsI_KvMiJNHfZsEVTAlKlBvTuuGHwrQyKMCHpfoMNbxG-FvuPjmjzn9fEy2jAyr83HPo3hZm3ylOrgndRcvsG0k9kQMfIh0U9HG9BkteVTXvGISQb6kmtg5_qHP5M5-b7MvU53lMvzn-YlJzsL5PwgwFBGCEvbmn23R1X-QCMLd76hskiUe88przzlNxGTEL-lRBqpfPEEC11PSlg_N85Orcpx1HcWla8TvQpPiux_L5HsDNWlXElgsP4cyxUPcDx3sh1LnMBogBFnrlMj-AC-SX06lt6l5vuPX0u5Ga1ENRFJRTVJFb9asXC5-48y34lmGoppRx0_09btQWYJOUNBqg8_lSDIeh7JUaMmZq2Hzmrwu-Wd6Uz1fccXO40JVUTRN5mZxrRphBlojz_rmHR8exlKHLKJVamwuloogmo-qcKGdWZK1kTBhjylt1rqXowJGM8mDuYMjP7z_pNUGa5SUeky6XJIaoDa8TbL9WvfGFQKI_54QNtdH7u9F32up1G50sLrkGgRx3nbwH_Pm8eirQdLMwCiPUeuLVrigL_MFgloc3cJHjNGIfq9jw8JrSUU5Jz5JGfDrfd0E7YFCQvBSWPQvVYO1a4l_e8skxk37xuKy1BQMMIyxmaauLkLq_4CbmKnX9JVCgf1eBDmx1EAyeUX5tr6sTHGKCBOeRXYsBVy0hM_FFttP0DyWAy6ox-RMcD4uzT4coRaxlDKmqfJBLnNAfv4etNlHrQjXM2yNm3hOVCdNasrScGebSC_UfHoud3iJ5_y-neb4kKurSmL2P74TreT-FhLVcGah4429e7q95-aYsiqB8hbriWuvHe5mZN9JP6GW85G7ktgjYzF2UcNA7CICYcWyHIMjhwUap-icXvzHKp2x6W7Ac9UitfKvJ-Xth_yUdVGCHb0MrRcbhQA07LeSqFs7gTmiPjsOZ_y5O1Gd4dGmrGGJF7GhYY0BwsXLkld3CGwslhz_jJFHehKD_Z_HpIwG-4RW6OkYPIkchIXBGgzYbfG-hy4CRUal82QQv3dYaCXqjqIzaXwPccd-r9FjnDLz_FOQR16BY20OHMWxnATxIekAbPegF9MMe-eFKt8OlIPz24AU-UbsYb2ZZt0a5KysDYXP86DNL6ZgaiXSwfKWOFR7QHHAcuP0r4KCwJIJuqIFlDJcDYrLgo617lMGcR67hWg3YaXFM32zieYcGfwKY47zZAA-_1Q2B5MlQDfY07-8lUB4QaTrwTSu8mZeiIMyCT2-FjNFeV47Xb4oDRnj4NyBWb9qd96nxT33DF_1ajTYpGmg98y648u_EDS0ueXxjQhouSTdcIXU9_rpNTY8Tm0er3iv7cAJta7Va5zA2QLAWrwVp_6sAmtYQRCHZ5UnQa4EZcVjkq0RVKPWUd3-jv-bwfkQIeQxDCW9LDJsMEXdhTk3fRpd4YQvSSGYk6cDfwA9OqMBKPN-EKY2PiCLdWefv1qvBncnfU4FkX4MDmSBhG8bl6ieWtlWNWcK5xiipPBrhAvikJn1-Wo4MInpxPHymdgwPC18gGpeo_O3d3-acGYUdK93mNq0vDxGPrBd9AvL5wpIKFuICo0Y5PjlrGnQoH3EKAcj1kHLVomMQ8lWo9XDZ4J0cXIKvffxRcx-Y4qPRzKJYp6M7JXCusSNSKK3Mlz6cMUw00yiOi-iMQhtAIn22s-Zf7mT0S9_i0xX2KjFM2XvcjWLoydm_g9vOGfgtiBzk20W6cQAjcAyrXMpaM5WznJ0fznp5-TKzdSCMbvBvKCWw5rgSoA1sF-nOXDRnRqOUnPRQGLd_6d1_DP4h5EI1GZZeLzS56qokJCYzAvQuuhhXOVtHHwWHMP7_1rRm8L_PxjHgouNJ_BJyk1G43SVWw8HxWD6Iw2zYjtivwA7ejhqrVLk8SQxajxtJnN3UBve7D642k1LnD4NhlbsP-XgNg5fG-FXEBKr9SgybBfx60dJ8gQmUvXadTS91Ol1tP8vTniV7j6FioCP8vyOssOe3gN0go_D05Hsn-TRbapm0zfdile1XsLQC15i5YNbwEgbAV4&cid=CAASFeRoOpqhcaRA0YUoIvSg3KT5hiQGlA&rfl=1%2Chttps%253A%252F%252Frentry.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:15:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9648
x-xss-protection
0
server
cafe
etag
2224892065184813991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Mar 2022 21:15:09 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B37F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 12:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Feb 2023 12:07:15 GMT
truncated
/ Frame B37F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d80ac49abab042ae287f372c48fa785b56d6faa4090bf05ecbc78f5d65f02b04

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 837C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 12:07:15 GMT
expires
Wed, 22 Feb 2023 12:07:15 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
33033
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
pagead2.googlesyndication.com/bg/ Frame 837C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Hujgl23SVzI3rZSj4hNxUITd7BayDnfI5D3l6J-e8FI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 19:53:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
177873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13646
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Feb 2023 19:53:15 GMT
moatad.js
z.moatads.com/havasfrorangedcmdisplay758646212611/ Frame B37F 		323 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
352048ba2c4ac407de2ff368d3a9813d65b71e9a81dc27e1ec8d89986ec2f68b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:48 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 16:28:40 GMT
server
AmazonS3
x-amz-request-id
EENK9WKDQ3DS2ZJT
etag
"4ced6cb7028f1277db886fc49f8932a6"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=46368
accept-ranges
bytes
content-length
110743
x-amz-id-2
mCD4S3B6IIz6Hdh5izOm6jVW89JgEnXtsSDX53RFLExxC472o6NAZzFbW23UmIcC12X8h5cUgy0=
index.html
s0.2mdn.net/sadbundle/17997949217469595437/ Frame 45EA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
246b530340b17dd4727103b366aa71840b59b5c3b1965cbf76ebd03c48f0dbd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2064
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Thu, 17 Feb 2022 06:00:47 GMT
expires
