www.autorentals.com Open in urlscan Pro
159.255.219.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://e.bookingbuddy.com/redirect/?vv=2&q=eJxFULGOwyAM_ZqwJQqGBDJ4aO_U5XRLb7vNAdqiEogCrdS_P9LlJOvJz37vyfKKIJUQWrKMklnkEwf...
Effective URL:
https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Submission: On December 17 via api (December 17th 2019, 6:33:41 pm UTC) from US

Summary HTTP 131 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 54 IPs in 9 countries across 51 domains to perform 131 HTTP transactions. The main IP is 159.255.219.124, located in Almere Stad, Netherlands and belongs to EQUINIX-NL-ASN, NL. The main domain is www.autorentals.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 10th 2018. Valid for: 2 years.

This is the only time www.autorentals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.19.34.65 2.19.34.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	34.237.24.105 34.237.24.105	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.88.110.223 54.88.110.223	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3 5	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	91.228.74.226 91.228.74.226	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
2	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:21f... 2600:9000:21f3:f200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.218.218.0 52.218.218.0	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2606:4700::68... 2606:4700::6810:4da5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	23.99.128.52 23.99.128.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	35.227.192.113 35.227.192.113	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.69.45.28 54.69.45.28	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
37	159.255.219.124 159.255.219.124	47886 (EQUINIX-N...) (EQUINIX-NL-ASN)
2	52.29.140.54 52.29.140.54	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	143.204.101.98 143.204.101.98	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	2a03:2880:f0f... 2a03:2880:f0ff:1a:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2606:4700:10:... 2606:4700:10::6814:b709	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.23.149.37 52.23.149.37	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO - Criteo Corp.)
1 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.249.84.151 34.249.84.151	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
5	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	2a00:1288:110... 2a00:1288:110:c305::9000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	185.33.223.83 185.33.223.83	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	35.156.98.228 35.156.98.228	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.58.41.129 52.58.41.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	63.35.125.54 63.35.125.54	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.28.211.49 52.28.211.49	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	72.247.224.27 72.247.224.27	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	72.247.225.182 72.247.225.182	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	18.196.246.102 18.196.246.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01 - Leaseweb USA)
1	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:194::143a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.166 151.101.12.166	54113 (FASTLY) (FASTLY - Fastly)
1	34.241.239.247 34.241.239.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.5.109.152 23.5.109.152	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	54.76.175.152 54.76.175.152	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
131	54

1 2.19.34.65 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-34-65.deploy.static.akamaitechnologies.com

e.bookingbuddy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.237.24.105 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-237-24-105.compute-1.amazonaws.com

click.deals.shermanstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.110.223 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-88-110-223.compute-1.amazonaws.com

landscape.shermanstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.226 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.218.0 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:4da5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api1.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.99.128.52 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-dm1-001.cloudapp.net

lightboxapi1.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.192.113 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 113.192.227.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.45.28 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-69-45-28.us-west-2.compute.amazonaws.com

0fknmj8f9h.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 159.255.219.124 (Almere Stad, Netherlands)

ASN47886 (EQUINIX-NL-ASN, NL)

www.autorentals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.140.54 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-140-54.eu-central-1.compute.amazonaws.com

travel.mediaalpha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.98 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-98.fra50.r.cloudfront.net

tracker.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f0ff:1a:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b709 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.23.149.37 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-23-149-37.compute-1.amazonaws.com

hn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO - Criteo Corp., US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.84.151 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-84-151.eu-west-1.compute.amazonaws.com

customer.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::9000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.162 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.223.83 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (United States) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.98.228 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-156-98-228.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.41.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-41-129.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.125.54 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-125-54.eu-west-1.compute.amazonaws.com

