rentry.co Open in urlscan Pro
164.132.58.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/9aLDZ7pk0p
Effective URL:
https://rentry.co/etn37k
Submission: On December 26 via manual (December 26th 2023, 4:05:23 pm UTC) from PL — Scanned from PL

Summary HTTP 166 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 71 IPs in 10 countries across 60 domains to perform 166 HTTP transactions. The main IP is 164.132.58.105, located in France and belongs to OVH, FR. The main domain is rentry.co. The Cisco Umbrella rank of the primary domain is 287267.
TLS certificate: Issued by R3 on October 24th 2023. Valid for: 3 months.

This is the only time rentry.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1 2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
4	164.132.58.105 164.132.58.105	16276 (OVH) (OVH)
1	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
7	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
2	64.227.34.52 64.227.34.52	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	104.22.74.216 104.22.74.216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	18.173.232.200 18.173.232.200	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.57 108.157.4.57	16509 (AMAZON-02) (AMAZON-02)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.248.90 18.66.248.90	16509 (AMAZON-02) (AMAZON-02)
1	104.22.52.173 104.22.52.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.67.69.19 172.67.69.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1	54.171.10.251 54.171.10.251	16509 (AMAZON-02) (AMAZON-02)
1	161.35.94.188 161.35.94.188	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	104.26.9.169 104.26.9.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
3 8	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	213.19.162.61 213.19.162.61	3356 (LEVEL3) (LEVEL3)
10	54.246.183.131 54.246.183.131	16509 (AMAZON-02) (AMAZON-02)
1	52.49.9.132 52.49.9.132	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.153.78 172.64.153.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.4.69 104.22.4.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
3 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	104.22.5.69 104.22.5.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.17 178.250.1.17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	213.19.162.67 213.19.162.67	3356 (LEVEL3) (LEVEL3)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
4	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
8	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.25 178.250.1.25	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.248.39 18.66.248.39	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.217.75.240 54.217.75.240	16509 (AMAZON-02) (AMAZON-02)
1 2	81.17.55.108 81.17.55.108	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.248.22 18.66.248.22	16509 (AMAZON-02) (AMAZON-02)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	3.222.121.73 3.222.121.73	14618 (AMAZON-AES) (AMAZON-AES)
2 2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	54.228.167.94 54.228.167.94	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.66 69.166.1.66	27630 (AS-XFERNET) (AS-XFERNET)
1 1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1 1	34.195.62.158 34.195.62.158	14618 (AMAZON-AES) (AMAZON-AES)
1	3.64.26.145 3.64.26.145	16509 (AMAZON-02) (AMAZON-02)
1 1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	34.247.233.198 34.247.233.198	16509 (AMAZON-02) (AMAZON-02)
3 3	18.195.59.169 18.195.59.169	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 1	52.86.3.95 52.86.3.95	14618 (AMAZON-AES) (AMAZON-AES)
2	54.228.140.66 54.228.140.66	16509 (AMAZON-02) (AMAZON-02)
1 1	54.162.155.223 54.162.155.223	() ()
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
2 2	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
2 2	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.153.163 124.146.153.163	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
4 4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 4	5.196.111.73 5.196.111.73	16276 (OVH) (OVH)
1 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1 1	91.228.74.168 91.228.74.168	16509 (AMAZON-02) (AMAZON-02)
1	18.154.63.24 18.154.63.24	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 2	52.210.118.155 52.210.118.155	16509 (AMAZON-02) (AMAZON-02)
166	71

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 164.132.58.105 (France)

ASN16276 (OVH, FR)
PTR: vps-c3e1e24a.vps.ovh.net

rentry.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.227.34.52 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-16.buysellads.com

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.74.216 (None, )

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.232.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-232-200.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-57.dus51.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.173 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.10.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-10-251.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.35.94.188 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-16.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.9.169 (None, )

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.246.183.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.9.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-9-132.eu-west-1.compute.amazonaws.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

buysellads-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.78 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.4.69 (None, )

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.5.69 (None, )

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.67 (United Kingdom)

ASN3356 (LEVEL3, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-39.dus51.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.75.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-75-240.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.108 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-22.dus51.r.cloudfront.net

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.121.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-121-73.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.167.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-167-94.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.62.158 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-62-158.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.26.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-26-145.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.59.169 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-59-169.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.3.95 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-3-95.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.140.66 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-140-66.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.162.155.223 (None, ) 1 redirects

ASN- ()

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.163 (Miyado, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands) 4 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.196.111.73 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip73.ip-5-196-111.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.168 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-24.dus51.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.118.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-118-155.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10017 token.rubiconproject.com — Cisco Umbrella Rank: 461 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946	63 KB
14	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	182 KB
12	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1524 usersync.gumgum.com — Cisco Umbrella Rank: 1858 rtb.gumgum.com — Cisco Umbrella Rank: 1472	4 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	52 KB
11	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2371 public.servenobid.com — Cisco Umbrella Rank: 5655	8 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	162 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478 acdn.adnxs.com — Cisco Umbrella Rank: 610	26 KB
8	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1657 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	4 KB
7	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
7	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 776 ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 18794 gum.criteo.com — Cisco Umbrella Rank: 424	28 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com Failed s.amazon-adsystem.com — Cisco Umbrella Rank: 285	79 KB
7	imgur.com i.imgur.com — Cisco Umbrella Rank: 7364	401 KB
5	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793	18 KB
4	creativecdn.com 4 redirects creativecdn.com — Cisco Umbrella Rank: 564	2 KB
4	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
4	openx.net 2 redirects buysellads-d.openx.net — Cisco Umbrella Rank: 39373 u.openx.net — Cisco Umbrella Rank: 672 us-u.openx.net — Cisco Umbrella Rank: 491	1 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 931 api.btloader.com — Cisco Umbrella Rank: 1000	21 KB
4	rentry.co rentry.co — Cisco Umbrella Rank: 287267	334 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	1 KB
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 835 ap.lijit.com — Cisco Umbrella Rank: 650	1 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1673 a.ad.gt — Cisco Umbrella Rank: 1869	5 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 714	406 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1628 mp.4dex.io — Cisco Umbrella Rank: 2346	25 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1601	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	129 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1018	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	34 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 28340	166 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	2 KB
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773	425 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	243 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	507 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	692 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 501	576 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 925	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	1 KB
1	media.net 1 redirects hbx.media.net — Cisco Umbrella Rank: 1215	287 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	35 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1557	274 B
1	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 751	234 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 951	399 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	735 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2453	370 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1750	134 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 6250	526 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	269 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3655	680 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 21550	713 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1790	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	17 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	241 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	83 KB
1	t.co t.co — Cisco Umbrella Rank: 589	668 B
0	unrulymedia.com Failed sync.targeting.unrulymedia.com Failed
166	60

	Domain	Requested by
10	usersync.gumgum.com	g2.gumgum.com
10	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ssbsync.smartadserver.com ssum-sec.casalemedia.com
8	static.criteo.net	ads.eu.criteo.com cdn4.buysellads.net static.criteo.net
8	eus.rubiconproject.com	t.co eus.rubiconproject.com cdn4.buysellads.net public.servenobid.com g2.gumgum.com
7	securepubads.g.doubleclick.net	cdn4.buysellads.net securepubads.g.doubleclick.net t.co www.googletagservices.com b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com
7	i.imgur.com	rentry.co
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	rtb-csync.smartadserver.com	2 redirects ssbsync.smartadserver.com
4	creativecdn.com	4 redirects
4	cm.g.doubleclick.net	3 redirects g2.gumgum.com
4	secure.adnxs.com	2 redirects b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com secure.adnxs.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com tpc.googlesyndication.com
4	ib.adnxs.com	1 redirects cdn4.buysellads.net acdn.adnxs.com
4	rentry.co	t.co rentry.co
3	s.amazon-adsystem.com	1 redirects ssbsync.smartadserver.com ssum-sec.casalemedia.com
3	x.bidswitch.net	3 redirects
3	ssum-sec.casalemedia.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	ads.pubmatic.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com
3	gum.criteo.com	secure.adnxs.com static.criteo.net gum.criteo.com
3	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	ad.doubleclick.net	1 redirects rentry.co ads.eu.criteo.com
3	api.btloader.com	btloader.com
3	c.amazon-adsystem.com	cdn4.buysellads.net c.amazon-adsystem.com
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	match.adsrvr.org	g2.gumgum.com ssum-sec.casalemedia.com
2	c1.adform.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	pr-bh.ybp.yahoo.com	g2.gumgum.com ssum-sec.casalemedia.com
2	us-u.openx.net	2 redirects
2	ads.betweendigital.com	2 redirects
2	ups.analytics.yahoo.com	public.servenobid.com
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	www.googletagservices.com	securepubads.g.doubleclick.net b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com
2	b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	id.hadron.ad.gt	cdn.hadronid.net
2	fastlane.rubiconproject.com	cdn4.buysellads.net
2	prg.smartadserver.com	cdn4.buysellads.net
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
2	ad-delivery.net	rentry.co
2	cdn4.buysellads.net	rentry.co t.co
2	www.google.com	1 redirects tpc.googlesyndication.com
1	ad.turn.com	1 redirects
1	s.ad.smaato.net	ssbsync.smartadserver.com
1	cms.quantserve.com	1 redirects
1	tg.socdm.com	1 redirects
1	rtb.gumgum.com	g2.gumgum.com
1	bh.contextweb.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	hbx.media.net	1 redirects
1	match.sharethrough.com	public.servenobid.com
1	ssp.disqus.com	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	ap.lijit.com	public.servenobid.com
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	u.openx.net	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	widget.nl3.eu.criteo.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	beacon-ams3.rubiconproject.com	rentry.co
1	ads.eu.criteo.com	t.co
1	a.ad.gt	cdn.hadronid.net
1	mp.4dex.io	cdn4.buysellads.net
1	buysellads-d.openx.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	hbopenbid.pubmatic.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	t.co
1	cdn.hadronid.net	t.co
1	tags.crwdcntrl.net	t.co
1	secure.cdn.fastclick.net	t.co
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	btloader.com	cdn4.buysellads.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	rentry.co
1	t.co
0	sync.targeting.unrulymedia.com Failed	public.servenobid.com
0	aax.amazon-adsystem.com Failed	c.amazon-adsystem.com
166	95

This site contains links to these domains. Also see Links.

Domain
t.me
direct-link.net
link-hub.net
link-center.net

Subject Issuer	Validity	Valid
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-10-14`	a year	crt.sh
rentry.co R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
cdn4.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-14` - `2024-11-14`	a year	crt.sh
btloader.com GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-12-08` - `2025-01-05`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2023-12-01` - `2025-01-01`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://rentry.co/etn37k
Frame ID: F7A8389BE22DB16D00050E517BF8BF8C
Requests: 60 HTTP requests in this frame

Frame: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46330D45510FCE5C6F856CA4698C6B9D
Requests: 1 HTTP requests in this frame

Frame: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 34F443FF582BF02B2D39E320D7E81AC9
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstafd4cE4tfC8eJD7rYL3dDxTOleLQAez-svr-Wh6Ed7fKxAExBW8RgDZZn0jWe6PZ-co0u1iIXgOwfnqgtwKfLyYtKNtfwQi0YPZxHmfj2TaXFLg9htdtto_n1LMSRS4sLPe5irA9Z1XTMCR4JyTna4uWXndHu3R478ixkRwspNX3JRBVBcZIbgJUlX1nHiY4jrYtvVUSkgCCchlZI0KQb2lVp0FJ3cQqY_MwFNc6FZNrvWpSaYQyhNhsTYiug-X3MoqcMcjZe6mNplp1VkGBvigp1bDoYDyQbuuOqscC-muA99FLExh0Dip1K-Bqt10J-66pHnLe95r6lt5l-rDjKzT9PD8Afd3qaKdw_&sai=AMfl-YRKPHTnAa6oqTKe4V8CYZUm5KIlJsfnsKheL0J-3I0yCx19PVsQsq1ePT4DScxrlPQfhzaFerOAeEwgYWqVK0T1cnDSuslQJD_zb69Ss1A-2rqfZgUwDaghjVtaDYCwPWBTEp0vadAM0bku54CO952F&sig=Cg0ArKJSzMdd92uGnynCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: DEBF0761CCBE2B14C8824733808F7F9C
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CoQmY4bSZfOXXetnJpotpCO4WDOsktWSxxdgm81j2HGs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eJPEIuBRSK_qkhLLPoVVKNp7NubVRVw3FSpnsdOrxTiKxop4Oc4YGmxK84p4qjDq6s5TVRZh3UKbgswKwI45EmY3Od7p8DUKvuv7Q3zshlIhzXmr3sIKdXrsSxZ4YiR4jvyZva5LL5j8aTP4kfjqpHuYuSXopFuAsroGlnCuTuak6BNWkCqJSSKXJpvgCy_Zi4KmBJmlO3A_Ye__1igKuW3wMayUOYOHiIuNMX1ARAF2b0DJkJybazk6UVqT5JFfmjob4EVzNULaphO7Cx6XImAUkAtIL_aDxDxqv0wGvOXxYR_-HF87TZzJnJh3kvAXhPI57KcUbebfDiW66Xn0NOfHop6QLR1MqUMx2C4yXAx8p_T1hONXCAAxqnOgfv93TCY1YwU_zmZhSgutmHtg0ake6jX-_7ocJVOXumjSVKG6O0UMNhv3PrCR8i9XcJEP0WXz4kuSmrLxdzmV_uYd77fRTbbt3Qdwb0kq5fWwN-fjYMK-bvUz7pW3M1wYWRLO0GfyxP5z4e7XBWFXoaOYsl5JNLx_w3wXc_AzFis0Tb49eE8a4itQaSlQWV1_QnpYYIOe6ATGKv6SW7KQnXWDME96yvkDQc-c6GSAixrjTeOtE5xHj-RhvFY
Frame ID: 427FD2E4A38A2183D13249ADAA55B305
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pl
Frame ID: 7F30C26E1B43772C5D77AB7D6B98470B
Requests: 3 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=23496&cb=658af9bfbfa4d85eef5538c951cf0500&r=https%3a%2f%2frentry.co%2f&crossorigin=false
Frame ID: 6C4FB7F478356DE812108148C4E040AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 845719CC82FE53AA5A0A38442CE8C009
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9665A081F371E9C4F5A4987168675461
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rentry.co
Frame ID: 0AD3F9F25BD9CB088F04AE45A1943196
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8629FC0C5848B78FEEEE1FA98B26D239
Requests: 13 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1A807AA96D0D5AC2085DBF7EADCB0E26
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5010A8CD8E14C03A406660F2111A8062
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1703606718093
Frame ID: 8A444C9146702B76BDA2884DE1427992
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Frame ID: EAA37D71E290DED4BDFE8369DAB00AAC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B345EA4CB7D59742695A4611AFF5B785
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: A22148A63400F848E1062F4AA42AF9D5
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 1088ED44F9A103EB3F456EF8F18D5168
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 975238E545BC6A0400607F2B7C3A92A1
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 0A1043EE70DDDEF446F5B43EB8A89AC7
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 755480BB3D0EC2B2B480DD89DF3DFC28
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: AC1B934410B2F9B170A2DF730746351A
Requests: 1 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 89A476E32A10D1E70D555928F3ABCAD9
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: C854927542EFDD6FE67844F15B8510CB
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: DDE6B05CDA0CD1595B5C0E2A8A655D62
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=7125116538528406502&gdpr=0&gdpr_consent=
Frame ID: 8988EFD922E4F83AD0B21ABF5A552F2D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80ZTJiNGZiOS1mZmE1LTQyYmQtOThkNy1jNjUwNWViMTIxMzA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 3D0DA214DE4F1C6FCB05A16C675845CF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A7D4B600C2BDC441D3157F27DBE5F8BB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: EE8F4AE3BADEC87583C761041A6AABBF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZYr5wsCo8X8AANSkKKEAAAAA
Frame ID: 6B7C4F58E4CE1EBC75128CF0D056C0AC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=gumgum&tc=1
Frame ID: D1483EFB9CCF72558899B98294105323
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 917753A33260172E6CA4A1DF8973BDAF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JOIN TELEGRAM FOR MORE LEAKS !!!