Fri, 17 Feb 2023 06:00:47 GMT
cache-control
public, max-age=31536000
age
487021
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame B37F 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaRkPq0rsDhpaCPBO6t1jfw3ZApn5fKLz2-0Q6E2SMqbmWMn9ku2fsmhzTNTZ-mYhRCueduFWqID8ROCeiimyKj-dIhQY9Y3F-mqn4YwDSccOLmJnMBNnXLT_WwU146tOwhGLeYXfWqh7iTzSbtR71vgMQkglW--g6tgpX_PKOskcgNoQfO17KkBU1d3vtK1501-IAWZr_xBc5FfbN9rOsFJG2KsId1KDj41zxYE4Y0Llr-WWnkeuO7pyogoD5AiXRUNYWB1CpT806F6j55PneHYoceIxzAIuXtypITAwnnGDvlo8KSJTfvELzAPWqiMw-e2KJljjjQmhAVK9el5srYx5-3hoFXLsZfKPSXePQUKzsgQ8nI4TE7x_XrwemtVqZMrhlXsE32CwilmemhDQTtBebu--1XM-pMcuLfT66Uu3p2uOdU3Ze3ukrcX93Hlm8pLajZYMd9DAj_vnbj7XRXmDxJPmb89-QjkbZR9THlybBfEF4mMxXefFRlevy3iL2S2MsIurhSKs92C9yHt0MpoEDjnNugcW3Nfpi6-yMLNQIJTm_EBn95Skfm8i8I7jgC3o301qeOfhlj00AdtAs9rY5fEaM1ueOIA8jD2TsBXu8h69IUAjPCRPJJbQr0q605Cd6V_15D52qr2DNePoTLvR3Q36VVshcqkQ6uHmHLJL0ijkOhR4jkhkYtQD1C98QL6-a9vCHipPbS7iYgy7bpjzYfvGnH65Q-V1rCaEWwd97sMb7tDa6z58XvzMQxqJOlZ9MPbA7rTnZNi70T2rwtENZBuQDPlnR5uI-Fus4RSQCQTO9RICC9xq8MIhLeoA2vdXgyR5GS09RxZ5Nupm1YMWycrIJz6iFBfqNfCFMlYvrdrMJ7XRAibxIuTfL-8_oqy3fKYDlfgRMMt_Pom3CZMuOEC8I3sE4yRuvHhc_Oajo3NcZcY6pcIvGsRqed2vr6X6Gk33YdsJSLCtCQl0tqiPX8KhxloXJPnlWQWRRC9RHjYuqWClK597YB7U-lGb5sWwMizjIAjujIAklXqYoPCUm74K62yIV1HZetHSQLM205u_tEkAqVotT6hl6OUWVy069a-3sw72FZkjyKW-Ej1_NNslxY8FBHgMBnG9t8YmIXaYy5CPKIDslg6g&sai=AMfl-YSn7UPaiWvZ1VX7lkh2_i-3zMeVQR0KTVQWkpPIEIJfJ2mfcFlRztTLVzksK5qmPaiQC2NGqpNrkKXdtV-CpH2P-KpZKQ7gbosuOSyR6vUeUcoNj26PKM0NfFSV-nsH2alQsyR6rVr5k5-xdGuHu_ghbTR8Z8upNKnlxnc&sig=Cg0ArKJSzHnnISBwvLEJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=176&cbvp=1&cstd=174&cisv=r20220217.36227&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 22 Feb 2022 21:17:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
styles.min.css
s0.2mdn.net/sadbundle/17997949217469595437/ Frame 45EA 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/styles.min.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cadd5ea3f746dc36d2b58613cfe99c75ac6f6121a4da0b36a293573f232aef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1271
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
logo.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		886 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76118cff4cbf2b189ff38bb5b709b545045bc51c618042724566d2158775407b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
886
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
kv.jpg
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/kv.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
032bd03f00859cbb41357f02a680186e0acacc68eb320ee562690bda1b4b720d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16763
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
footer.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/footer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab0a14167bf111ac08308b497fe9f827aac48fa43c8553e1a0a209e053399d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2880
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
claim.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/claim.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3120fa6afc061fb16eb647a6255b81894673d6659e64488147d951ac685ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
claim1.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		880 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/claim1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45d4ba1fed08f603b2e01c6b4decdcde9e805f05978488c4d10b733eb04f1147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
880
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
claim2.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/claim2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10264eaaf84c488d10de8447c002cac916c91ca1a54997a630859631361dc9fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1123
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
argu.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/argu.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33d3335857f967d4f9b2dbb66496ee2d1a1586cdb3f1a4591f72d08c11a082ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1265
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
argu1.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		753 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/argu1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