cm.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.211.49 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-211-49.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.224.27 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-224-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.225.182 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-247-225-182.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.246.102 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-246-102.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.178.65.246 (Renswoude, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:194::143a (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.166 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.239.247 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-239-247.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.109.152 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-5-109-152.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.175.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-175-152.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	autorentals.com www.autorentals.com	684 KB
11	criteo.com 5 redirects sslwidget.criteo.com widget.us.criteo.com gum.criteo.com dis.criteo.com	6 KB
8	shermanstravel.com click.deals.shermanstravel.com landscape.shermanstravel.com	32 KB
7	lytics.io c.lytics.io api.lytics.io	18 KB
7	gstatic.com fonts.gstatic.com	139 KB
6	doubleclick.net 5 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	2 KB
6	googleapis.com ajax.googleapis.com fonts.googleapis.com	36 KB
5	lightboxcdn.com www.lightboxcdn.com api1.lightboxcdn.com	143 KB
5	google-analytics.com 3 redirects www.google-analytics.com	36 KB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	yahoo.com 3 redirects ads.yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com	2 KB
4	google.de www.google.de	437 B
4	google.com 3 redirects www.google.com	678 B
3	tapad.com 1 redirects pixel.tapad.com tapestry.tapad.com	1 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	360yield.com 1 redirects ad.360yield.com	782 B
2	outbrain.com 1 redirects sync.outbrain.com	702 B
2	bidswitch.net 1 redirects x.bidswitch.net	906 B
2	openx.net 1 redirects us-u.openx.net	349 B
2	advertising.com 2 redirects pixel.advertising.com	670 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	inspectlet.com cdn.inspectlet.com hn.inspectlet.com	70 KB
2	facebook.com www.facebook.com	392 B
2	facebook.net connect.facebook.net	142 KB
2	bing.com bat.bing.com	7 KB
2	marinsm.com tracker.marinsm.com	3 KB
2	mediaalpha.com travel.mediaalpha.com	128 KB
2	amazonaws.com s3-us-west-2.amazonaws.com 0fknmj8f9h.execute-api.us-west-2.amazonaws.com	773 B
2	googletagmanager.com www.googletagmanager.com	56 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
1	bluekai.com tags.bluekai.com	765 B
1	krxd.net beacon.krxd.net	320 B
1	contextweb.com bh.contextweb.com	631 B
1	clmbtech.com ade.clmbtech.com	239 B
1	e-planning.net sync.e-planning.net	104 B
1	aralego.com sync.aralego.com	463 B
1	smartadserver.com rtb-csync.smartadserver.com	680 B
1	teads.tv criteo-sync.teads.tv	390 B
1	media.net contextual.media.net	46 B
1	pubmatic.com simage2.pubmatic.com	845 B
1	revcontent.com cm.revcontent.com	257 B
1	addthis.com cw.addthis.com	427 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	rlcdn.com idsync.rlcdn.com	304 B
1	turn.com 1 redirects d.turn.com	514 B
1	mediawallahscript.com customer.mediawallahscript.com	367 B
1	criteo.net static.criteo.net	10 KB
1	azurewebsites.net lightboxapi1.azurewebsites.net	569 B
1	googleadservices.com www.googleadservices.com	10 KB
1	quantcount.com rules.quantcount.com	356 B
1	bookingbuddy.com 1 redirects e.bookingbuddy.com	335 B
131	51