Page URL History Show full URLs

https://t.co/9aLDZ7pk0p Page URL
https://www.google.com/url?q=https://rentry.co/etn37k&sa=U&ved=2ahUKEwjo48iB4PKCAxUSQfEDHfclBV0QFno... HTTP 302
https://rentry.co/etn37k Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

166
Requests

83 %
HTTPS

0 %
IPv6

60
Domains

95
Subdomains

71
IPs

10
Countries

1869 kB
Transfer

4096 kB
Size

68
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/+VmAcUYSapDFiMjc0
Title: https://t.me/+VmAcUYSapDFiMjc0

Search URL Search Domain Scan URL

URL: https://direct-link.net/503399/s2civ
Title: https://direct-link.net/503399/s2civ

Search URL Search Domain Scan URL

URL: https://link-hub.net/503399/idcd5
Title: https://link-hub.net/503399/idcd5

Search URL Search Domain Scan URL

URL: https://link-hub.net/503399/daiwo2
Title: https://link-hub.net/503399/daiwo2

Search URL Search Domain Scan URL

URL: https://link-hub.net/503399/hb3938
Title: https://link-hub.net/503399/hb3938

Search URL Search Domain Scan URL

URL: https://direct-link.net/503399/9c4re
Title: https://direct-link.net/503399/9c4re

Search URL Search Domain Scan URL

URL: https://link-center.net/503399/ukdgu
Title: https://link-center.net/503399/ukdgu

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/9aLDZ7pk0p Page URL
https://www.google.com/url?q=https://rentry.co/etn37k&sa=U&ved=2ahUKEwjo48iB4PKCAxUSQfEDHfclBV0QFnoECAAQAg&usg=AOvVaw3T0gXMLtvq2x5fqUSKroaJ HTTP 302
https://rentry.co/etn37k Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=856469904&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstaHfyFilyOMGuP-oBtOjLTXKtE5elyHkOEzfCzn_jiLw35-03uVyAEyFQD1ejjfrDwvl6dwXjUwBdm5ugMmGL8jigyw8sHOMZsb2w0CufzzEIzMfEO0bRCV1ZHiL6_DGrbKiGN4ZH6hqRX7R-GFkyQD4YfpHneK12vFn45lHU_d2wCkK6lP4POV7EXL_jPkSRvxGmN2zGGfx_dLFQ2e-3lC986vdWYSMhktbwwJp__1ifWu9glj3VIIHS4Y_ppdW7weN4y9bC1rli-akU9a_wMUnsk9PqZGIoAdU3Ew7KIzMlSt0IHdU-2VyDTaoNqYfT6h0YUvygXexFWl8JugTDM030y0w%2526sai%253DAMfl-YTe6USohKeaE00kgflpF38NCcZg_ETurVyinontWLm-_CtMg8DCcRZKKwGViVzO57D7IUQkrg25w3_3ghOcMP5XfE5aUBFchyOGbrZbB90VmPWSP12vv0XTPAvA3QbBflUUE-rwPl3FhrROWJ0vVRI0%2526sig%253DCg0ArKJSzA7ojAwI6mm2EAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D HTTP 307
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D856469904%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstaHfyFilyOMGuP-oBtOjLTXKtE5elyHkOEzfCzn_jiLw35-03uVyAEyFQD1ejjfrDwvl6dwXjUwBdm5ugMmGL8jigyw8sHOMZsb2w0CufzzEIzMfEO0bRCV1ZHiL6_DGrbKiGN4ZH6hqRX7R-GFkyQD4YfpHneK12vFn45lHU_d2wCkK6lP4POV7EXL_jPkSRvxGmN2zGGfx_dLFQ2e-3lC986vdWYSMhktbwwJp__1ifWu9glj3VIIHS4Y_ppdW7weN4y9bC1rli-akU9a_wMUnsk9PqZGIoAdU3Ew7KIzMlSt0IHdU-2VyDTaoNqYfT6h0YUvygXexFWl8JugTDM030y0w%252526sai%25253DAMfl-YTe6USohKeaE00kgflpF38NCcZg_ETurVyinontWLm-_CtMg8DCcRZKKwGViVzO57D7IUQkrg25w3_3ghOcMP5XfE5aUBFchyOGbrZbB90VmPWSP12vv0XTPAvA3QbBflUUE-rwPl3FhrROWJ0vVRI0%252526sig%25253DCg0ArKJSzA7ojAwI6mm2EAE%252526fbs_aeid%25253D%2525255Bgw_fbsaeid%2525255D%252526urlfix%25253D1%252526adurl%25253D

Request Chain 75

https://ad.doubleclick.net/ddm/trackimp/N1045814.4596154FORTUNA_RTB_CRIT/B29781391.365433653;dc_trk_aid=556445730;dc_trk_cid=190686658;dcopt=anid;ord=658af9bfbfa4d85eef5538c951cf0500;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1045814.4596154FORTUNA_RTB_CRIT/B29781391.365433653;dc_pre=CPbc5sq9rYMDFa-k_Qcddf8LYg;dc_trk_aid=556445730;dc_trk_cid=190686658;dcopt=anid;ord=658af9bfbfa4d85eef5538c951cf0500;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;ltd=

Request Chain 111

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 112

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 117

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=8261042503554613779

Request Chain 118

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=H4ulvRZHK4XbxXc_RZS54tHG

Request Chain 120

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1703606722042 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=4886031076 HTTP 302
https://sync.1rx.io/usersync/turn/2373448323688716063?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003

Request Chain 121

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5107433831766403445

Request Chain 123

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

Request Chain 125

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-fabc0039-fe15-376f-a917-ae5fd6f3e664

Request Chain 128

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 131

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=8261042503554613779

Request Chain 132

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-4545382951941998709 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=196d5fa7-57da-5268-bfff-363ada75cff8&ssp=gumgum2&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=56a8a755-b767-4565-ab41-9eec03166b08&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 133

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=83288910-57b9-4d4e-9a1d-ec2242981291

Request Chain 134

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-a9110db1-21ff-502f-507d-f10553f947ce$ip$146.70.85.183

Request Chain 136

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=f70bedb7-ea69-4a1c-9b77-be010ce35680

Request Chain 138

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&s=2&us_privacy=1--- HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=IxFLLybwqr7SqUiQRfOD&gdpr=0&us_privacy=1---

Request Chain 139

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://rtb.gumgum.com/usersync?b=pln&i=ZXh9c5hsk85k&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

Request Chain 140

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=8767036722878620993

Request Chain 142

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=adf&i=7125116538528406502&gdpr=0&gdpr_consent=

Request Chain 146

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZYr5wsCo8X8AANSkKKEAAAAA

Request Chain 147

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=gumgum&tc=1

Request Chain 148

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 151

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6852712272259458456&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6852712272259458456&gdpr=0&gdpr_consent=&dcc=t

Request Chain 152

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cL3YxCCxg5drsYWcfuvNwSPt0ZxrvtCcIr4ZlSa0

Request Chain 154

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=Njg1MjcxMjI3MjI1OTQ1ODQ1Ng==&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFrHCphjsBkHhqjGX-SZJxU&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYr5wSeY7NXPRPGR3esQNAAABLoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPqD9VqhCDD2885pqhQcSPA&google_cver=1

Request Chain 158

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYr5wSeY7NXPRPGR3esQNAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKRxRut_IyfF_y6zmCKFsJU&google_cver=1

Request Chain 159

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210&tc=1

Request Chain 160

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2877851481954211615

Request Chain 162

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZYr5wSeY7NXPRPGR3esQNAAA%261210?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZYr5wSeY7NXPRPGR3esQNAAA%261210

166 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 9aLDZ7pk0p
t.co/ 599 B
668 B 439ms
225ms Document
text/html 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/9aLDZ7pk0p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 296
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 16:05:11 GMT
expires: Tue, 26 Dec 2023 16:10:12 GMT
perf: 7469935968
server: tsa_f
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: da3d097f0e71e8d3610cab1f7630ac4247eadb1d034178a4d67c271c33cd18fe
x-response-time: 120
x-transaction-id: 09f962cdb78c2145
x-xss-protection: 0

GET
H2

200

Primary Request etn37k Show response
rentry.co/
Redirect Chain

https://www.google.com/url?q=https://rentry.co/etn37k&sa=U&ved=2ahUKEwjo48iB4PKCAxUSQfEDHfclBV0QFnoECAAQAg&usg=AOvVaw3T0gXMLtvq2x5fqUSKroaJ
https://rentry.co/etn37k

12 KB
4 KB

2195ms
2007ms

Document
text/html

164.132.58.105
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/etn37k

Requested by

Host: t.co
URL: https://t.co/9aLDZ7pk0p

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

164.132.58.105 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-c3e1e24a.vps.ovh.net

Software

nginx /

Resource Hash

f2b9f47f0c5945f03942252ea9accb0181d5b59fd252b673a2b9684a24bc7e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.co/9aLDZ7pk0p
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: Vary
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 16:05:15 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Cookie
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 221
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-oyrOSFn5_Kvfg7xUazBKjw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
date: Tue, 26 Dec 2023 16:05:13 GMT
location: https://rentry.co/etn37k
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 bootstrap.min.css
rentry.co/static/css/ 183 KB
183 KB 180ms
180ms Stylesheet
text/css 164.132.58.105
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/static/css/bootstrap.min.css?v=85

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

164.132.58.105 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-c3e1e24a.vps.ovh.net

Software

nginx /

Resource Hash

61e8688f22e02c37c5bde65939c83586fdaf2cadc4e338f93c220ba6177895a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/etn37k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 22 Dec 2023 14:21:38 GMT
server: nginx
etag: "65859b72-2da61"
content-type: text/css
cache-control: max-age=315360000, Vary
accept-ranges: bytes
content-length: 186977
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
83 KB 604ms
107ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9b497dc5424842bacc4aef064f1660b103b94409b2b3342afc491a1691ba205c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Dec 2023 16:05:16 GMT

GET
H2 200 TNDTXQg.jpg
i.imgur.com/ 52 KB
52 KB 276ms
92ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/TNDTXQg.jpg

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5ed139bb7ff0388f108ed5ad558503fdc2d99e42e2971d1a023cc705634d2fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:15 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 1092224
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 53307
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-eddf8230136-FRA
last-modified: Thu, 14 Dec 2023 00:41:31 GMT
server: cat factory 1.0
x-timer: S1703606716.877823,VS0,VE2
etag: "20015483a2a694830adbab1059e5fd01"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rLkzAUoNnkn3_pQZwfoSaXT8UOfm7A3IFOgmZMHzEYT3a6rrkBirkQ==
x-cache-hits: 0, 1

GET
H2 200 XnmdHkU.jpg
i.imgur.com/ 51 KB
52 KB 275ms
92ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/XnmdHkU.jpg

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

376fc49f062be27f0789c6faad9e8fe4f2fa765168ef4c055056790685fd977e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:15 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 1091956
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 52439
x-served-by: cache-iad-kiad7000114-IAD, cache-fra-eddf8230136-FRA
last-modified: Thu, 14 Dec 2023 00:46:00 GMT
server: cat factory 1.0
x-timer: S1703606716.877827,VS0,VE2
etag: "2380d10617b92c40cf8cc0c955faa864"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: fgnb12PzwBzH2FSNVNNDiRw-KKON1_lcln7mwoUHZnu9yMjPYZV4rg==
x-cache-hits: 0, 1

GET
H2 200 NzgJVFn.jpg
i.imgur.com/ 61 KB
62 KB 203ms
202ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/NzgJVFn.jpg

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

365f7ad4141bdce4556f3d7698cedb2bae67ad82164ac92594d0c31dc3df4787

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 1092545
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 62958
x-served-by: cache-iad-kjyo7100178-IAD, cache-fra-eddf8230136-FRA
last-modified: Thu, 14 Dec 2023 00:36:12 GMT
server: cat factory 1.0
x-timer: S1703606716.181097,VS0,VE12
etag: "96dff0d8a3a4ba3707109503764a29d1"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: qPhNRdlxw70ALecwrp8v-zkHs-KuligHDyP-8Uyzb7pF348vDGY27w==
x-cache-hits: 0, 1

GET
H2 200 b50kHVc.jpg
i.imgur.com/ 75 KB
75 KB 100ms
99ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/b50kHVc.jpg

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8d4d6bbbb88ff7cffc85747f5d795db197a1509c4014e0edb9822a27f6cfc042

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1091823
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 76833
x-served-by: cache-iad-kjyo7100151-IAD, cache-fra-eddf8230136-FRA
last-modified: Thu, 14 Dec 2023 00:48:13 GMT
server: cat factory 1.0
x-timer: S1703606716.183380,VS0,VE2
etag: "ccf8478d578ed8c17c4219dd67c3e2a8"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: dGD0XNY8YUIYCIRDGocbXF2ic_DXVLi57698alaJ9bHNmhu4AyGbwQ==
x-cache-hits: 0, 1

GET
H2 200 Nfn4jPb.jpg
i.imgur.com/ 55 KB
56 KB 100ms
99ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Nfn4jPb.jpg

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

afa02674d77a2d288843af306e463bcfafed935601c641867dd9b6ca4fa44ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-C4
age: 1091659
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 56541
x-served-by: cache-iad-kjyo7100134-IAD, cache-fra-eddf8230136-FRA
last-modified: Thu, 14 Dec 2023 00:50:57 GMT
server: cat factory 1.0
x-timer: S1703606716.183165,VS0,VE2
etag: "e5735e7932000fbc6dc46130803ae0b4"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kxGyksqZv-_7WGSFg0aPi8DWLgaO2nPGUxhCHwlHCbMDjKT5e4VG1A==
x-cache-hits: 0, 1

GET
H2 200 IhdbBUc.jpg
i.imgur.com/ 54 KB
55 KB 100ms
99ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/IhdbBUc.jpg

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

649c1cd423de6b4a14b03f95db34e71cae73b7a36f2ca556da160ee92aaf468b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1093142
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 55350
x-served-by: cache-iad-kiad7000021-IAD, cache-fra-eddf8230136-FRA
last-modified: Thu, 14 Dec 2023 00:26:15 GMT
server: cat factory 1.0
x-timer: S1703606716.181699,VS0,VE2
etag: "b6d41ad2c9103a0cfd544a2602d1d578"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 03JRLRhFW_cp7cZiWI4jIyRNLzdYg-o0CK69l01qy6R4Gww-Sq7Pyw==
x-cache-hits: 0, 1