525ea5ea46d65e2f4c5c1f3b64a6c329833ba0afc84534c68f33c6759c6d458a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
753
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
argu2.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/argu2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6590b02b9827bb82486b05d18ef28cd0c915ada4d2da5ff350cbf25afd32b05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1481
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
argu3.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		199 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/argu3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
281fc3f05b79726187e4024bf34398b14a19ac617206d98c77ab28820ba2bc39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
argu4.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		215 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/argu4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b77020488f09e5b6b9da7339cdd1afad509d1c656792555301d2b24968144ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
215
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
argu5.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		600 B
627 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/argu5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5410315be26040e1d3a52b16b0e0756a3f339d29f3aef98394bc1b79d0fff57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
argu6.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/argu6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04afaf3e313518c8e4ed7a32f87193d29292d17c31106a045caf209f18902307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
ml.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/ml.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745ee1be279be778b99e5c193df4d39f7e1014fa7aa35c2602e9f71d5a6e3499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10013
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
scripts.min.js
s0.2mdn.net/sadbundle/17997949217469595437/ Frame 45EA 		69 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/scripts.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251115b83ef08114b65b87bdc42a035dc5208b127ecfead6492ec5ac7b449d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26892
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 837C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzwj6_FIVYr_eE4nY7_UP_YOiuA4AAAAAOAHgBAI&bg=!7O-l76vNAAbf-5Dq3_s7ACkAdvg8Wq8ZfDaKlq7580FdqtkYdCCNq2eVX4JwreVRxSdQblVExJ-MBAIAAABgUgAAAAJoAQeZAveHrS5urz6AETN9MMFBBkr-TtmIT6ISbx-Nd5XkzDyLNvRt8bJdalezAb3KMH-g0jWwfvxj9zGc-yFpsjjaFPXQcAZx0GjdhMxav0Zwv3FOrinevCD_I0ixxQ03GGCPFCNC3VouSjhLybqpLlZq0CTyDWPDgSqZImS1hq9Tq3sbMUyKF_tjeaNOEUyKdEhnh99F6VQlGUISCuHYiJq0DEAzKnsTn_RP2psdkZfeMP92sBNWTtORMd6G5ZnvTdzLJVQQcRWYCuPgPLazfmd-4fMaUQXL3ofW6jIukUTDN_lQLcP2HvzgrKx2Y9c7lYknf8Psr17ncrJ4dqEuTdrDeabGU6fNTb7aC0qvVMwKOQi-Smh1ehrosV3aGPuU9WUEAi9y5PHMZaFlMMuUd7aoZ4pMiiwgZ7iD9b2aGXWQhe6unmChQo0PpkFe_T2O8jYj3HH6j1qiOWI1ll7GDCx2yaZgKgThotchWmhncFdPg2g8oSc3YAkcK3leRr-CBqHhFdctCoPVuldaFlV7KPqZ0CwlXlAxyBKLzhTzAa2FiP-klLvqmJpaPAV6bMy8GbWGEUMHEYYaBrtSazcqf8AdMA4hFCmsJ5tEeMHdlL2bKSDsK3JDeB3sP6yAitqJBEGaCaPVod6nCnn4LOpjtKP1mchfhJniPiNC-mao13bGByW9CJLpKEJu9wmFa9-6E_ik9slLxhbrGjJ3E35XPalENpHr8UtwNJsbJeUJbxHnfYjZGrQMVAbqA_t2Qya0vwQirwfTSSm8TQAdu7PqfbASeqhVBN58aMj9GeO9dCxpX3uzrEdhGT2AyxXyM38gSYreI8AARAIaTQjzuW3CiZuRbwNIHQZpmTlKg-Dg9o9m39VNgeqYMIfO2YBpDRkUiFyYhIFyMrGqGsjNBx57LnveasWEsNxyQzh35TA57mjGoQR2MZdxp2oaYiA7GPn9E5CwnjxBzUfZjJunZf0oXSzqLQ445Asi56I23N6FhZ9gdTfoLcdC0QVTeKk
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 45EA 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
cta.png
s0.2mdn.net/sadbundle/17997949217469595437/img/ Frame 45EA 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17997949217469595437/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17997949217469595437/styles.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49634132caabf3caaca30bcff27250d740de056b1662ab1e5b3dffd01a2e7646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17997949217469595437/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 17 Feb 2022 06:00:47 GMT
x-content-type-options
nosniff
age
487021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1258