	Domain	Requested by
37	www.autorentals.com	click.deals.shermanstravel.com www.autorentals.com
7	fonts.gstatic.com	ajax.googleapis.com click.deals.shermanstravel.com www.autorentals.com
7	click.deals.shermanstravel.com	click.deals.shermanstravel.com ajax.googleapis.com
6	c.lytics.io	click.deals.shermanstravel.com c.lytics.io ajax.googleapis.com
5	dis.criteo.com
5	www.google-analytics.com	3 redirects click.deals.shermanstravel.com www.autorentals.com
5	fonts.googleapis.com	click.deals.shermanstravel.com www.autorentals.com travel.mediaalpha.com
4	secure.adnxs.com	3 redirects
4	gum.criteo.com	4 redirects
4	www.lightboxcdn.com	click.deals.shermanstravel.com www.lightboxcdn.com
4	www.google.de	click.deals.shermanstravel.com www.autorentals.com
4	www.google.com	3 redirects click.deals.shermanstravel.com
3	stats.g.doubleclick.net	3 redirects
2	dpm.demdex.net	1 redirects
2	ad.360yield.com	1 redirects
2	sync.outbrain.com	1 redirects
2	x.bidswitch.net	1 redirects
2	us-u.openx.net	1 redirects
2	pixel.advertising.com	2 redirects
2	r.casalemedia.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	ads.yahoo.com	2 redirects
2	pixel.tapad.com	1 redirects
2	www.facebook.com	www.autorentals.com connect.facebook.net
2	connect.facebook.net	click.deals.shermanstravel.com connect.facebook.net
2	bat.bing.com	www.googletagmanager.com www.autorentals.com
2	tracker.marinsm.com	www.googletagmanager.com www.autorentals.com
2	travel.mediaalpha.com	www.autorentals.com travel.mediaalpha.com
2	www.googletagmanager.com	click.deals.shermanstravel.com www.autorentals.com
1	tags.bluekai.com
1	beacon.krxd.net
1	bh.contextweb.com
1	ade.clmbtech.com
1	tapestry.tapad.com
1	sync.e-planning.net
1	sync.aralego.com
1	rtb-csync.smartadserver.com
1	criteo-sync.teads.tv
1	contextual.media.net
1	simage2.pubmatic.com
1	cm.revcontent.com
1	ups.analytics.yahoo.com
1	cw.addthis.com
1	pixel.rubiconproject.com
1	idsync.rlcdn.com
1	sp.analytics.yahoo.com	1 redirects
1	d.turn.com	1 redirects
1	customer.mediawallahscript.com
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	static.criteo.net	www.googletagmanager.com
1	hn.inspectlet.com	cdn.inspectlet.com
1	cdn.inspectlet.com	click.deals.shermanstravel.com
1	0fknmj8f9h.execute-api.us-west-2.amazonaws.com	s3-us-west-2.amazonaws.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	api.lytics.io	c.lytics.io
1	api1.lightboxcdn.com	www.lightboxcdn.com
1	lightboxapi1.azurewebsites.net	www.lightboxcdn.com
1	s3-us-west-2.amazonaws.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	pixel.quantserve.com	click.deals.shermanstravel.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	click.deals.shermanstravel.com
1	landscape.shermanstravel.com	click.deals.shermanstravel.com
1	ajax.googleapis.com	click.deals.shermanstravel.com
1	e.bookingbuddy.com	1 redirects
131	66

This site contains links to these domains. Also see Links.

Domain
blog.autorentals.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
*.shermanstravel.com DigiCert SHA2 Secure Server CA	`2018-02-26` - `2020-05-01`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-10` - `2020-10-09`	a year	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
*.azurewebsites.net Microsoft IT TLS CA 5	`2019-09-24` - `2021-09-24`	2 years	crt.sh
*.lytics.io DigiCert ECC Secure Server CA	`2019-10-22` - `2020-10-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-12-03` - `2020-02-25`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2019-09-28` - `2020-10-28`	a year	crt.sh
www.autorentals.com Go Daddy Secure Certificate Authority - G2	`2018-05-10` - `2020-07-09`	2 years	crt.sh
mediaalpha.com Amazon	`2019-10-04` - `2020-11-04`	a year	crt.sh
*.marinsm.com DigiCert SHA2 Secure Server CA	`2018-04-16` - `2020-04-20`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
ssl511215.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-23` - `2020-02-29`	6 months	crt.sh
hn.inspectlet.com Let's Encrypt Authority X3	`2019-11-16` - `2020-02-14`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.us.criteo.com DigiCert ECC Secure Server CA	`2019-06-12` - `2020-06-16`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2019-11-02` - `2020-11-06`	a year	crt.sh
*.mediawallahscript.com Amazon	`2019-06-18` - `2020-07-18`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
revcontent.com Amazon	`2019-09-19` - `2020-10-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2018-12-30` - `2020-03-30`	a year	crt.sh
teads.tv Let's Encrypt Authority X3	`2019-10-30` - `2020-01-28`	3 months	crt.sh
*.smartadserver.com Thawte RSA CA 2018	`2018-09-07` - `2020-02-17`	a year	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.e-planning.net COMODO RSA Domain Validation Secure Server CA	`2018-02-16` - `2021-02-15`	3 years	crt.sh
static.clmbtech.com GeoTrust RSA CA 2018	`2019-02-08` - `2020-05-09`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.krxd.net DigiCert SHA2 Secure Server CA	`2019-04-11` - `2020-04-11`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Frame ID: 40786801B7C7018442E030F505B5FF69
Requests: 99 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1576607601996&lv=1
Frame ID: A972C4D623FFA70B8C7A005CA6C2B857
Requests: 2 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=42dce7f6-b26a-40ba-9556-9859e176c488
Frame ID: E136D8C86F5EE22DF1029FD37CDAEE9E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://e.bookingbuddy.com/redirect/?vv=2&q=eJxFULGOwyAM_ZqwJQqGBDJ4aO_U5XRLb7vNAdqiEogCrdS_P9LlJOvJz37... HTTP 302
https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto Page URL
https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=sherman... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Inspectlet (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.inspectlet\.com/i