GET
H2 200 ZYRGeK4.jpg
i.imgur.com/ 49 KB
50 KB 203ms
202ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZYRGeK4.jpg

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9587c0fd7e71a24d365c3cc16b9194f54bbb64104914f6e5dbb443a1143965ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1093247
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 50449
x-served-by: cache-iad-kjyo7100058-IAD, cache-fra-eddf8230136-FRA
last-modified: Thu, 14 Dec 2023 00:24:29 GMT
server: cat factory 1.0
x-timer: S1703606716.181718,VS0,VE13
etag: "33f91170d2a826d95b31521f07cb8648"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5HMwcK8e-I-wvgSY14JsTLfEPuFhmNZy3RdqlzTni7hHH6Bsascc0A==
x-cache-hits: 592, 1

GET
H2 200 jquery.min.js Show response
rentry.co/static/js/ 90 KB
90 KB 188ms
187ms Script
application/javascript 164.132.58.105
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/static/js/jquery.min.js?v=21

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

164.132.58.105 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-c3e1e24a.vps.ovh.net

Software

nginx /

Resource Hash

4c1add9ba5d6cde3a03149a022b61163b35c4d5c738cf32470e7e7bd611e4ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/etn37k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 22 Dec 2023 14:21:38 GMT
server: nginx
etag: "65859b72-166ee"
content-type: application/javascript
cache-control: max-age=315360000, Vary
accept-ranges: bytes
content-length: 91886
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
rentry.co/static/js/ 57 KB
57 KB 328ms
327ms Script
application/javascript 164.132.58.105
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/static/js/bootstrap.min.js?v=21

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

164.132.58.105 , France, ASN16276 (OVH, FR),

Reverse DNS

vps-c3e1e24a.vps.ovh.net

Software

nginx /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/etn37k
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 22 Dec 2023 14:21:37 GMT
server: nginx
etag: "65859b71-e2d8"
content-type: application/javascript
cache-control: max-age=315360000, Vary
accept-ranges: bytes
content-length: 58072
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rentryco.js Show response
cdn4.buysellads.net/pub/ 568 KB
157 KB 451ms
93ms Script
application/javascript 64.227.34.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Requested by: Host: rentry.co
URL: https://rentry.co/etn37k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.227.34.52 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: d2deb47649911be8fcc33f1ec7f00bb7145f5b9397a4fde60b7a6057e4b00b59

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:16 GMT
cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: gzip
server: //srv.buysellads.com
etag: dd96bcda3bf44cd0c057d9e8e54f5b953581641b
vary: Accept-Encoding
content-type: application/javascript

GET
DATA 200
OK truncated
/ 791 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78daf8a337041a3e8240c58112d63d7e83facca3051114f405c0c0b548f53f4a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 603ms
105ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LLFSDKZXET&gtm=45je3bt0v9167303359&_p=1703606716140&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=83615316.1703606716&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703606716&sct=1&seg=0&dl=https%3A%2F%2Frentry.co%2Fetn37k&dr=https%3A%2F%2Ft.co%2F&dt=JOIN%20TELEGRAM%20FOR%20MORE%20LEAKS%20!!!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3718
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rentry.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
btloader.com/ 61 KB
20 KB 571ms
88ms Script
application/javascript 104.22.74.216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.74.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe6e2898990a83b040a1efd0ed00d6c26a037442ec5dd9e9fab0939c4516b31

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:17 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 26 Dec 2023 15:49:39 GMT
server: cloudflare
age: 869
etag: "73159a3d00db03c0601d7c6f96f8aeea"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 83ba907fbcd85be5-FRA
content-length: 20526

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 540ms
167ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c388175ef682bf2160854c326a92adf551670e8497b41895cc1ed02e1556bbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29099
x-xss-protection: 0
server: cafe
etag: 163 / 19717 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 16:05:17 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
71 KB 249ms
88ms Script
application/javascript 18.173.232.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.232.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-232-200.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:03:08 GMT
content-encoding: gzip
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 49d84581801ea6dd3f53c478c337f294.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, DUS51-P3
age: 130
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 8ajW8aJOLiLc4RrusPO7jZls-aFYm3DaU7Ez1R5Ao_t5SjzHq5osmA==

GET
H2 200 747b8b51-ec47-4dee-9823-b2b73124b71f Show response
config.aps.amazon-adsystem.com/configs/ 564 B
839 B 228ms
73ms Script
application/javascript 108.157.4.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/747b8b51-ec47-4dee-9823-b2b73124b71f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-57.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: ef64e7c3d412632ea80b232ead035864ffbdf876021cf5e346ed04a22c2ec351

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 15:26:15 GMT
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P2
age: 2342
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: zbtwXUni0mqSnP47pRxFodHvGe7DrTW24krVn4NE7aMVOlmKnRMK1w==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 81ms
81ms XHR
application/json 18.173.232.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frentry.co&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.232.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-232-200.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 8e84fd9436924a2ecdb5162c25581384a82fca487b3b99f0d4d598a03a939c75

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 11:35:42 GMT
via: 1.1 49d84581801ea6dd3f53c478c337f294.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P3
age: 16174
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://rentry.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2198
x-amz-cf-id: IIabcNBfpyLVrWEg1-L4LDJaLusT2QJuWp1xx9aNM_IWl1uaWqBE_A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 217ms
73ms XHR
application/javascript 18.173.232.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.232.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-232-200.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 0baf1ead12437b81a88e40a9597ce61a.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 06:03:46 GMT
x-amz-cf-pop: DUS51-P3
age: 36091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: K90xmtYtPCAbJmMXjMol3vQD940r1ksJgwOUgv22yorEXOtdeGUydw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 227ms
77ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: t.co
URL: https://t.co/9aLDZ7pk0p
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:17 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Tue, 26 Dec 2023 16:20:17 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 241ms
87ms Script
text/javascript 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: t.co
URL: https://t.co/9aLDZ7pk0p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:40:54 GMT
content-encoding: gzip
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 51864
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: gyAAaJzVq5eXlK8W1USt1sKS40-fYNF0vxrbBH1AM8IeyY8i7s2WOg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 570ms
103ms Script
application/javascript 104.22.52.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Frentry.co%2Fetn37k&ref=https%3A%2F%2Ft.co%2F&_it=amazon&partner_id=617
Requested by: Host: t.co
URL: https://t.co/9aLDZ7pk0p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.52.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:17 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 1664
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 83ba908279fd9b76-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 612ms
113ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: t.co
URL: https://t.co/9aLDZ7pk0p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: PZ8K52NGS77B5CM4
age: 2972
etag: W/"7229163a9092e2cee472ddee92dcb6ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83ba9082c91f6ade-FRA
x-amz-id-2: 1kNc4rfbsoiqKZYCxjZkL5WeE7Iksm5gINRHfAd0K+3VixrDGVOpT7FynZOj8JP1WQMYGqm6zjU=

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 408ms
208ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 16:05:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
904 B 620ms
107ms Image
image/gif 172.67.69.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: rentry.co
URL: https://rentry.co/etn37k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1074969
x-guploader-uploadid: ABPtcPoCjHZz2Z_km5VaYiqzKu4s5KfgqgWdpKHaYGvXeoKl6M7Je-UrhCbADCxmlAWOMNfMc7zVfUcYnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGirTxCQBzD3i0O3Rh6kJsuvPIMvitXhFIdDV3K2Z8yNMbee1lafnoKmz1KJ1RFdAKxCQFCXgy48vu3ZhAyNQhkgCtGmVIv7JHj27El6k80zXJVlK1wGp9Kh0NnjII%2BOtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 83ba9083af339a2d-FRA
expires: Thu, 14 Dec 2023 05:43:37 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 281ms
79ms Image
image/x-icon 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 04:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Dec 2023 04:01:09 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
328 B 637ms
125ms Image
image/gif 172.67.69.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.30655091964939585
Requested by: Host: rentry.co
URL: https://rentry.co/etn37k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1074969
x-guploader-uploadid: ABPtcPoCjHZz2Z_km5VaYiqzKu4s5KfgqgWdpKHaYGvXeoKl6M7Je-UrhCbADCxmlAWOMNfMc7zVfUcYnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grsc978Qo%2BEeaI3afhVccIJ8Rj7Rv5smOMfJ%2BuElHNyv1N91jOCmU%2BVkOVnuGBeOX1%2FD2h9uiQMIc3zMWAE3wR%2F2WrgnBsibBPx912WCDV%2BMw9UY8KUrLXxpS0ly6d7cTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 83ba9083af309a2d-FRA
expires: Thu, 14 Dec 2023 05:43:37 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 96ms
96ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 10:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21041
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 25 Dec 2024 10:14:36 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 386ms
123ms XHR
application/json 54.171.10.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.10.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-10-251.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 990dfb5623828d35db11eef5b908cebac5d497a8da64f5019d5a337e5d4116c6

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://rentry.co
cache-control: no-cache
x-server: 10.45.28.228
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 CWYI653E.json Show response
srv.buysellads.com/ads/ 1 KB
713 B 310ms
105ms Fetch
application/json 161.35.94.188
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CWYI653E.json?forcebanner=520363&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.94.188 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 3f9bc5c5c9ca1c9a1b41e6eb8d89fa757bc596205d3a79e073707896bec60560

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 576

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1009 B 589ms
90ms Script
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 16:05:18 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2537430
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDRwgjCyFmtgtYUi97WtmmbZgcDuV2iMjzClH9208blOVnmUay48gtRbHKznCO8a7UKNk%2FSZuWp%2B7%2FRzbrpdlveiKCuED0%2BkyGCQWB347gdfu2M%2Fl%2Bk4nwfmY9GWlDZz"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 83ba9085a82765ae-FRA

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
551 B 515ms
221ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:17 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://rentry.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
551 B 539ms
224ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://rentry.co
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
577 B 261ms
88ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:18 GMT
an-x-request-uuid: 8bcbc3d8-ce82-4265-ad64-7596e6fec211
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rentry.co
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
188 B 541ms
92ms XHR
text/plain 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=52121196793&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rentry.co
date: Tue, 26 Dec 2023 16:05:18 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
109 B 261ms
97ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rentry.co
date: Tue, 26 Dec 2023 16:05:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
406 B 271ms
88ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://rentry.co
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 622ms
149ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=521336&zone_id=3136010&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,17669,1,,,&rf=https%3A%2F%2Frentry.co%2Fetn37k&tg_i.domain=rentry.co&tg_i.page=https%3A%2F%2Frentry.co%2Fetn37k&tg_i.ref=https%3A%2F%2Ft.co%2F&tg_i.pbadslot=%2F8691100%2FRentryco_S2S_FixedFooter_ROS%23bsa-zone_1699624989460-1_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=5b55bdd0-3fb1-4dc7-a598-a62c1a942259&l_pb_bid_id=19fd1a68788d4eb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5b55bdd0-3fb1-4dc7-a598-a62c1a942259&rp_maxbids=1&p_gpid=%2F8691100%2FRentryco_S2S_FixedFooter_ROS%23bsa-zone_1699624989460-1_123456&slots=1&rand=0.591126417239827
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5caff645584109b5e778ed7a312a2d615a0537921dd3a03cfe64874ea85597a8

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://rentry.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
3 KB 626ms
154ms XHR
application/json 213.19.162.61
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=521336&zone_id=3136010&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!buysellads.com,17669,1,,,&rf=https%3A%2F%2Frentry.co%2Fetn37k&tg_i.domain=rentry.co&tg_i.page=https%3A%2F%2Frentry.co%2Fetn37k&tg_i.ref=https%3A%2F%2Ft.co%2F&tg_i.pbadslot=%2F8691100%2FRentryco_S2S_TopLeaderboard_ROS%23bsa-zone_1700727262982-7_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=af29cbe1-6b3a-4df3-b1dc-aaae43a8895f&l_pb_bid_id=20bd8b45b18186e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=af29cbe1-6b3a-4df3-b1dc-aaae43a8895f&rp_maxbids=1&p_gpid=%2F8691100%2FRentryco_S2S_TopLeaderboard_ROS%23bsa-zone_1700727262982-7_123456&slots=1&rand=0.23718883772797872
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2f7f546cff4a8306df59c3220452b4de147c95c880514ce95aba25969ebf54ab

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://rentry.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 92 B
421 B 388ms
121ms XHR
application/json 54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=9944
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4721b4c33ec7d93ccce846769c32aa9d0acced0f1891236a49d8704621a3d142

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://rentry.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 712 B
680 B 447ms
136ms XHR
application/json 52.49.9.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Frentry.co%2Fetn37k&PageUrl=https%3A%2F%2Frentry.co%2Fetn37k&PageReferrer=https%3A%2F%2Ft.co%2F&CanonicalUrl=https%3A%2F%2Frentry.co%2Fetn37k

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.9.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-9-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c1546885fdb4a57fc7ce503432f9071b263ff4053abefab84f778d1acd7ab60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
via: kong/2.8.4
x-content-type-options: nosniff
content-encoding: gzip
x-kong-proxy-latency: 0
x-kong-upstream-latency: 18
pragma: no-cache
access-control-max-age: 3600
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://rentry.co
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

GET
H2 200 arj Show response
buysellads-d.openx.net/w/1.0/ 72 B
364 B 301ms
111ms XHR
application/json 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://buysellads-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Frentry.co%2Fetn37k&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5b55bdd0-3fb1-4dc7-a598-a62c1a942259%2C5b55bdd0-3fb1-4dc7-a598-a62c1a942259%2Caf29cbe1-6b3a-4df3-b1dc-aaae43a8895f%2Caf29cbe1-6b3a-4df3-b1dc-aaae43a8895f&nocache=1703606717826&schain=1.0%2C1!buysellads.com%2C17669%2C1%2C%2C%2C&aus=970x90%7C728x90%7C970x90%7C728x90&divids=bsa-zone_1699624989460-1_123456%2Cbsa-zone_1699624989460-1_123456%2Cbsa-zone_1700727262982-7_123456%2Cbsa-zone_1700727262982-7_123456&aucs=%252F8691100%252FRentryco_S2S_FixedFooter_ROS%2523bsa-zone_1699624989460-1_123456%2C%252F8691100%252FRentryco_S2S_FixedFooter_ROS%2523bsa-zone_1699624989460-1_123456%2C%252F8691100%252FRentryco_S2S_TopLeaderboard_ROS%2523bsa-zone_1700727262982-7_123456%2C%252F8691100%252FRentryco_S2S_TopLeaderboard_ROS%2523bsa-zone_1700727262982-7_123456&auid=541023048%2C541001000%2C541023048%2C541001000
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e896a8ce744aa2af9c50e2bfb9937d7586bf3cc9349d4c6006084a781453889e

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://rentry.co
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
565 B 671ms
173ms XHR
application/json 172.64.153.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Tue, 26 Dec 2023 16:05:18 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1699624989460-1_123456, Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1700727262982-7_123456
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rentry.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83ba9085c93d367a-FRA
expires: 0