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 22:21:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Feb 2023 06:00:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B37F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaRkPq0rsDhpaCPBO6t1jfw3ZApn5fKLz2-0Q6E2SMqbmWMn9ku2fsmhzTNTZ-mYhRCueduFWqID8ROCeiimyKj-dIhQY9Y3F-mqn4YwDSccOLmJnMBNnXLT_WwU146tOwhGLeYXfWqh7iTzSbtR71vgMQkglW--g6tgpX_PKOskcgNoQfO17KkBU1d3vtK1501-IAWZr_xBc5FfbN9rOsFJG2KsId1KDj41zxYE4Y0Llr-WWnkeuO7pyogoD5AiXRUNYWB1CpT806F6j55PneHYoceIxzAIuXtypITAwnnGDvlo8KSJTfvELzAPWqiMw-e2KJljjjQmhAVK9el5srYx5-3hoFXLsZfKPSXePQUKzsgQ8nI4TE7x_XrwemtVqZMrhlXsE32CwilmemhDQTtBebu--1XM-pMcuLfT66Uu3p2uOdU3Ze3ukrcX93Hlm8pLajZYMd9DAj_vnbj7XRXmDxJPmb89-QjkbZR9THlybBfEF4mMxXefFRlevy3iL2S2MsIurhSKs92C9yHt0MpoEDjnNugcW3Nfpi6-yMLNQIJTm_EBn95Skfm8i8I7jgC3o301qeOfhlj00AdtAs9rY5fEaM1ueOIA8jD2TsBXu8h69IUAjPCRPJJbQr0q605Cd6V_15D52qr2DNePoTLvR3Q36VVshcqkQ6uHmHLJL0ijkOhR4jkhkYtQD1C98QL6-a9vCHipPbS7iYgy7bpjzYfvGnH65Q-V1rCaEWwd97sMb7tDa6z58XvzMQxqJOlZ9MPbA7rTnZNi70T2rwtENZBuQDPlnR5uI-Fus4RSQCQTO9RICC9xq8MIhLeoA2vdXgyR5GS09RxZ5Nupm1YMWycrIJz6iFBfqNfCFMlYvrdrMJ7XRAibxIuTfL-8_oqy3fKYDlfgRMMt_Pom3CZMuOEC8I3sE4yRuvHhc_Oajo3NcZcY6pcIvGsRqed2vr6X6Gk33YdsJSLCtCQl0tqiPX8KhxloXJPnlWQWRRC9RHjYuqWClK597YB7U-lGb5sWwMizjIAjujIAklXqYoPCUm74K62yIV1HZetHSQLM205u_tEkAqVotT6hl6OUWVy069a-3sw72FZkjyKW-Ej1_NNslxY8FBHgMBnG9t8YmIXaYy5CPKIDslg6g&sai=AMfl-YSn7UPaiWvZ1VX7lkh2_i-3zMeVQR0KTVQWkpPIEIJfJ2mfcFlRztTLVzksK5qmPaiQC2NGqpNrkKXdtV-CpH2P-KpZKQ7gbosuOSyR6vUeUcoNj26PKM0NfFSV-nsH2alQsyR6rVr5k5-xdGuHu_ghbTR8Z8upNKnlxnc&sig=Cg0ArKJSzHnnISBwvLEJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=350&vt=11&dtpt=174&dett=3&cstd=174&cisv=r20220217.36227&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: rentry.co
URL: https://rentry.co/8zstt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Feb 2022 21:17:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
n.js
geo.moatads.com/ Frame B37F 		84 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=533790699&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHJ%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frentry.co&lp=https%3A%2F%2Frentry.co&t=1645564668940&de=219244950477&m=0&ar=944fd8091a1-clean&iw=851bb61&q=2&cb=0&ym=0&cu=1645564668940&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=27214649%3A4440622%3A327794175%3A166227153&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=15727680145&zMoatDBMIOID=25816111&zMoatDBMCreaID=405602059&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Frentry.co%2F&id=0&ii=3&bo=rentry.co&bd=rentry.co&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A267%3A267%3A0%3A328&jk=-1&jm=-1&fs=196859&na=1088668526&cs=0&ord=1645564668940&jv=547988151&callback=DOMlessLLDcallback_36693322
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.223.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-223-149.eu-west-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
90691db3fd9149349ae814031eaebe324b6d9f3ab6d7e794fadc526170f71003

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:49 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"74335e65d62cb76dff44d364671fc7021dd8c1fa"
content-length
84
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ Frame B37F 		197 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Frentry.co%2F&pcode=havasfrorangedcmdisplay758646212611&ord=1645564668940&jv=609767849&callback=BrandSafetyNadoscallback_36693322
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
b72894dd6f88b97f02232e5bc0d3fa1959fd89be7c6cee51b8860e667d89e4a9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:17:49 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"c3b6989c887b2f9200e0f4eb5da4daebf53fa3c1"
content-length
197
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame B37F 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Frentry.co&lp=https%3A%2F%2Frentry.co&t=1645564668940&de=219244950477&m=0&ar=944fd8091a1-clean&iw=851bb61&q=3&cb=0&ym=0&cu=1645564668940&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=27214649%3A4440622%3A327794175%3A166227153&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=15727680145&zMoatDBMIOID=25816111&zMoatDBMCreaID=405602059&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Frentry.co%2F&id=0&ii=3&bo=rentry.co&bd=rentry.co&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=havasfrorangedcmdisplay758646212611&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A267%3A267%3A0%3A328&jk=-1&jm=-1&fs=196859&na=801317902&cs=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