GET bid
aax.amazon-adsystem.com/e/dtb/ 0
0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 103 B
291 B 196ms
196ms XHR
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=617&sync=0&domain=rentry.co&url=https://rentry.co/etn37k
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Frentry.co%2Fetn37k&ref=https%3A%2F%2Ft.co%2F&_it=amazon&partner_id=617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a9ac39a48107869997a75aa6b0dd3bd7f5d69bee1fba9d12bc84838d066a02d

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 83ba90875c143815-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 661ms
187ms Preflight
application/json 104.22.4.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=617&sync=0&domain=rentry.co&url=https://rentry.co/etn37k
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.4.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://rentry.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83ba90861a963815-FRA
content-length: 0
content-type: application/json
date: Tue, 26 Dec 2023 16:05:18 GMT
debug: OPTIONS block
expires: Wed, 25 Dec 2024 16:05:18 GMT
server: cloudflare

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 209ms
208ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 187959d04f4bbdff91cc6516d102411dd0d518941d7d7fa5b3cce29ae7954ff8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 208ms
208ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=2BI8e1cpt&w=5123465689956352&o=5102648370397184&cv=2.1.26&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Frentry.co%2Fetn37k&sid=VwklHzFo&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5102648370397184&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 16:05:18 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 635ms
142ms Fetch
application/javascript 104.26.9.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.9.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 16:05:18 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2537365
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yRFLoJMHPY43gbUshsFQ6dObqGel8RZ3hpPKBHk3fNw%2Fbx5US%2FZdWdJMiOOKiFqu1O8mzTfRp4n1mlAdNr1o2p8iOALOMcC1KoAGiTBO127EQ3Xog3KfmzpWpkXXmAd"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 83ba90898ac391d1-FRA

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
16 KB 157ms
157ms Fetch
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2172583532326751&correlator=3281245126403778&eid=31079926%2C31080121&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=8691100%2CRentryco_S2S_FixedFooter_ROS%2CRentryco_S2S_TopLeaderboard_ROS&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%7C970x90%7C980x90%7C990x90%2C728x90%7C970x90%7C980x90%7C990x90%7C468x60&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703606718511&lmt=1703606718&adxs=-12245933%2C238&adys=-12245933%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frentry.co%2Fetn37k&ref=https%3A%2F%2Ft.co%2F&vis=1&psz=1600x-1%7C728x60&msz=0x-1%7C728x60&fws=640%2C0&ohw=0%2C0&ga_vid=83615316.1703606716&ga_sid=1703606719&ga_hid=1765376403&ga_fc=true&dlt=1703606715659&idt=2116&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1699624989460-1_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D970x90%26hb_pb%3D0.00%26hb_creative%3D2149%253A11147779%26hb_adid%3D3752eea1f613c72%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.00%26hb_size_rubicon%3D970x90%26hb_pb_rubicon%3D0.00%26hb_adid_rubicon%3D3752eea1f613c72%26hb_bidder_rubicon%3Drubicon%7Coptimize_ad_unit_id%3Dbsa-zone_1700727262982-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26hb_size%3D970x90%26hb_pb%3D0.01%26hb_creative%3D2149%253A11147779%26hb_adid%3D38b91b8490b593%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.01%26hb_size_rubicon%3D970x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D38b91b8490b593%26hb_bidder_rubicon%3Drubicon&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Drentryco%26optimize_xp%3Da&adks=3236564155%2C919434119&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

98ef8e736f6c3913f2c10e4da30f3cc39fb6a1702c15ed59ff1e2acbd3e59a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15914
x-xss-protection: 0
google-lineitem-id: 5320060794,5936457971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138305491763,138383341084
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rentry.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 645ms
148ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f5fe3ffc9787b2b41ed3251fa926ade233db204c6cc9a4556374417792481b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12359
x-xss-protection: 0

GET
H2 200 container.html Show response
b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4633 6 KB
3 KB 639ms
118ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 16:05:19 GMT
expires: Wed, 25 Dec 2024 16:05:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 34F4 6 KB
3 KB 467ms
119ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 16:05:19 GMT
expires: Wed, 25 Dec 2024 16:05:19 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEBF 0
0 134ms
133ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstafd4cE4tfC8eJD7rYL3dDxTOleLQAez-svr-Wh6Ed7fKxAExBW8RgDZZn0jWe6PZ-co0u1iIXgOwfnqgtwKfLyYtKNtfwQi0YPZxHmfj2TaXFLg9htdtto_n1LMSRS4sLPe5irA9Z1XTMCR4JyTna4uWXndHu3R478ixkRwspNX3JRBVBcZIbgJUlX1nHiY4jrYtvVUSkgCCchlZI0KQb2lVp0FJ3cQqY_MwFNc6FZNrvWpSaYQyhNhsTYiug-X3MoqcMcjZe6mNplp1VkGBvigp1bDoYDyQbuuOqscC-muA99FLExh0Dip1K-Bqt10J-66pHnLe95r6lt5l-rDjKzT9PD8Afd3qaKdw_&sai=AMfl-YRKPHTnAa6oqTKe4V8CYZUm5KIlJsfnsKheL0J-3I0yCx19PVsQsq1ePT4DScxrlPQfhzaFerOAeEwgYWqVK0T1cnDSuslQJD_zb69Ss1A-2rqfZgUwDaghjVtaDYCwPWBTEp0vadAM0bku54CO952F&sig=Cg0ArKJSzMdd92uGnynCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: t.co
URL: https://t.co/9aLDZ7pk0p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 26 Dec 2023 16:05:18 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame DEBF 26 KB
9 KB 105ms
104ms Script
application/javascript 64.227.34.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: t.co
URL: https://t.co/9aLDZ7pk0p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.227.34.52 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-ldn-16.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:18 GMT
cache-control: public, max-age=600, stale-while-revalidate
content-encoding: gzip
server: //srv.buysellads.com
etag: 196270e7fcc49a0af36f5d62866c973b3ad33942
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEBF 203 KB
65 KB 712ms
112ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 16:05:19 GMT

GET
H2 200 617 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 686ms
103ms Script
application/javascript 104.22.5.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/617?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Frentry.co%2Fetn37k&ref=https%3A%2F%2Ft.co%2F&_it=amazon&partner_id=617
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.5.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b891e4cf111559d892395379aaf8df44e5a3742cb21dadbe77e94a8a8268146

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 26 Dec 2023 16:04:19 GMT
server: cloudflare
age: 60
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 83ba908c393f37da-FRA

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 427F 52 KB
20 KB 594ms
82ms Document
text/html 178.250.1.17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CoQmY4bSZfOXXetnJpotpCO4WDOsktWSxxdgm81j2HGs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eJPEIuBRSK_qkhLLPoVVKNp7NubVRVw3FSpnsdOrxTiKxop4Oc4YGmxK84p4qjDq6s5TVRZh3UKbgswKwI45EmY3Od7p8DUKvuv7Q3zshlIhzXmr3sIKdXrsSxZ4YiR4jvyZva5LL5j8aTP4kfjqpHuYuSXopFuAsroGlnCuTuak6BNWkCqJSSKXJpvgCy_Zi4KmBJmlO3A_Ye__1igKuW3wMayUOYOHiIuNMX1ARAF2b0DJkJybazk6UVqT5JFfmjob4EVzNULaphO7Cx6XImAUkAtIL_aDxDxqv0wGvOXxYR_-HF87TZzJnJh3kvAXhPI57KcUbebfDiW66Xn0NOfHop6QLR1MqUMx2C4yXAx8p_T1hONXCAAxqnOgfv93TCY1YwU_zmZhSgutmHtg0ake6jX-_7ocJVOXumjSVKG6O0UMNhv3PrCR8i9XcJEP0WXz4kuSmrLxdzmV_uYd77fRTbbt3Qdwb0kq5fWwN-fjYMK-bvUz7pW3M1wYWRLO0GfyxP5z4e7XBWFXoaOYsl5JNLx_w3wXc_AzFis0Tb49eE8a4itQaSlQWV1_QnpYYIOe6ATGKv6SW7KQnXWDME96yvkDQc-c6GSAixrjTeOtE5xHj-RhvFY

Requested by

Host: t.co
URL: https://t.co/9aLDZ7pk0p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a791a70d4028d91ca9afea513073e62b24eafe40e8f64fdee138f8fa666859eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 16:05:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=b_p-B8oqAP0pbGpIJmkg4Bt-P-NWjpMlxXv8YQ2Dw7XWoh-iKGGkUf-P9V0uoRaO9UvgDcqh7TSNRZ8AAV1O8Ndh2ugXWYLrfErCDuTZIcSgG9yj9mv9FsvfZMo0WfyHGwzgq_8rbqoSeGkf-IWicQy4GVOovxhI9w_SveCRZJIlRyFKNbhJzWZO0wisZAIHyJk6igSJWIjlgZuUnZ_r8pgQ96NuggxOD44Xjaoklzfa85UJIZMGep4sLDpfYEg5xH0zyiMbrow7c2fL"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3600250
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7F30 281 B
555 B 347ms
116ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pl
Requested by: Host: t.co
URL: https://t.co/9aLDZ7pk0p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Dec 2023 16:05:19 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 75dd332a-83a8-40f3-933c-89ec56463d9d
beacon-ams3.rubiconproject.com/beacon/d/ Frame DEBF 43 B
227 B 652ms
74ms Image
image/avif 213.19.162.67
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/75dd332a-83a8-40f3-933c-89ec56463d9d?oo=0&accountId=18812&siteId=521336&zoneId=3136010&sizeId=55&e=6A1E40E384DA563B5C6B371E102F6E07AB764B1533729BE39268BB357245D6878A97B78505883594E25B8980802BD778D4336ADFDC3ED570569FFB81AB480E5CB2509FF21D83DBCAB5477F90E2FCD7EA4A631B35E6147F1F0F5F42AF17FCA6113DC0495CEB9A56EC2947D0E7FF291610A2077121DF39F0FBAD97223093404413BF62E019D3EBB6DC165F9C2A089BE4197AB2BBF933D0AC30A47EFF40D248E87AAF17F9F63727E132AEC199F1EFB7842287A70E1D9CDE8939685138572FB007250F423359D9FBB6B26FC9156B473AE6BAA6DE1FEF4D34FEA26325066414267FD15E59FA9761E80D5EA368BD4CC9495E4C8FFEA06A52C6AED5443F3F78ED42430A336BFCFFD1E6E940D8D62BA1EBF7083FE494D103BE15E604CF6E3263EB8AC773CE885FF95DD3A788DFF861F9414FD29791E928695E72B4B4D14863F6705BEF9A901EEDDFFC23C8C4713690650456ABD52A6B5E3DA0C5CDA17FDFA305BC720CA18B517E071B247242B7C24CB65C7ECEA974E1288FC549FF2B2433416CEDF3E6C2DAC7722F801C0E53A7960FD24BDAA0C172BEA056D5D88D2CB5CC9E64C616A30F676FE7EEEC0D618DC5BCFD9FA7E4139BC8E7EB30F94A754CFBAA0D85E960E88CF5B06C12EA4926A4CCE6E7D573E3AB94AB84926A3B4875F73FB8CD96FDF72E85CAC95CE26EC7C81ACAD1317AF91807BDCA275F588B8A09D8289AEDC57C09A1B294F7AE1C9C32160FF85F2DCD3F4FB5CA0C037B85456AF76ED05E3AFA27B8FF54B614340DA5217AE279C1AB69713492415CDE810F54A5F387488544D073761D7B384F2887B9F3DEE7EF55624EA1F3F7704F1562C90251A3409C083B73D091F648BF2E658F32DB538BB060959CAA0B0D947CBBF6AFFFCAE5E753EC066481552A2A43BC9422A9FDED7FFE6409BE77AD4463C3E6547180977C5ECB78156FBD52CD5CAE534398E1DAD839287AC7426D9C4357D7FAAF77ECEA8F93CD9EFD77731EBDC0D54FF89C6F722D090CB5F4D18A8F2D6CDB53D9B3C1F5DE81124FE2A1F5ADE7934300133C3E00A59AD26C272C28488882898AB121512BE539250F3FF7E8529113D06E1FDD354AE44C83BFA58898408FEBD92F8057B6ED7B1C8B44BF19983DDC2301B161855D5543C4998234B169F03692E8DA798A177D52FC22700C443BC40FD9E8D42B77E3DDD193DD502835649941AB3C7F94386E71D368249A9233784F2282

Requested by

Host: rentry.co
URL: https://rentry.co/etn37k

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.19.162.67 , United Kingdom, ASN3356 (LEVEL3, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:19 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
269 B 371ms
171ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

48fc6f985287b8a5c13c949d4a20dce9b442066d5099ebf1080a2ce9ce0ae79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://rentry.co
date: Tue, 26 Dec 2023 16:05:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7F30 45 KB
13 KB 170ms
169ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pl
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d5cdd518ff40bc4039aac0b166bf3cb41582739b1c778f852a3ae77fa826e0e7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 16:05:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Dec 2023 05:00:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46511
Connection: keep-alive
Content-Length: 13201
Expires: Wed, 27 Dec 2023 05:00:30 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 670ms
181ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 16:05:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 34F4 24 KB
7 KB 577ms
89ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com
URL: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 366455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Dec 2024 10:17:44 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/ Frame 34F4
Redirect Chain

https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=856469904&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstaHfyFilyOMGuP-oBtOjLTXKtE5elyHkOEzfCzn_jiLw35-03uVyAEyFQD1e...
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D856469904%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstaHfyFilyOMGuP-oBtOj...

8 KB
4 KB

67ms
67ms

Script
application/javascript

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D856469904%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstaHfyFilyOMGuP-oBtOjLTXKtE5elyHkOEzfCzn_jiLw35-03uVyAEyFQD1ejjfrDwvl6dwXjUwBdm5ugMmGL8jigyw8sHOMZsb2w0CufzzEIzMfEO0bRCV1ZHiL6_DGrbKiGN4ZH6hqRX7R-GFkyQD4YfpHneK12vFn45lHU_d2wCkK6lP4POV7EXL_jPkSRvxGmN2zGGfx_dLFQ2e-3lC986vdWYSMhktbwwJp__1ifWu9glj3VIIHS4Y_ppdW7weN4y9bC1rli-akU9a_wMUnsk9PqZGIoAdU3Ew7KIzMlSt0IHdU-2VyDTaoNqYfT6h0YUvygXexFWl8JugTDM030y0w%252526sai%25253DAMfl-YTe6USohKeaE00kgflpF38NCcZg_ETurVyinontWLm-_CtMg8DCcRZKKwGViVzO57D7IUQkrg25w3_3ghOcMP5XfE5aUBFchyOGbrZbB90VmPWSP12vv0XTPAvA3QbBflUUE-rwPl3FhrROWJ0vVRI0%252526sig%25253DCg0ArKJSzA7ojAwI6mm2EAE%252526fbs_aeid%25253D%2525255Bgw_fbsaeid%2525255D%252526urlfix%25253D1%252526adurl%25253D

Requested by

Host: b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com
URL: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

93dec2831ec25a966599a6af678f59514311635b9b051b95d6b45d2d4f7f1500

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
an-x-request-uuid: 7d365c4a-abe9-473b-8c94-6307fcff046a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:19 GMT
an-x-request-uuid: 108b2a0f-f1f5-4e02-80f9-2e8bd983e8db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D856469904%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstaHfyFilyOMGuP-oBtOjLTXKtE5elyHkOEzfCzn_jiLw35-03uVyAEyFQD1ejjfrDwvl6dwXjUwBdm5ugMmGL8jigyw8sHOMZsb2w0CufzzEIzMfEO0bRCV1ZHiL6_DGrbKiGN4ZH6hqRX7R-GFkyQD4YfpHneK12vFn45lHU_d2wCkK6lP4POV7EXL_jPkSRvxGmN2zGGfx_dLFQ2e-3lC986vdWYSMhktbwwJp__1ifWu9glj3VIIHS4Y_ppdW7weN4y9bC1rli-akU9a_wMUnsk9PqZGIoAdU3Ew7KIzMlSt0IHdU-2VyDTaoNqYfT6h0YUvygXexFWl8JugTDM030y0w%252526sai%25253DAMfl-YTe6USohKeaE00kgflpF38NCcZg_ETurVyinontWLm-_CtMg8DCcRZKKwGViVzO57D7IUQkrg25w3_3ghOcMP5XfE5aUBFchyOGbrZbB90VmPWSP12vv0XTPAvA3QbBflUUE-rwPl3FhrROWJ0vVRI0%252526sig%25253DCg0ArKJSzA7ojAwI6mm2EAE%252526fbs_aeid%25253D%2525255Bgw_fbsaeid%2525255D%252526urlfix%25253D1%252526adurl%25253D
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34F4 203 KB
64 KB 405ms
282ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com
URL: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 16:05:19 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 318 B
593 B 288ms
93ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

6c973c44edaadc916016b7e9069a231454ed831f54e566d6473ab8c3dd8d84b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rentry.co/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rentry.co
date: Tue, 26 Dec 2023 16:05:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7F30 7 B
380 B 2198ms
369ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 427F 2 KB
1 KB 511ms
67ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CoQmY4bSZfOXXetnJpotpCO4WDOsktWSxxdgm81j2HGs%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eJPEIuBRSK_qkhLLPoVVKNp7NubVRVw3FSpnsdOrxTiKxop4Oc4YGmxK84p4qjDq6s5TVRZh3UKbgswKwI45EmY3Od7p8DUKvuv7Q3zshlIhzXmr3sIKdXrsSxZ4YiR4jvyZva5LL5j8aTP4kfjqpHuYuSXopFuAsroGlnCuTuak6BNWkCqJSSKXJpvgCy_Zi4KmBJmlO3A_Ye__1igKuW3wMayUOYOHiIuNMX1ARAF2b0DJkJybazk6UVqT5JFfmjob4EVzNULaphO7Cx6XImAUkAtIL_aDxDxqv0wGvOXxYR_-HF87TZzJnJh3kvAXhPI57KcUbebfDiW66Xn0NOfHop6QLR1MqUMx2C4yXAx8p_T1hONXCAAxqnOgfv93TCY1YwU_zmZhSgutmHtg0ake6jX-_7ocJVOXumjSVKG6O0UMNhv3PrCR8i9XcJEP0WXz4kuSmrLxdzmV_uYd77fRTbbt3Qdwb0kq5fWwN-fjYMK-bvUz7pW3M1wYWRLO0GfyxP5z4e7XBWFXoaOYsl5JNLx_w3wXc_AzFis0Tb49eE8a4itQaSlQWV1_QnpYYIOe6ATGKv6SW7KQnXWDME96yvkDQc-c6GSAixrjTeOtE5xHj-RhvFY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Dec 2024 16:05:19 GMT

GET
H2 200 adchoices_pl.svg
static.criteo.net/flash/icon/ Frame 427F 2 KB
1 KB 512ms
68ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_pl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

878a83cf7c60ddfa7a76b1c96774db0c81ad197a1b9f75686008b9c6a8aa6f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75a"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Dec 2024 16:05:19 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 427F 308 B
636 B 515ms
71ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 20 Dec 2024 16:05:19 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 427F 293 B
621 B 513ms
69ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 20 Dec 2024 16:05:19 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 427F 43 B
348 B 478ms
69ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=t-CcQ5GjsPXwlQPj4qVtt85EyUE1zWRmnFQa3xcTkoyN1VBH9FsDh1stOR_Ub5iWobzCxvOAK104QWlMjCdLBWiM4iPifDP5-kvHG7Yit5I6XixEiYEk9l1J0Io0f9tg4iehiQPBI5wTyPzv-0hgSgOpkznf7gHbHx9wXD7uCoq5chvK6yHbNQQ4Al8U57iUh2zDvHB0q6wpsn6vzYXOHT6HfqB-Os-2pUmraHoMOAeEaz64RNpYBhuatrCCK5YrV2rzrvEmx6sQ4mjqFCmR_eotd1CkNL-zY8Y9zHMSaC1EDRW4xxBD7HrZRKrzyfzOfICSEHPtc2YbABzLYmuhHZFdEEYTlGwU_uxVGhl73KhF0fTSXTcWSJ0W5VuPvyivBMz2rGssklJJVWAfOV4XYUmTCElU6MkpQIn-pKEWdiFXbhfBybG6Isf6Nag6S54ADOhE3Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1725450
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B29781391.365433653;dc_pre=CPbc5sq9rYMDFa-k_Qcddf8LYg;dc_trk_aid=556445730;dc_trk_cid=190686658;dcopt=anid;ord=658af9bfbfa4d85eef5538c951cf0500;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
ad.doubleclick.net/ddm/trackimp/N1045814.4596154FORTUNA_RTB_CRIT/ Frame 427F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1045814.4596154FORTUNA_RTB_CRIT/B29781391.365433653;dc_trk_aid=556445730;dc_trk_cid=190686658;dcopt=anid;ord=658af9bfbfa4d85eef5538c951cf0500;dc_lat=;dc_rdi...
https://ad.doubleclick.net/ddm/trackimp/N1045814.4596154FORTUNA_RTB_CRIT/B29781391.365433653;dc_pre=CPbc5sq9rYMDFa-k_Qcddf8LYg;dc_trk_aid=556445730;dc_trk_cid=190686658;dcopt=anid;ord=658af9bfbfa4d...

42 B
246 B

109ms
108ms

Image
image/gif

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1045814.4596154FORTUNA_RTB_CRIT/B29781391.365433653;dc_pre=CPbc5sq9rYMDFa-k_Qcddf8LYg;dc_trk_aid=556445730;dc_trk_cid=190686658;dcopt=anid;ord=658af9bfbfa4d85eef5538c951cf0500;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;ltd=?

Requested by

Protocol

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1045814.4596154FORTUNA_RTB_CRIT/B29781391.365433653;dc_pre=CPbc5sq9rYMDFa-k_Qcddf8LYg;dc_trk_aid=556445730;dc_trk_cid=190686658;dcopt=anid;ord=658af9bfbfa4d85eef5538c951cf0500;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8b3b06788da447df9db641a7b7ad0682_image_ad_970x90.jpeg
static.criteo.net/design/dt/96129/230104/ Frame 427F 96 KB
97 KB 585ms
141ms Image
image/jpeg 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/96129/230104/8b3b06788da447df9db641a7b7ad0682_image_ad_970x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

32d2e365b695a62058dc1c188ecda56bc244791121885fb9921e1b6898ffbdd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 04 Jan 2023 08:08:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63b533e1-181b9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 98745
expires: Fri, 20 Dec 2024 16:05:19 GMT

GET
H2 200 dis.aspx Show response
widget.nl3.eu.criteo.com/dis/ Frame 6C4F 28 B
472 B 237ms
75ms Document
text/html 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=23496&cb=658af9bfbfa4d85eef5538c951cf0500&r=https%3a%2f%2frentry.co%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 16:05:18 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1141927
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

POST
H2 200 all
csm.eu.criteo.net/ Frame 427F 0
128 B 507ms
64ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=b_p-B8oqAP0pbGpIJmkg4Bt-P-NWjpMlxXv8YQ2Dw7XWoh-iKGGkUf-P9V0uoRaO9UvgDcqh7TSNRZ8AAV1O8Ndh2ugXWYLrfErCDuTZIcSgG9yj9mv9FsvfZMo0WfyHGwzgq_8rbqoSeGkf-IWicQy4GVOovxhI9w_SveCRZJIlRyFKNbhJzWZO0wisZAIHyJk6igSJWIjlgZuUnZ_r8pgQ96NuggxOD44Xjaoklzfa85UJIZMGep4sLDpfYEg5xH0zyiMbrow7c2fL&sds=2&rev=89863&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 16:05:19 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 427F 2 KB
1 KB 439ms
70ms Image
image/svg+xml 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 Dec 2024 16:05:19 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEBF 0
0 902ms
131ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjSlNZfdIvBIHd_ldOyUh789EQooiKQtirWxPZgvC_AGPp02XG5Vkqyqu9BCYiwWWFvYBuuw5BkQhxLLPzLDc2GJZezOQHaq7ubyWF84g-EtASHlgf-saisoWsCLIf4P6qCalD895U4gMIDcwZ5hwVwIGqTxMbLIg4_uBMGHA9ucJcRrI7HdfTG_NZEAMPcm_P89dXFb-V3meJgLpxArNw-zb7llnFbOHaV2PxHPgKWe9PF8ZBTnpw_5L03SKlIBzwKHZz4SYWW6lTkFWFV5txecJF-W1tVOooIvqsHBeiPpIl-b04Y2Ji9yiBdz_03U9bex0uiJEvmrjR03uVzSXXfbxXvIZiKWQOx7LL3Ws&sai=AMfl-YRSPnY_YoTaPDxkOFXglHJ_I9wLz2E61tepZaR635Va61ykvqoUN5z3r85vT6evNq406T6qyiYJZkGL5fBjr-_ti72BFmNMYGq8kWR5zykc5UFFUJMfg5uNIBcARRu8iigCvyLLOvTpz0HYFhy3z9op&sig=Cg0ArKJSzMzizOrZWUKaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 26 Dec 2023 16:05:20 GMT

GET
DATA 200
OK truncated
/ Frame DEBF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cf56a7235740d1afe766af33bafdadb3e275a05ac51980ad93cc9ca5d8b6489

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 34F4 0
0 117ms
116ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIFoIzM-hZ-eXOkOaguuJd9hCEQHQmhPilpK0WsLoxnP-EPneMMdWCkSmZxLoanhBoNQi7AAV0YWWkxk3cod1azLVvJsQJ5QUyps4QXjFicSVavrMshVXF9AY0EFKbsRXP2vpXSAZV2MGLTb09PjcaplouNs0jJXtIzL80e7pIlq22tokF5-aEBZiue92D7LGTjBrkDXq6h0oBuiiRLLpOjhrYxV_i3YBUIPrBmJPdk8kaiU4DT-CWw7HXQMlORsEEtxIAjKJ8yIgCrfYkoI6OYgPopIflSTIuAZrQhC3bAdPOtETcoApN7BaDw2WSdQaAQRDVP27Ph0fJtzOMZnjyIUrsOTzUrQ&sai=AMfl-YSRNVVzbT4Lj7iHQgxEWHYo1dru2RgnLspq1443_AcQDhjrcIMsmMVe-ijJd3-0SXvRdXd5FWKf4aLLM1Z5mNOtqudwMSapSfJ0OXRexkYwyrMKrAinqjbTYSql21yzKzOixGEGWvq7JD3ApJwWqWLF&sig=Cg0ArKJSzHm1Nsuhs-QNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com
URL: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 34F4 51 B
293 B 512ms
76ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=856469904&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstaHfyFilyOMGuP-oBtOjLTXKtE5elyHkOEzfCzn_jiLw35-03uVyAEyFQD1ejjfrDwvl6dwXjUwBdm5ugMmGL8jigyw8sHOMZsb2w0CufzzEIzMfEO0bRCV1ZHiL6_DGrbKiGN4ZH6hqRX7R-GFkyQD4YfpHneK12vFn45lHU_d2wCkK6lP4POV7EXL_jPkSRvxGmN2zGGfx_dLFQ2e-3lC986vdWYSMhktbwwJp__1ifWu9glj3VIIHS4Y_ppdW7weN4y9bC1rli-akU9a_wMUnsk9PqZGIoAdU3Ew7KIzMlSt0IHdU-2VyDTaoNqYfT6h0YUvygXexFWl8JugTDM030y0w%2526sai%253DAMfl-YTe6USohKeaE00kgflpF38NCcZg_ETurVyinontWLm-_CtMg8DCcRZKKwGViVzO57D7IUQkrg25w3_3ghOcMP5XfE5aUBFchyOGbrZbB90VmPWSP12vv0XTPAvA3QbBflUUE-rwPl3FhrROWJ0vVRI0%2526sig%253DCg0ArKJSzA7ojAwI6mm2EAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 920719
expires: 60

GET
H2 200 ttj Show response
secure.adnxs.com/ Frame 34F4 0
646 B 117ms
116ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1703606719&bdh=e41wkck73CPHLrCwOxoCop3M4Pk.&&bdref=https%3A%2F%2Frentry.co%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frentry.co%2F,https%3A%2F%2Fb368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=856469904&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstaHfyFilyOMGuP-oBtOjLTXKtE5elyHkOEzfCzn_jiLw35-03uVyAEyFQD1ejjfrDwvl6dwXjUwBdm5ugMmGL8jigyw8sHOMZsb2w0CufzzEIzMfEO0bRCV1ZHiL6_DGrbKiGN4ZH6hqRX7R-GFkyQD4YfpHneK12vFn45lHU_d2wCkK6lP4POV7EXL_jPkSRvxGmN2zGGfx_dLFQ2e-3lC986vdWYSMhktbwwJp__1ifWu9glj3VIIHS4Y_ppdW7weN4y9bC1rli-akU9a_wMUnsk9PqZGIoAdU3Ew7KIzMlSt0IHdU-2VyDTaoNqYfT6h0YUvygXexFWl8JugTDM030y0w%2526sai%253DAMfl-YTe6USohKeaE00kgflpF38NCcZg_ETurVyinontWLm-_CtMg8DCcRZKKwGViVzO57D7IUQkrg25w3_3ghOcMP5XfE5aUBFchyOGbrZbB90VmPWSP12vv0XTPAvA3QbBflUUE-rwPl3FhrROWJ0vVRI0%2526sig%253DCg0ArKJSzA7ojAwI6mm2EAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:19 GMT
an-x-request-uuid: f63e1854-d98d-4916-adcd-b8cdc106c565
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8457 13 KB
5 KB 79ms
78ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
age: 14184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 12:08:55 GMT
expires: Wed, 25 Dec 2024 12:08:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9665 829 B
1 KB 90ms
90ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

a68d4d3f4041bb669180efe6d7b5ae7974d98b00b70a9272a4b16cf96d903e8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-seB2qKyiMfwbg5RdOFr1Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-seB2qKyiMfwbg5RdOFr1Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 16:05:19 GMT
expires: Tue, 26 Dec 2023 16:05:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8457 39 KB
15 KB 855ms
85ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 12:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 12:07:28 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9665 0
0 942ms
181ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2172583532326751&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 34F4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16056cdb5a067f5c7f0d1716a1f2b69840f7b9a1d960e26dfa462144bdfc62a9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 76ms
76ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Dec 2023 16:05:20 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 34F4 0
0 426ms
126ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1jDzQo1i1YL-tgFV2thhRzJ393rQ-FPvXM8idCXhIMWdSf6UzWGHv6-vdE-U5Bx21UqHABVzFaF4U886hGIjSGOO9qCpqpkHlpZ-9FKIX60BCamHwLTUtc46zaQ70PMb2AqqgetSpfk-1kSKRUic2RpKWrzIQ8y574hjFmCqfo7GZfNjOpSSO_WD6Q7JthIhgUwy9xZwL7Ix_fqwfXfS5e9UNKFxDBbYnD06gkpIxP9KHWsxJhPECssvf0Ae4gdMAsegkJPCU7eeCRkHjDm5ePl1UExWp6NJEcIAXVHwIhmGf0HyeD3sYklt0Mezo_O-MzuLVjht5bCZvVgVRP1UwzVbufm1OvajY&sai=AMfl-YT2tdbZJxkUjWl2T7qRgeJZII5_kvhG1EAvY8V3KnAGmnQz_LFBd-fvtLFL5X0jmCMNqedzPggpRv3BylNiPXgEBkh2wzjTjEnonESX5LldA_0kN1q-7cVBWShVyBmFEovJLWbr1WT1MyC0EvHX-ctC&sig=Cg0ArKJSzGd9dCqn-e8_EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 26 Dec 2023 16:05:20 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0AD3 14 KB
6 KB 77ms
77ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rentry.co