pixel.gif
px.moatads.com/ Frame B37F 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F17997949217469595437%2Findex.html&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=533790699&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHJ%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Frentry.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Frentry.co&lp=https%3A%2F%2Frentry.co&t=1645564668940&de=219244950477&cu=1645564668940&m=65&ar=944fd8091a1-clean&iw=851bb61&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A267%3A267%3A0%3A328&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=48&cd=0&ah=48&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27214649%3A4440622%3A327794175%3A166227153&bo=rentry.co&bd=rentry.co&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=15727680145&zMoatDBMIOID=25816111&zMoatDBMCreaID=405602059&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&jk=-1&jm=-1&tc=0&fs=196859&na=2027261661&cs=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame B37F 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=48&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=rentry.co&L1id=27214649&L2id=4440622&L3id=327794175&L4id=166227153&S1id=rentry.co&S2id=rentry.co&ord=1645564668940&r=219244950477&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Frentry.co%252F&bedc=1&q=1&BSD=unsafe&BSC=moat_unsafe,gs_sport,gs_sport_soccer,gs_sport_baseball,gv_arms&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.219.40 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame B37F 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=48&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=rentry.co&L1id=27214649&L2id=4440622&L3id=327794175&L4id=166227153&S1id=rentry.co&S2id=rentry.co&ord=1645564668940&r=219244950477&t=bs&os=0&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Frentry.co%252F&bedc=1&q=2&BSD=unsafe&BSC=moat_unsafe,gs_sport,gs_sport_soccer,gs_sport_baseball,gv_arms&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.219.40 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
pixel.gif
px.moatads.com/ Frame B37F 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=533790699&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHJ%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Frentry.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Frentry.co&lp=https%3A%2F%2Frentry.co&t=1645564668940&de=219244950477&cu=1645564668940&m=207&ar=944fd8091a1-clean&iw=851bb61&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=94&lg=1&lh=21&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A267%3A267%3A0%3A328&aa=0&ad=74&cn=0&gk=74&gl=0&ik=74&ic=74&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=48&cd=48&ah=48&am=48&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27214649%3A4440622%3A327794175%3A166227153&bo=rentry.co&bd=rentry.co&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=15727680145&zMoatDBMIOID=25816111&zMoatDBMCreaID=405602059&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=2&jm=-1&tc=0&fs=196859&na=1615492315&cs=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame B37F 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=74&fi=1&apd=195&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=rentry.co&L1id=27214649&L2id=4440622&L3id=327794175&L4id=166227153&S1id=rentry.co&S2id=rentry.co&ord=1645564668940&r=219244950477&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Frentry.co%252F&bedc=1&q=3&BSD=unsafe&BSC=moat_unsafe,gs_sport,gs_sport_soccer,gs_sport_baseball,gv_arms&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.219.40 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame B37F 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=74&fi=1&apd=195&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=rentry.co&L1id=27214649&L2id=4440622&L3id=327794175&L4id=166227153&S1id=rentry.co&S2id=rentry.co&ord=1645564668940&r=219244950477&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Frentry.co%252F&bedc=1&q=4&BSD=unsafe&BSC=moat_unsafe,gs_sport,gs_sport_soccer,gs_sport_baseball,gv_arms&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.219.40 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame B37F 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=74&fi=1&apd=195&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=rentry.co&L1id=27214649&L2id=4440622&L3id=327794175&L4id=166227153&S1id=rentry.co&S2id=rentry.co&ord=1645564668940&r=219244950477&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatADV=8365738&url=https%253A%252F%252Frentry.co%252F&bedc=1&q=5&BSD=unsafe&BSC=moat_unsafe,gs_sport,gs_sport_soccer,gs_sport_baseball,gv_arms&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