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 16:05:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 962841
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 587ms
145ms XHR
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 27 Dec 2023 16:05:20 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 427F 0
127 B 74ms
74ms Ping
text/plain 178.250.1.25
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 16:05:20 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 0AD3 430 B
556 B 76ms
76ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=rentry.co&sn=ChromeSyncframe&so=0&topUrl=rentry.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rentry.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d159d9eae1eb39100a47bc0525228bc000c4a720559fcc24af02c40525a36385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rentry.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 809885
expires: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DEBF 42 B
174 B 127ms
127ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5hJBDsISNAKwPw2Ahy2ksS9i3DiOECWWyfgWfU_r-ZOcZTIOOs-Hk283LHs8zZAR6fgSE_dsYXsx3fEhjEwCLwHOXeOb4VFeGH-WEFYhcImKqNf_kgn22-WCScfgZJz6n7ueheBSFSQ6-TDHxv00bOQ&sig=Cg0ArKJSzPpPMeArZge_EAE&id=lidar2&mcvt=1000&p=0,238,94,1208&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=919434119&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703606718698&rpt=921&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 8457 0
40 B 90ms
90ms Image
text/plain 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eJAvzg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34F4 42 B
108 B 122ms
122ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv11CTsxjvqiBXIGonhjVF8lxO9gbv-TsdPO4wS8ZaRofd-16gG2QqcVfRm2g7Ity6Lx_YS4-aVTjRBaNiiQ9HlTtlzpeg8wy8XR02ctIRTlSHLAGW6CfSE_WNebxV9zNYZ5fKtYMQsoXiDIKMvlhAmLg&sig=Cg0ArKJSzJOrkvlUkzPlEAE&id=lidar2&mcvt=1000&p=1105,436,1195,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3236564155&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703606718695&rpt=1673&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 116ms
115ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2172583532326751&bg=!2tml2ZbNAAY3kmNgF5I7ADQBe5WfOJWS-7FsnGCF0wQRPQWwxrpiPXPIA0LT2sxkt8I-Pwt1VGnNY9vKdZGCJzs3-sZQAgAAAD1SAAAAAmgBB5kC3K7fOXnNaqZ-Uec7qlqb6jdfcMeHhbh7YraF_UiP5-T7g5MgJ7Y_aQGBRVFdE9xJDIIOh0t7egqi9meH-KvgoRymEDeLlpKyIDmp9X--yBe-aE9f3kffRwmFEiigamUlm8l3DeVhe6ldlRkUwGdqKGIkOf3R5v9W3YYJuFW09CJ0zfJdoqDOMjC-FGk-cAigvLKlR9VY1Dj0GmleiizgPmR36tNg_U4eHnrsh-ulloQLFTpMzhMzLf0YJRQAonFTEPKlN0Bt9soDHitR5Jbj3aPtCc_VBeQY9p8xuNX73Pj7gai5xWptXBqgCh-ZvJu3cIfmO2chNRY0M7zZChfhAOUIOOlzfUOrMJ-Qaij7pm40UH8AEYrNzVWQ8uK3k4iKzO2z5lCXt-UrIKVpCiaxiRmDC7nNqX571gvbhxGrnyyuHXia5gDDwQ2icGl-YnH-XOsH06QKAYmeMM5jYeOfs31BO48UVbcBKJPSJGW4U05fPfaIHKt3S_z8p2xld7i7LHOL4HraGCg1WipxlMkozl8i2iXU8DRnv7TL_dNPxPaltK0polhBTchuMurh4jmA0NkNsvYg6PYnk--GEZeBL52PCV4n6Y7ZVK2_l4-BW2nhSVA7qCfuaYCJ6iHjk9vi10Z4XFudNHc3-yOuSXoPsfK9VZwj9euc3ej17VAOJMzzZyAImWvLKVHNOiJohL4iEyfuWBHWvfiXtbQpiNvGoUJb2pVa31toFMpQ3MM3oYFk5qex7AMgLW3gJkLmTXjREMTakC2o5eNa04TujD0EiXFgemxrqcgMw_vlI9GEdWg125I5dnQ-wdzvCGk-URCxlx0EZDHz3QeeQVy1x7I9by7XlMoIm45hgJ3bzspgUO_w1_gJDBvulM02Vg8SKNM9S2D2CAu24eVO0rYThoPvcajcCjqBxKWUdzxmGPG2niMzKX12RWI5NRy6tkBjPL6R0utPfe5VnR_dSqtwew
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 8629 9 KB
4 KB 217ms
66ms Document
text/html 18.66.248.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-39.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

age: 63359
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Mon, 25 Dec 2023 22:29:22 GMT
etag: W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified: Mon, 02 Oct 2023 23:54:30 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
x-amz-cf-id: lVDuf8pZ3x-DYik5TUljHh1IktbWHhYO9zyjw2mLrbuu54iZbQKuPQ==
x-amz-cf-pop: DUS51-P1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5: d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256: 8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Hit from cloudfront

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 1A80 199 B
213 B 121ms
99ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Tue, 26 Dec 2023 16:05:21 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5010 52 KB
17 KB 320ms
90ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 26 Dec 2023 16:05:21 GMT
ETag: "623de86a-cf34"
Expires: Wed, 27 Dec 2023 16:05:23 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 8A44 0
0 85ms
83ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1703606718093

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EAA3 16 KB
6 KB 236ms
74ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=24139
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 26 Dec 2023 16:05:21 GMT
expires: Tue, 26 Dec 2023 22:47:40 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B345 281 B
555 B 96ms
95ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rentryco.js?1703606400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rentry.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Dec 2023 16:05:21 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B345 45 KB
13 KB 106ms
105ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d5cdd518ff40bc4039aac0b166bf3cb41582739b1c778f852a3ae77fa826e0e7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 16:05:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Dec 2023 05:00:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46509
Connection: keep-alive
Content-Length: 13201
Expires: Wed, 27 Dec 2023 05:00:30 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame B345 7 B
380 B 379ms
378ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame A221 3 KB
1 KB 357ms
102ms Document
text/html 54.217.75.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.75.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-75-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf0bc5a587d3721d38b9c0b128c1599086a5a7aa99a93ab0ac47ee8f5f5557ed

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 26 Dec 2023 16:05:22 GMT
etag: W/"0662dced46c5a64f73d02bb0c683d983d"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 1088 0
0 85ms
85ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
ssbsync.smartadserver.com/api/ Frame 9752 919 B
1 KB 366ms
88ms Document
text/html 81.17.55.108
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.108 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 7a8dfb87d7314925888d1d52df2e9f079a61b8371acd84a3055ab3a15faa6ecd

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

content-length: 919
content-type: text/html
date: Tue, 26 Dec 2023 16:05:21 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 0A10
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

2 KB
1 KB

100ms
99ms

Document
text/html

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29321a9262918b4a2999d31181f3de8ecca0a89e4c2ae7800a1e52d0ac960a3b

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83ba909ccef61c15-FRA
content-encoding: br
content-type: text/html
date: Tue, 26 Dec 2023 16:05:22 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=er%2B80DQCgWu1CBxRMgcS7eVZQsMACeo0iX6aK5FUBnNRJA1rmynsWehqcM%2BsTbh36ivi4y8mvDQi9przH04r5kIsnOE%2BXkkpEFHOq9LL1luznrG%2FzpZ8fHVhgbg%2FzlwN3N9qzEN%2Fhmj9Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83ba909c2e0e1c15-FRA
content-length: 0
date: Tue, 26 Dec 2023 16:05:21 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmIkW4o7a68U5%2F9bjYIZsO%2FSTl1eCHdg33fV92ZvEzXf4dVQFcNt0bfa6wKOVRceWcWIvyR1nLV%2B70zB%2FrZjLsm58rDqXH%2F%2FmZpOfTzS5xpN%2BC0MoAkHmtrY%2BvgfdtyqCFK2j1pdzK6U%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7554
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
555 B

74ms
73ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Dec 2023 16:05:22 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Dec 2023 16:05:21 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AC1B 16 KB
6 KB 82ms
79ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=24139
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 26 Dec 2023 16:05:21 GMT
expires: Tue, 26 Dec 2023 22:47:40 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 89A4 0
526 B 607ms
168ms Document
text/html 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Tue, 26 Dec 2023 16:05:22 GMT
server: istio-envoy
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-amz-cf-id: a54lAmNeSVyoxP6JVSicZzvx0RjUgRSpb-NXhiNB0mOhUP1uBniGwQ==
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 1
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame C854 0
134 B 292ms
85ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Tue, 26 Dec 2023 16:05:21 GMT
Server: nginx

GET
H2 200 sync-iframe Show response
cs-server-s2s.yellowblue.io/ Frame DDE6 0
370 B 1245ms
177ms Document
text/html 3.222.121.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.222.121.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-121-73.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Tue, 26 Dec 2023 16:05:22 GMT
server: istio-envoy
x-envoy-upstream-service-time: 1
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2

200

sync
ads.servenobid.com/ Frame 8629
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=8261042503554613779

0
344 B

112ms
112ms

Image
image/avif

54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=8261042503554613779
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:21 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:21 GMT
an-x-request-uuid: e1f6a1c3-867e-4de2-b4a2-e475969553a8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=8261042503554613779
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 8629
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=H4ulvRZHK4XbxXc_RZS54tHG

0
350 B

94ms
94ms

Image
image/avif

54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=H4ulvRZHK4XbxXc_RZS54tHG
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:21 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=H4ulvRZHK4XbxXc_RZS54tHG
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 204 pixel
ap.lijit.com/ Frame 8629 0
175 B 843ms
586ms Image
text/plain 54.228.167.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.167.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-167-94.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 16:05:22 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET

RX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003
sync.targeting.unrulymedia.com/csync/ Frame 8629
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1703606722042
https://ad.turn.com/r/cs?pid=45&rndcb=4886031076
https://sync.1rx.io/usersync/turn/2373448323688716063?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 8629
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5107433831766403445

0
344 B

96ms
96ms

Image
image/avif

54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5107433831766403445
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5107433831766403445
Date: Tue, 26 Dec 2023 16:05:22 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 usa
sync.go.sonobi.com/ Frame 8629 0
399 B 768ms
157ms Image
text/plain 69.166.1.66
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-82
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 8629
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0

0
252 B

94ms
94ms

Image
image/avif

54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date: Tue, 26 Dec 2023 16:05:21 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58559/ Frame 8629 0
15 B 277ms
82ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58559/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame 8629
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ads.servenobid.com/sync?pid=346&uid=ua-fabc0039-fe15-376f-a917-ae5fd6f3e664

0
358 B

112ms
112ms

Image
image/avif

54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-fabc0039-fe15-376f-a917-ae5fd6f3e664
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-fabc0039-fe15-376f-a917-ae5fd6f3e664
pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
cache-control: no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58632/ Frame 8629 0
125 B 276ms
81ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58632/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 8629 0
35 B 539ms
83ms Image
text/plain 3.64.26.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.26.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-26-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 8629
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

113ms
113ms

Image
image/avif

54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 26 Dec 2023 16:05:22 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Tue, 26 Dec 2023 16:05:22 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame EAA3 0
42 B 238ms
73ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=18568747&p=161102&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:20 GMT
content-length: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5010 0
595 B 77ms
76ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:21 GMT
an-x-request-uuid: 3b4652b5-b202-491a-b7bc-0bf71e83e0ea
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A221
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=8261042503554613779

35 B
250 B

321ms
107ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=8261042503554613779
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
an-x-request-uuid: f234dc6d-0e4d-4112-8003-791dd36c52a0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://usersync.gumgum.com/usersync?b=apn&i=8261042503554613779
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A221
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26u...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dgumgum2%26expires%3D30%26u...
https://x.bidswitch.net/sync?dsp_id=429&user_id=196d5fa7-57da-5268-bfff-363ada75cff8&ssp=gumgum2&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=bsw&i=56a8a755-b767-4565-ab41-9eec03166b08&gdpr=0&gdpr_consent=&us_privacy=

35 B
250 B

103ms
103ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=56a8a755-b767-4565-ab41-9eec03166b08&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=56a8a755-b767-4565-ab41-9eec03166b08&gdpr=0&gdpr_consent=&us_privacy=
date: Tue, 26 Dec 2023 16:05:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A221
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=83288910-57b9-4d4e-9a1d-ec2242981291

35 B
250 B

196ms
109ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=83288910-57b9-4d4e-9a1d-ec2242981291
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 26 Dec 2023 16:05:22 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=83288910-57b9-4d4e-9a1d-ec2242981291
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A221
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-a9110db1-21ff-502f-507d-f10553f947ce$ip$146.70.85.183

35 B
250 B

104ms
104ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-a9110db1-21ff-502f-507d-f10553f947ce$ip$146.70.85.183
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-a9110db1-21ff-502f-507d-f10553f947ce$ip$146.70.85.183
Date: Tue, 26 Dec 2023 16:05:22 GMT
Connection: keep-alive
Content-Length: 127
Content-Type: text/html; charset=utf-8

GET
H2 200 gumgum
pr-bh.ybp.yahoo.com/sync/ Frame A221 43 B
426 B 646ms
107ms Image
image/gif 54.228.140.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.140.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-140-66.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A221
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=f70bedb7-ea69-4a1c-9b77-be010ce35680

35 B
250 B

104ms
103ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=f70bedb7-ea69-4a1c-9b77-be010ce35680
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=f70bedb7-ea69-4a1c-9b77-be010ce35680
Date: Tue, 26 Dec 2023 16:05:23 GMT
Connection: keep-alive
X-CI-RTID: 9318ff64-2f29-4f75-a01b-1b35dd375adf
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 200 142
match.deepintent.com/usersync/ Frame A221 0
44 B 486ms
160ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A221
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130&s=2&us_privacy=...
https://usersync.gumgum.com/usersync?b=zem&i=IxFLLybwqr7SqUiQRfOD&gdpr=0&us_privacy=1---