URL: https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.219.40 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B37F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8NjFLZedxuCjrxIGPn2KdKlRSvIRjBeFHpl11zTAH4iSwiL0Msn676IP4Kjgxkjpj_6SCI-4CT9Ixo45mXEFC7J0kFqcOBVLDdXbmRr_zhjbEnWKIGw&sai=AMfl-YSWXnUe4rubrD9gv-ed1OAUcP06PNzTNWinp9P3quuj2JDHKqQbp7XrD8LFEk9tLBxfrM-VaV6A7ayKC4r--Zdpsr6pjB3YfTTJ9JI2iovYLAyzM9ddHpmNnDVvaiuy&sig=Cg0ArKJSzNV81IKzysLkEAE&cid=CAASFeRoOpqhcaRA0YUoIvSg3KT5hiQGlA&id=lidar2&mcvt=1000&p=402,315,652,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220216&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3264216144&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645564668152&rpt=322&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame B37F 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=533790699&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHJ%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Frentry.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Frentry.co&lp=https%3A%2F%2Frentry.co&t=1645564668940&de=219244950477&cu=1645564668940&m=1214&ar=944fd8091a1-clean&iw=851bb61&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=94&lg=1&lh=21&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A267%3A267%3A1103%3A328&aa=1&ad=1082&cn=74&gn=1&gk=1082&gl=74&ik=1082&ic=1082&ez=1&co=1082&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=48&ah=1002&am=48&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27214649%3A4440622%3A327794175%3A166227153&bo=rentry.co&bd=rentry.co&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=15727680145&zMoatDBMIOID=25816111&zMoatDBMCreaID=405602059&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196859&na=1753459449&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:50 GMT
pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame B37F 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1002&tet=1082&fi=1&apd=1203&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=rentry.co&L1id=27214649&L2id=4440622&L3id=327794175&L4id=166227153&S1id=rentry.co&S2id=rentry.co&ord=1645564668940&r=219244950477&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatADV=8365738&url=https%253A%252F%252Frentry.co%252F&bedc=1&q=6&BSD=unsafe&BSC=moat_unsafe,gs_sport,gs_sport_soccer,gs_sport_baseball,gv_arms&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.219.40 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:50 GMT
pixel.gif
px.moatads.com/ Frame B37F 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=533790699&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHJ%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Frentry.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Frentry.co&lp=https%3A%2F%2Frentry.co&t=1645564668940&de=219244950477&cu=1645564668940&m=1214&ar=944fd8091a1-clean&iw=851bb61&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=94&lg=1&lh=21&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A267%3A267%3A1103%3A328&aa=1&ad=1082&cn=1082&gn=1&gk=1082&gl=1082&ik=1082&ic=1082&ez=1&co=1082&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=1002&ah=1002&am=1002&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27214649%3A4440622%3A327794175%3A166227153&bo=rentry.co&bd=rentry.co&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=15727680145&zMoatDBMIOID=25816111&zMoatDBMCreaID=405602059&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196859&na=1440012000&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:50 GMT
pixel.gif