35 B
250 B

100ms
100ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=IxFLLybwqr7SqUiQRfOD&gdpr=0&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=IxFLLybwqr7SqUiQRfOD&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

usersync
rtb.gumgum.com/ Frame A221
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://rtb.gumgum.com/usersync?b=pln&i=ZXh9c5hsk85k&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355

35 B
208 B

139ms
122ms

Image
image/gif

54.217.75.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=pln&i=ZXh9c5hsk85k&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 54.217.75.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-75-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
server: nginx
content-type: image/gif;charset=UTF-8
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: pl-PL
location: https://rtb.gumgum.com/usersync?b=pln&i=ZXh9c5hsk85k&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-db744d8c7-hcncl
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A221
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=8767036722878620993

35 B
250 B

402ms
110ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=8767036722878620993
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=8767036722878620993
date: Tue, 26 Dec 2023 16:05:21 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame A221 0
357 B 104ms
104ms Image
image/avif 54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 8988
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=adf&i=7125116538528406502&gdpr=0&gdpr_consent=

35 B
250 B

107ms
107ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=adf&i=7125116538528406502&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 26 Dec 2023 16:05:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 26 Dec 2023 16:05:22 GMT
expires: -1
location: https://usersync.gumgum.com/usersync?b=adf&i=7125116538528406502&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame 3D0D 170 B
348 B 96ms
89ms Document
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80ZTJiNGZiOS1mZmE1LTQyYmQtOThkNy1jNjUwNWViMTIxMzA=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 16:05:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A7D4 16 KB
6 KB 71ms
71ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=24138
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 26 Dec 2023 16:05:22 GMT
expires: Tue, 26 Dec 2023 22:47:40 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame EE8F 70 B
149 B 332ms
111ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

content-length: 70
content-type: image/gif
date: Tue, 26 Dec 2023 16:05:22 GMT
server: Kestrel

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 6B7C
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZYr5wsCo8X8AANSkKKEAAAAA

35 B
250 B

107ms
106ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZYr5wsCo8X8AANSkKKEAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 26 Dec 2023 16:05:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 26 Dec 2023 16:05:22 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZYr5wsCo8X8AANSkKKEAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad131.dc4p.scaleout.jp
X-SO-IP: 146.70.85.183
X-SO-Key: ZYr5wsCo8X8AANSkKKEAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZYr5wsCo8X8AANSkKKEAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad131"}
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad131

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame D148
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=gumgum&tc=1

35 B
250 B

115ms
115ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 26 Dec 2023 16:05:22 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 26 Dec 2023 16:05:22 GMT Tue, 26 Dec 2023 16:05:22 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9177
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
555 B

134ms
91ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Dec 2023 16:05:22 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 26 Dec 2023 16:05:22 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7554 45 KB
13 KB 114ms
113ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d5cdd518ff40bc4039aac0b166bf3cb41582739b1c778f852a3ae77fa826e0e7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 16:05:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Dec 2023 05:00:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46508
Connection: keep-alive
Content-Length: 13201
Expires: Wed, 27 Dec 2023 05:00:30 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 9752 0
344 B 107ms
107ms Image
image/avif 54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=6852712272259458456&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9752
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6852712272259458456&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6852712272259458456&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

273ms
202ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6852712272259458456&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M9SARGK8SVY3KWJB5SKY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1XT9SY98TX5TJKEH06Q6
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6852712272259458456&gdpr=0&gdpr_consent=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 9752
Redirect Chain

https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cL3YxCCxg5drsYWcfuvNwSPt0ZxrvtCcIr4ZlSa0

43 B
163 B

91ms
91ms

Image
image/gif

5.196.111.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cL3YxCCxg5drsYWcfuvNwSPt0ZxrvtCcIr4ZlSa0
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 5.196.111.73 , France, ASN16276 (OVH, FR),
Reverse DNS: ip73.ip-5-196-111.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:21 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=cL3YxCCxg5drsYWcfuvNwSPt0ZxrvtCcIr4ZlSa0
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 9752 0
243 B 526ms
77ms Image
text/plain 18.154.63.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-24.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:04:28 GMT
via: 1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P4
age: 54
x-cache: Hit from cloudfront
cache-control: no-cache, must-revalidate
x-amz-cf-id: MezMeh4ZoA5hx2EEckBEJwgPQZHcjjpGm4R2ASZ4Mgi4pODc-CPOOg==

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame 9752
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=Njg1MjcxMjI3MjI1OTQ1ODQ1Ng==&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFrHCphjsBkHhqjGX-SZJxU&gdpr=0&gdpr_consent=&google_cver=1

43 B
427 B

95ms
94ms

Image
image/gif

5.196.111.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFrHCphjsBkHhqjGX-SZJxU&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 5.196.111.73 , France, ASN16276 (OVH, FR),
Reverse DNS: ip73.ip-5-196-111.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFrHCphjsBkHhqjGX-SZJxU&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 0A10 70 B
148 B 309ms
112ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 0A10 43 B
479 B 732ms
176ms Image
image/gif 209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYr5wSeY7NXPRPGR3esQNAAABLoAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 16:05:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8Y4MQYJ2DJPANH04Y5QA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 0A10
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYr5wSeY7NXPRPGR3esQNAAABLoAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPqD9VqhCDD2885pqhQcSPA&google_cver=1

43 B
345 B

92ms
92ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPqD9VqhCDD2885pqhQcSPA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maLWV%2BMjm1JHbNRxBu0AaHVlcXJl%2FZ8SfKeH1qF9GmZIq0o5Iak%2FHa2lEH3%2FGZ6CpjUF%2F1%2FFL4KMzIuE4BqFRe1PfA8s69o5aYMZ%2FcDT9BCESHKzVD6228wQigr6QYxNkGEP%2BJzSvTpyYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ba909e18c21c15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPqD9VqhCDD2885pqhQcSPA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 0A10
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYr5wSeY7NXPRPGR3esQNAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKRxRut_IyfF_y6zmCKFsJU&google_cver=1

43 B
322 B

100ms
99ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKRxRut_IyfF_y6zmCKFsJU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGRpbuDLs0zySJosK5w5cyy7xwmUAwg27uuR5pzgqjeYz9YK9ovogsiqYkDvvNiWTBl7u3igPa2bUkPzwGm4DvfT8vJkSf2PPZn8sKKiTA0%2FFoe9NYL2E2kQy9xitTL4hsKw4m1vDpMjvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ba909ec9d31c15-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKRxRut_IyfF_y6zmCKFsJU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 0A10
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210&tc=1

43 B
772 B

105ms
105ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2azz7QXuTWeM0vpZBLl6hBoUG2DN6dT1gn5EjqqkFL78PHsvQj1SeeuPNj%2BdZdBjlr%2FxoWSzWC9xHdgvgJ%2BppTQVbW0HaBK7z7vo2%2FJ56vmAgE5KMAnnBPpn9xE%2BTpKc6kwrGL7HLqdwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ba90a029432c5f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=vjWru0q_1nOGIv7wwHjgU7Nznt5Bgm8vF5-8RCJpq48&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZYr5wSeY7NXPRPGR3esQNAAA%261210&tc=1
pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT, Tue, 26 Dec 2023 16:05:22 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0A10
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2877851481954211615

43 B
729 B

88ms
87ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2877851481954211615
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OejV3W1a3dS4o5V1YG4bfZyUGwedP4FV06d5sHE8Faxeszfhj2KsDEIJ3lY8%2BjwEDWoNc7Yk9WbubGyFs3GICyBO0x5G52G6pwzzmq5r3kgUWjmMMi7A5teXppR42UvLzux4U3jMCUauw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83ba90a1bb562c5f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2877851481954211615
pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 ZYr5wSeY7NXPRPGR3esQNAAABLoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0A10 43 B
601 B 619ms
108ms Image
image/gif 54.228.140.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZYr5wSeY7NXPRPGR3esQNAAABLoAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.140.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-140-66.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 0A10
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZYr5wSeY7NXPRPGR3esQNAAA%261210?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZYr5wSeY7NXPRPGR3esQNAAA%261210

42 B
717 B

110ms
110ms

Image
image/gif

52.210.118.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZYr5wSeY7NXPRPGR3esQNAAA%261210

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

Server

52.210.118.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-118-155.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0d8917a30.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: Z8URile5RSU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-031c8e95e.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: A3qIwBF1RwE=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZYr5wSeY7NXPRPGR3esQNAAA%261210
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sync
ads.servenobid.com/ Frame 0A10 0
356 B 107ms
107ms Image
image/avif 54.246.183.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZYr5wSeY7NXPRPGR3esQNAAABLoAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.183.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-183-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 16:05:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET khaos.json
token.rubiconproject.com/ Frame 7554 0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9177 45 KB
13 KB 496ms
496ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d5cdd518ff40bc4039aac0b166bf3cb41582739b1c778f852a3ae77fa826e0e7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 16:05:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Dec 2023 05:00:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46508
Connection: keep-alive
Content-Length: 13201
Expires: Wed, 27 Dec 2023 05:00:30 GMT

GET khaos.json
token.rubiconproject.com/ Frame 9177 0
0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5010 0
595 B 60ms
60ms Script
text/html 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 16:05:22 GMT
an-x-request-uuid: 33e15874-b451-47c4-ab60-95ade8d18953
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 146.70.85.183; 146.70.85.183; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aax.amazon-adsystem.com
URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frentry.co%2Fetn37k&pr=https%3A%2F%2Ft.co%2F&pid=ZKwgIJIlmMeFx&cb=0&ws=1600x1200&v=23.1211.1645&t=2500&slots=%5B%7B%22sd%22%3A%22bsa-zone_1699624989460-1_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8691100%2FRentryco_S2S_FixedFooter_ROS%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1700727262982-7_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F8691100%2FRentryco_S2S_TopLeaderboard_ROS%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!buysellads.com%2C17669%2C1%2C%2C%2C&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/khaos.json?

Domain: token.rubiconproject.com
URL: https://token.rubiconproject.com/khaos.json?