px.moatads.com/ Frame B37F 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HAVAS_FR_ORANGE_DCM_DISPLAY1&ol=533790699&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHJ%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-5ZHC8H1EcAEJWg%3D%3D&sc=1&os=1-pQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=970&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Frentry.co%2F&id=0&ii=3&f=1&j=https%3A%2F%2Frentry.co&lp=https%3A%2F%2Frentry.co&t=1645564668940&de=219244950477&cu=1645564668940&m=1215&ar=944fd8091a1-clean&iw=851bb61&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=94&lg=1&lh=21&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A267%3A267%3A1103%3A328&aa=1&ad=1082&cn=1082&gn=1&gk=1082&gl=1082&ik=1082&ic=1082&ez=1&co=1082&cp=1002&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1002&cd=1002&ah=1002&am=1002&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A2000sec%3Acontinuous&cl=0&at=0&d=27214649%3A4440622%3A327794175%3A166227153&bo=rentry.co&bd=rentry.co&gw=havasfrorangedcmdisplay758646212611&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=FR&zMoatADV=8365738&zMoatDBMCampID=15727680145&zMoatDBMIOID=25816111&zMoatDBMCreaID=405602059&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jk=5&jm=-1&tc=0&fs=196859&na=1178302815&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-226-64.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:50 GMT
pixel.gif
havasfrorangedcmdisplay758646212611.s.moatpixel.com/ Frame B37F 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://havasfrorangedcmdisplay758646212611.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1002&tet=2088&fi=1&apd=2209&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=rentry.co&L1id=27214649&L2id=4440622&L3id=327794175&L4id=166227153&S1id=rentry.co&S2id=rentry.co&ord=1645564668940&r=219244950477&t=civ&os=1&fi2=1&div1=1&ait=0&zMoatADV=8365738&url=https%253A%252F%252Frentry.co%252F&bedc=1&q=7&BSD=unsafe&BSC=moat_unsafe,gs_sport,gs_sport_soccer,gs_sport_baseball,gv_arms&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.58.219.40 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-58-219-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Feb 2022 21:17:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
Apache
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Feb 2022 21:17:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?SyhD9Q

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone function| gtag object| dataLayer function| $ function| jQuery object| bootstrap string| pgGeo string| pgDevice object| regeneratorRuntime object| googletag object| pbjs object| _pbjsGlobals object| apstag undefined| wrapperActive object| pgPluginManager object| pgLoader object| pgGeoBidderExcludes object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ID5 object| PublisherCommonId object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

16 Cookies

Domain/Path Name / Value
.rentry.co/ Name: _ga
Value: GA1.2.1657694779.1645564668
.rentry.co/ Name: _gid
Value: GA1.2.1333585711.1645564668
.rentry.co/ Name: _gat_gtag_UA_102083007_1
Value: 1
rentry.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rentry.co/ Name: _pubcid
Value: 8979d05c-4859-45d9-a9c3-b5e8b8c47e83
rentry.co/ Name: cto_bidid
Value: tBtL419YRU81ZFZzN0JBakZSVWpRUlJPRiUyQjRaNmhTeTI4VUNoVDBNaSUyRmtKSFRPSFBUVVNYU1VQUnhydThUNWdHNTgwekVsYzQlMkJ6SzBZS2hHdXp1U1J3bSUyRnhRJTNEJTNE
rentry.co/ Name: cto_bundle
Value: GWBnwV9GVG9BS2Z0WGxXRUR6NTJlRlREeCUyQjVmVng3M0s1SUZtWDRKQk94M2t2b0lqazklMkZhbDhZWk96QWx1VTJxJTJGTUF0UW5sWUxySmd4TmVpNkhPYnN3ZlBacGFkdk1NMERCbllUUGtZNXM4blBVWkw5OTh2SWNlN2k4SWVXSTBYSVIxMg
.rentry.co/ Name: __gads
Value: ID=fd2829000682eaf0-2243b6c84acd006a:T=1645564667:S=ALNI_MYe0vcd7TO3hP6VvphX6TsMLWVAgA
.doubleclick.net/ Name: IDE
Value: AHWqTUnviy6g0VMI2GSBB8MdJJqmEg8H5jVJbPbsQJN9Yrjvf1KYd9B1K1wSx5KOsHM
.adnxs.com/ Name: uuid2
Value: 4798546998549263975
.casalemedia.com/ Name: CMPS
Value: 1216
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In4t[!Y0!]tbPl1M>e)ZlrFUfJ+tGXxo]Sj_N[SMR#a<Yi(8AjuYdI.xUgZsjv%A!y7H3If)y3KL9D3I?+G%TqK>
.casalemedia.com/ Name: CMST
Value: YhVS-GIVUvwA
.casalemedia.com/ Name: CMID
Value: YhVS-B1LQFreml4puLwRSwAA
.casalemedia.com/ Name: CMPRO
Value: 1148
.casalemedia.com/ Name: CMRUM3
Value: 2d621552fc2760CAESECz8pFSjeMpT4dgzUkVHqJY

1 Console Messages

Source Level URL
Text
javascript warning URL: https://z.moatads.com/havasfrorangedcmdisplay758646212611/moatad.js(Line 134)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
c.amazon-adsystem.com
cdn.id5-sync.com
cm.g.doubleclick.net
dsh7ky7308k4b.cloudfront.net
dsum-sec.casalemedia.com
fcf1b95694a27eeb336e139516960e77.safeframe.googlesyndication.com
geo.moatads.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
havasfrorangedcmdisplay758646212611.s.moatpixel.com
ib.adnxs.com
id5-sync.com
mb.moatads.com
mug.criteo.com
pagead2.googlesyndication.com
px.moatads.com
rentry.co
s0.2mdn.net
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
tpc.googlesyndication.com
104.111.219.144
142.250.185.194
142.250.185.226
143.204.101.202
143.204.95.188
178.250.2.146
185.33.221.90
23.58.219.40
2a00:1450:4001:801::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a02:2638::1c
34.252.133.182
35.177.223.149
46.105.202.126
51.158.178.115
51.89.7.199
72.247.225.98
72.247.226.64
032bd03f00859cbb41357f02a680186e0acacc68eb320ee562690bda1b4b720d
04afaf3e313518c8e4ed7a32f87193d29292d17c31106a045caf209f18902307
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f1e31d197fbbf008b19ffaf62195cbc52f1cd661a5d944df0c21b4f50eaa171
10264eaaf84c488d10de8447c002cac916c91ca1a54997a630859631361dc9fa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
19a077968b352d6601016b76ad7b220b3de2db2ae2d13294b139ddc039031209
1ee8e0976dd2573237ad94a3e213715084ddec16b20e77c8e43de5e89f9ef052
21294e61d01277b6a544b022ac14733e2c921ca8dfd7cd6242c95a1247158151
246b530340b17dd4727103b366aa71840b59b5c3b1965cbf76ebd03c48f0dbd5
251115b83ef08114b65b87bdc42a035dc5208b127ecfead6492ec5ac7b449d51
281fc3f05b79726187e4024bf34398b14a19ac617206d98c77ab28820ba2bc39
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
33685e0552d6dde5163a22558998f88807afbbac4df14efac987cdbcaff4144f
33d3335857f967d4f9b2dbb66496ee2d1a1586cdb3f1a4591f72d08c11a082ed
352048ba2c4ac407de2ff368d3a9813d65b71e9a81dc27e1ec8d89986ec2f68b
3cadd5ea3f746dc36d2b58613cfe99c75ac6f6121a4da0b36a293573f232aef2
45d4ba1fed08f603b2e01c6b4decdcde9e805f05978488c4d10b733eb04f1147
49634132caabf3caaca30bcff27250d740de056b1662ab1e5b3dffd01a2e7646
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525ea5ea46d65e2f4c5c1f3b64a6c329833ba0afc84534c68f33c6759c6d458a
5274206974a264d388d56235a6bf20fb09bd8b6ecb8f341f785d1a50745c58d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b9794842e89dcec3790d21b95acce36c08673d4162e745dc440e6766534ed53
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6590b02b9827bb82486b05d18ef28cd0c915ada4d2da5ff350cbf25afd32b05b
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3120fa6afc061fb16eb647a6255b81894673d6659e64488147d951ac685ffc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745ee1be279be778b99e5c193df4d39f7e1014fa7aa35c2602e9f71d5a6e3499
76118cff4cbf2b189ff38bb5b709b545045bc51c618042724566d2158775407b
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
78ea6d7806beda2d76bb7d9abb14b034ad476a897376c270aefcf40a2f49316c
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
8121938975bc27038fcfd98357a05877b3de824ebf0a57791979324e1fb2315a
85f9b3868ce1bfaf386ed00ed4dcb4ef320c7a9a758025cd703f2e82bd616cd4
8afe61c33ffe48d431b803d6701b45443d34462779f90cb0f86bc4aec099228d
90691db3fd9149349ae814031eaebe324b6d9f3ab6d7e794fadc526170f71003
90f18b704016a9d6d9fa44baa7d05c07294fec298180a219f403e7402bc453a7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5410315be26040e1d3a52b16b0e0756a3f339d29f3aef98394bc1b79d0fff57
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8390ffdd404b9b31db598136642770da0dfd17c82e6bba8d2195722c5ccccf3
ab0a14167bf111ac08308b497fe9f827aac48fa43c8553e1a0a209e053399d59
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b72894dd6f88b97f02232e5bc0d3fa1959fd89be7c6cee51b8860e667d89e4a9
b77020488f09e5b6b9da7339cdd1afad509d1c656792555301d2b24968144ad8
c618343ed48a9c28f562581c15a741659ce24598d912fdd6ffd90fa085c23f66
cf270a27aec72d6d60f71684857ea58df1f6fc3600a5ee9ac84b71014628ffbc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d44b84e0471d9d1ac53ce061c9becfa720931b7364c7b55a6325d03859781782
d76522c0748502535923350b203ee6c00eff5a5e3047d209ea075cd6db47a369
d80ac49abab042ae287f372c48fa785b56d6faa4090bf05ecbc78f5d65f02b04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e305217aedbb800239d44c960dbad8d94d9773e428a35141221d54e5bb9691