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-21 02:43:41	Name: muc Value: 91bfb1f3-c57e-4dae-8e1d-5edc476f7589
.google.com/	1970-01-21 02:43:13	Name: __Secure-ENID Value: 16.SE=WsDhAtAtU0u1KNuRN2tJgnqn88DJkhqgRoCRPbIlITxqRbJpMqrDeJnzbhQ3tOHSCEkWvOLIbk4di96yWdYGz__67i52JmG-zBgtrM85PnkZAnIYTJszKVCXgfEJ_yKWS-FK_sI29FAv10jiIBv4nY1YZHu9xA5FKF8MZ8FmgAg
.google.com/	1970-01-21 02:49:26	Name: CONSENT Value: PENDING+853
.rentry.co/	1970-01-21 02:49:26	Name: _ga_LLFSDKZXET Value: GS1.1.1703606716.1.0.1703606716.0.0.0
.rentry.co/	1970-01-21 02:49:26	Name: _ga Value: GA1.1.83615316.1703606716
.rubiconproject.com/	1970-01-21 01:59:02	Name: khaos Value: LQMJGCQM-21-3C5M
.rubiconproject.com/	1970-01-21 01:59:02	Name: audit Value: 1\|yQuirGeEF6ATw6Y+4W+88PiMIC/cMJr1zg1Ycz8t9H3MGSqEsBd9CKHUq333Q4Q/4HEYI5ehIrUK5jqLjWb/8L7FQD2yB//hvsVAPbIH/+E=
.rentry.co/	1970-01-21 02:35:02	Name: __gads Value: ID=9dc6fe9ed21ea8fd:T=1703606718:RT=1703606718:S=ALNI_Maz3Pc1u15CEi8e2hTdCZ708J4PTw
.rentry.co/	1970-01-21 02:35:02	Name: __gpi Value: UID=00000d2b4e2218ef:T=1703606718:RT=1703606718:S=ALNI_MYfCdc2D2Lu21b4WLhwlh22OhCUEQ
.doubleclick.net/	1970-01-21 02:35:02	Name: IDE Value: AHWqTUmMw7nolNeM1FFL80-_RFrcBMYJKAysVl5dFFGonG2DmBCbdWliqKOk6LKSpvw
.adnxs.com/	1970-01-20 19:23:02	Name: uuid2 Value: 8261042503554613779
.doubleclick.net/	1970-01-20 21:32:38	Name: APC Value: AfxxVi4-Cl1y8zRLN4rVG235A-_F9HPiNKeHbUgUDoCf7MCnHPF2Hg
.criteo.com/	1970-01-21 02:35:02	Name: uid Value: 51a8c0c6-c22d-46ec-b4e0-536c2e4cc42d
.criteo.com/	1970-01-21 02:35:02	Name: receive-cookie-deprecation Value: 1
.rentry.co/	1970-01-21 02:35:02	Name: cto_bundle Value: zLYgWF9vb3Raa1hTWlQxUEZYOTRqajUlMkJ3TndEc1gwVDlXWWxKTkNTRHJPTktjUCUyQmtxclZscDQ2MGxLWXlGdGRmT0lIcGJqMVdCZm9UMnpvYjVkQzRXa015JTJGaFNvR1RzbDRJNTZxSHNOJTJGUkNaOTd5RiUyRmVPbFR6eFBjdjBTWHlMcEN0TGVEbVIzWDl5Sk9pcm1yS2hIbmdWYk13JTNEJTNE
.ads.pubmatic.com/	1970-01-20 17:14:53	Name: KCCH Value: YES
.servenobid.com/	1970-01-20 17:23:31	Name: pid_312 Value: 8261042503554613779
.lijit.com/	1970-01-21 01:59:02	Name: ljt_reader Value: H4ulvRZHK4XbxXc_RZS54tHG
.casalemedia.com/	1970-01-21 01:59:02	Name: CMID Value: ZYr5wSeY7NXPRPGR3esQNAAA
.casalemedia.com/	1970-01-20 19:23:02	Name: CMPS Value: 1210
.casalemedia.com/	1970-01-20 19:23:02	Name: CMPRO Value: 1210
prebid.a-mo.net/	1970-01-20 17:13:27	Name: _Amc_b Value: 0
.lijit.com/	1970-01-21 01:59:02	Name: _ljtrtb_273657 Value: 273657
.rfihub.com/	1970-01-21 02:35:02	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ3MzMxMDYxMRXiM9Q1rApJTteNKPQyMDUBAB7iPXolAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjQ3MzMxMDYxMRXiM9Q1rApJTteNKPQyMDUBAB7iPXolAAAA
.rfihub.com/	1970-01-21 02:35:02	Name: eud Value: H4sIAAAAAAAA_zslzmtobmBsZmBmbmRkYGQMABzVwO4QAAAA
.gumgum.com/	1970-01-21 01:59:02	Name: vst Value: e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130
.1rx.io/	1970-01-21 01:59:02	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3f1328a8-8fbc-4905-bba6-f7b92106b00b-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D
.servenobid.com/	1970-01-20 17:23:31	Name: pid_310 Value: H4ulvRZHK4XbxXc_RZS54tHG
.servenobid.com/	1970-01-20 17:23:31	Name: pid_324 Value: 5107433831766403445
.smartadserver.com/	1970-01-21 02:43:41	Name: pid Value: 8767036722878620993
.servenobid.com/	1970-01-20 17:23:31	Name: pid_309 Value: e_4e2b4fb9-ffa5-42bd-98d7-c6505eb12130
.openx.net/	1970-01-21 01:59:02	Name: i Value: a7b91239-d62b-4aef-a7b0-3427eeef202a\|1703606722
.servenobid.com/	1970-01-20 17:23:31	Name: pid_317 Value: 6852712272259458456
.servenobid.com/	1970-01-20 17:23:31	Name: pid_333 Value: ZYr5wSeY7NXPRPGR3esQNAAABLoAAAAB
.disqus.com/	1970-01-21 01:59:02	Name: zeta-ssp-user-id Value: ua-fabc0039-fe15-376f-a917-ae5fd6f3e664
.bidswitch.net/	1970-01-21 01:59:02	Name: tuuid Value: 56a8a755-b767-4565-ab41-9eec03166b08
.bidswitch.net/	1970-01-21 01:59:02	Name: c Value: 1703606722
.bidswitch.net/	1970-01-21 01:59:02	Name: tuuid_lu Value: 1703606722
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 9ac8f89f3c54824a
.servenobid.com/	1970-01-20 17:23:31	Name: pid_346 Value: ua-fabc0039-fe15-376f-a917-ae5fd6f3e664
.servenobid.com/	1970-01-20 17:23:31	Name: pid_353 Value: 0000EEA
.creativecdn.com/	1970-01-21 01:59:02	Name: ts Value: 1703606722
.creativecdn.com/	1970-01-21 01:59:02	Name: u Value: x5fMgIi1uDXNTm2F3Sir
.creativecdn.com/	1970-01-21 01:59:02	Name: g Value: x5fMgIi1uDXNTm2F3Sir_1703606722370
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s8582\|ZYr5x
.smartadserver.com/	1970-01-21 02:00:29	Name: csync Value: 76:CAESEFrHCphjsBkHhqjGX-SZJxU\|135:TAM_OK
.demdex.net/	1970-01-20 21:32:38	Name: demdex Value: 59804322369582697511545161763919636493
.quantserve.com/	1970-01-20 19:23:02	Name: d Value: ECUBDQHgKoir0QA
.quantserve.com/	1970-01-21 02:43:41	Name: mc Value: 658af9c2-9e98c-dee19-609d6
.zemanta.com/	1970-01-21 01:59:02	Name: zuid Value: IxFLLybwqr7SqUiQRfOD
.dpm.demdex.net/	1970-01-20 21:32:38	Name: dpm Value: 59804322369582697511545161763919636493
.yahoo.com/	1970-01-21 01:59:24	Name: A3 Value: d=AQABBML5imUCEBgnNLtbJz2hpXBkOhgoeXEFEgEBAQFLjGWUZQAAAAAA_eMAAA&S=AQAAAlw7Tt9gHlUshC6ynUloZ7M
.turn.com/	1970-01-20 21:32:38	Name: uid Value: 2373448323688716063
sync.srv.stackadapt.com/	1970-01-21 01:59:02	Name: sa-user-id Value: s%3A0-a9110db1-21ff-502f-507d-f10553f947ce.lHyfVXBFpsMrOnPUV8K%2F3s9YiRKTjrbE7oz12S%2BZDVk
.srv.stackadapt.com/	1970-01-21 01:59:02	Name: sa-user-id Value: s%3A0-a9110db1-21ff-502f-507d-f10553f947ce.lHyfVXBFpsMrOnPUV8K%2F3s9YiRKTjrbE7oz12S%2BZDVk
sync.srv.stackadapt.com/	1970-01-21 01:59:02	Name: sa-user-id-v2 Value: s%3AqRENsSH_UC9QffEFU_lHzpJGVbc.0KkJ3hmxmGANkmaNlJTiyEAYRzmSwyVFiq51%2BiWGyxI
.srv.stackadapt.com/	1970-01-21 01:59:02	Name: sa-user-id-v2 Value: s%3AqRENsSH_UC9QffEFU_lHzpJGVbc.0KkJ3hmxmGANkmaNlJTiyEAYRzmSwyVFiq51%2BiWGyxI
sync.srv.stackadapt.com/	1970-01-21 01:59:02	Name: sa-user-id-v3 Value: s%3AAQAKINLF4_t2IxdOKf_Tp8TKEfO28y-Fv_VDuSPtVGTYc-AwEHwYBCDC86usBjABOgQ8w7t9QgT-BtX_.Xh8lyutSuAQZNXPDUzb%2F6DpiRHZv5zBSGRvQSNW5wYo
.srv.stackadapt.com/	1970-01-21 01:59:02	Name: sa-user-id-v3 Value: s%3AAQAKINLF4_t2IxdOKf_Tp8TKEfO28y-Fv_VDuSPtVGTYc-AwEHwYBCDC86usBjABOgQ8w7t9QgT-BtX_.Xh8lyutSuAQZNXPDUzb%2F6DpiRHZv5zBSGRvQSNW5wYo
.adform.net/	1970-01-20 17:58:05	Name: C Value: 1
.betweendigital.com/	1970-01-21 01:59:02	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 01:59:02	Name: tuuid Value: 196d5fa7-57da-5268-bfff-363ada75cff8
.betweendigital.com/	1970-01-21 01:59:02	Name: ss Value: 1
.amazon-adsystem.com/	1970-01-20 21:44:09	Name: ad-id Value: A-jHLbeLGEGnh8QqVf9xEvI
.amazon-adsystem.com/	1970-01-21 02:49:26	Name: ad-privacy Value: 0
.adform.net/	1970-01-20 18:39:50	Name: uid Value: 7125116538528406502
.betweendigital.com/	1970-01-21 01:59:02	Name: ut Value: ZYr5wwAAWdhsq_llZp34rRtHjaJlqUcaqqllDw==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://rentry.co/static/js/jquery.min.js?v=21(Line 1) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
javascript	error	URL: https://rentry.co/etn37k Message: Access to XMLHttpRequest at 'https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frentry.co%2Fetn37k&pr=https%3A%2F%2Ft.co%2F&pid=ZKwgIJIlmMeFx&cb=0&ws=1600x1200&v=23.1211.1645&t=2500&slots=%5B%7B%22sd%22%3A%22bsa-zone_1699624989460-1_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8691100%2FRentryco_S2S_FixedFooter_ROS%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1700727262982-7_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F8691100%2FRentryco_S2S_TopLeaderboard_ROS%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!buysellads.com%2C17669%2C1%2C%2C%2C&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D' from origin 'https://rentry.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frentry.co%2Fetn37k&pr=https%3A%2F%2Ft.co%2F&pid=ZKwgIJIlmMeFx&cb=0&ws=1600x1200&v=23.1211.1645&t=2500&slots=%5B%7B%22sd%22%3A%22bsa-zone_1699624989460-1_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8691100%2FRentryco_S2S_FixedFooter_ROS%22%7D%2C%7B%22sd%22%3A%22bsa-zone_1700727262982-7_123456%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22468x60%22%5D%2C%22sn%22%3A%22%2F8691100%2FRentryco_S2S_TopLeaderboard_ROS%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1!buysellads.com%2C17669%2C1%2C%2C%2C&pubid=747b8b51-ec47-4dee-9823-b2b73124b71f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Message: Failed to load resource: net::ERR_FAILED
other	warning	(Line 1) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
api.btloader.com
b1sync.zemanta.com
b368c4ca083805cb108bb71f9027f6d2.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
bh.contextweb.com
bidder.criteo.com
btloader.com
buysellads-d.openx.net
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.hadronid.net
cdn.id5-sync.com
cdn4.buysellads.net
ce.lijit.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
csm.eu.criteo.net
dpm.demdex.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
hbx.media.net
i.imgur.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg.smartadserver.com
public.servenobid.com
region1.google-analytics.com
rentry.co
rtb-csync.smartadserver.com
rtb.gumgum.com
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
sync.adkernel.com
sync.go.sonobi.com
sync.ipredictive.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.co
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
widget.nl3.eu.criteo.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
aax.amazon-adsystem.com
sync.targeting.unrulymedia.com
token.rubiconproject.com
104.18.36.155
104.22.4.69
104.22.5.69
104.22.52.173
104.22.74.216
104.244.42.69
104.26.9.169
108.157.4.57
124.146.153.163
130.211.23.194
141.95.98.64
142.250.181.225
142.250.186.168
142.250.186.34
142.250.186.66
142.250.186.68
142.250.186.98
146.75.116.193
147.75.84.158
161.35.94.188
162.19.138.116
164.132.58.105
169.197.150.7
172.64.153.78
172.67.38.106
172.67.69.19
178.250.1.11
178.250.1.17
178.250.1.25
178.250.1.3
178.250.1.6
178.250.1.8
178.250.1.9
18.154.63.24
18.173.232.200
18.195.59.169
18.66.248.22
18.66.248.39
18.66.248.90
184.30.211.26
184.30.24.22
185.184.8.90
185.64.189.112
185.64.190.78
185.86.139.96
188.42.196.115
193.0.160.131
208.93.169.131
209.54.182.161
213.19.162.61
213.19.162.67
216.239.34.36
216.52.2.39
216.58.206.33
216.58.206.38
23.35.236.188
23.35.236.201
23.56.202.187
3.222.121.73
3.64.26.145
3.71.149.231
34.195.62.158
34.247.233.198
35.244.159.8
37.157.6.237
37.252.171.149
46.228.164.11
5.196.111.73
51.89.9.253
52.210.118.155
52.223.40.198
52.49.9.132
52.86.3.95
54.162.155.223
54.171.10.251
54.217.75.240
54.228.140.66
54.228.167.94
54.246.183.131
64.227.34.52
69.166.1.66
69.173.144.165
70.42.32.223
77.245.57.72
81.17.55.108
91.228.74.168
95.101.149.233
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0cf56a7235740d1afe766af33bafdadb3e275a05ac51980ad93cc9ca5d8b6489
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12ba93db33de679d443dc28aee4a2190b580b8ad3fc53216d5bb2678d4e17f29
16056cdb5a067f5c7f0d1716a1f2b69840f7b9a1d960e26dfa462144bdfc62a9
187959d04f4bbdff91cc6516d102411dd0d518941d7d7fa5b3cce29ae7954ff8
1a9ac39a48107869997a75aa6b0dd3bd7f5d69bee1fba9d12bc84838d066a02d
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
29321a9262918b4a2999d31181f3de8ecca0a89e4c2ae7800a1e52d0ac960a3b
2f7f546cff4a8306df59c3220452b4de147c95c880514ce95aba25969ebf54ab
32d2e365b695a62058dc1c188ecda56bc244791121885fb9921e1b6898ffbdd7
365f7ad4141bdce4556f3d7698cedb2bae67ad82164ac92594d0c31dc3df4787
376fc49f062be27f0789c6faad9e8fe4f2fa765168ef4c055056790685fd977e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f9bc5c5c9ca1c9a1b41e6eb8d89fa757bc596205d3a79e073707896bec60560
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4721b4c33ec7d93ccce846769c32aa9d0acced0f1891236a49d8704621a3d142
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48fc6f985287b8a5c13c949d4a20dce9b442066d5099ebf1080a2ce9ce0ae79e
4c1add9ba5d6cde3a03149a022b61163b35c4d5c738cf32470e7e7bd611e4ac6
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe6e2898990a83b040a1efd0ed00d6c26a037442ec5dd9e9fab0939c4516b31
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5caff645584109b5e778ed7a312a2d615a0537921dd3a03cfe64874ea85597a8
5ed139bb7ff0388f108ed5ad558503fdc2d99e42e2971d1a023cc705634d2fd4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e8688f22e02c37c5bde65939c83586fdaf2cadc4e338f93c220ba6177895a8
649c1cd423de6b4a14b03f95db34e71cae73b7a36f2ca556da160ee92aaf468b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c973c44edaadc916016b7e9069a231454ed831f54e566d6473ab8c3dd8d84b5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78daf8a337041a3e8240c58112d63d7e83facca3051114f405c0c0b548f53f4a
7a8dfb87d7314925888d1d52df2e9f079a61b8371acd84a3055ab3a15faa6ecd
7b891e4cf111559d892395379aaf8df44e5a3742cb21dadbe77e94a8a8268146
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
878a83cf7c60ddfa7a76b1c96774db0c81ad197a1b9f75686008b9c6a8aa6f90
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d4d6bbbb88ff7cffc85747f5d795db197a1509c4014e0edb9822a27f6cfc042
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e84fd9436924a2ecdb5162c25581384a82fca487b3b99f0d4d598a03a939c75
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93dec2831ec25a966599a6af678f59514311635b9b051b95d6b45d2d4f7f1500
9587c0fd7e71a24d365c3cc16b9194f54bbb64104914f6e5dbb443a1143965ae
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98ef8e736f6c3913f2c10e4da30f3cc39fb6a1702c15ed59ff1e2acbd3e59a64
990dfb5623828d35db11eef5b908cebac5d497a8da64f5019d5a337e5d4116c6
9b497dc5424842bacc4aef064f1660b103b94409b2b3342afc491a1691ba205c
a68d4d3f4041bb669180efe6d7b5ae7974d98b00b70a9272a4b16cf96d903e8a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a791a70d4028d91ca9afea513073e62b24eafe40e8f64fdee138f8fa666859eb
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
afa02674d77a2d288843af306e463bcfafed935601c641867dd9b6ca4fa44ba4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c1546885fdb4a57fc7ce503432f9071b263ff4053abefab84f778d1acd7ab60d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c388175ef682bf2160854c326a92adf551670e8497b41895cc1ed02e1556bbbd
cf0bc5a587d3721d38b9c0b128c1599086a5a7aa99a93ab0ac47ee8f5f5557ed
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d159d9eae1eb39100a47bc0525228bc000c4a720559fcc24af02c40525a36385
d2deb47649911be8fcc33f1ec7f00bb7145f5b9397a4fde60b7a6057e4b00b59
d5cdd518ff40bc4039aac0b166bf3cb41582739b1c778f852a3ae77fa826e0e7
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e896a8ce744aa2af9c50e2bfb9937d7586bf3cc9349d4c6006084a781453889e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eaf67431972d3e9d0888a562c64f1e353894aa5fd5c38afaad32003404c2f467
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64e7c3d412632ea80b232ead035864ffbdf876021cf5e346ed04a22c2ec351
f2b9f47f0c5945f03942252ea9accb0181d5b59fd252b673a2b9684a24bc7e37
f5fe3ffc9787b2b41ed3251fa926ade233db204c6cc9a4556374417792481b6f

rentry.co Open in urlscan Pro 164.132.58.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

83 %HTTPS

0 %IPv6

60 Domains

95 Subdomains

71 IPs

10 Countries

1869 kBTransfer

4096 kBSize

68 Cookies

7 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rentry.co Open in urlscan Pro
164.132.58.105 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

83 %
HTTPS

0 %
IPv6

60
Domains

95
Subdomains

71
IPs

10
Countries

1869 kB
Transfer

4096 kB
Size

68
Cookies

166 HTTP transactions
3 data transactions