Page Statistics

131
Requests

100 %
HTTPS

30 %
IPv6

51
Domains

66
Subdomains

54
IPs

9
Countries

1540 kB
Transfer

3909 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.autorentals.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AutoRentalsCom
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/autorentalscom
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/autorentals.com
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/autorentalscom/?hl=en
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e.bookingbuddy.com/redirect/?vv=2&q=eJxFULGOwyAM_ZqwJQqGBDJ4aO_U5XRLb7vNAdqiEogCrdS_P9LlJOvJz37vyfKKIJUQWrKMklnkEwfOOchJStkLVpD3oNkDz8dv-NLi9-fMnkgsYPC55G5O6e7jdX5Y--pMWtiCgwY5imqKOHClat7AHDbq2ABkZ4pPsXaNOFQsabWOQt4H8FHR0LKSv_4rQI2D4P3O1SdLeCtlze_VqZYJ3ty7d0SXb25bKOay0dOF_Zgq4KOSg6jhJ9B8N1AkS60lH16toa3dXCzV3V62tLQlbSmWxDwKxQyCtvU5E_V2VDTP88VNc28GGM0FRqnNH31fXNo HTTP 302
https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto Page URL
https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://e.bookingbuddy.com/redirect/?vv=2&q=eJxFULGOwyAM_ZqwJQqGBDJ4aO_U5XRLb7vNAdqiEogCrdS_P9LlJOvJz37vyfKKIJUQWrKMklnkEwfOOchJStkLVpD3oNkDz8dv-NLi9-fMnkgsYPC55G5O6e7jdX5Y--pMWtiCgwY5imqKOHClat7AHDbq2ABkZ4pPsXaNOFQsabWOQt4H8FHR0LKSv_4rQI2D4P3O1SdLeCtlze_VqZYJ3ty7d0SXb25bKOay0dOF_Zgq4KOSg6jhJ9B8N1AkS60lH16toa3dXCzV3V62tLQlbSmWxDwKxQyCtvU5E_V2VDTP88VNc28GGM0FRqnNH31fXNo HTTP 302
https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Request Chain 18

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=483180158&t=pageview&_s=1&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1330290918&gjid=687368951&cid=58884400.1576607602&tid=UA-13162027-3&_gid=543542431.1576607602&_r=1&cd6=pmin-under-50%20pmax-under-50&cd7=car_rental&cd8=toronto&cd10=deal%20click&z=73560419 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_gid=543542431.1576607602&gjid=687368951&_v=j79&z=73560419 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_v=j79&z=73560419 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_v=j79&z=73560419&slf_rd=1&random=1493702725

Request Chain 35

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=483180158&t=event&ni=1&_s=2&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PostUp&ea=PostUp%20Loaded&el=%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&ev=1&_u=aHBAAEAB~&jid=1635095339&gjid=897410219&cid=58884400.1576607602&tid=UA-13162027-3&_gid=543542431.1576607602&_r=1&cd6=pmin-under-50%20pmax-under-50&cd7=car_rental&cd8=toronto&cd10=deal%20click&z=2046694477 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_gid=543542431.1576607602&gjid=897410219&_v=j79&z=2046694477 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_v=j79&z=2046694477 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_v=j79&z=2046694477&slf_rd=1&random=295230426

Request Chain 85

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=528790270&t=pageview&_s=1&dl=https%3A%2F%2Fwww.autorentals.com%2Fhp%3Fpl%3DYYZ%26cid%3D96491%26utm_campaign%3D96491%26utm_medium%3Ddisplay%26utm_source%3Dshermans%26pp%3D5&dr=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&ul=en-us&de=UTF-8&dt=Compare%20Cheap%20Auto%20Rental%20Prices%20%7C%20Autorentals.com.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAEAB~&jid=93210440&gjid=734784010&cid=2061204747.1576607607&tid=UA-87609804-1&_gid=438156187.1576607607&_r=1&gtm=2wgc6153X4K5&cd2=G6771478098090338772%3A1&cd6=45054%3A1483966&z=119279159 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_gid=438156187.1576607607&gjid=734784010&_v=j79&z=119279159 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_v=j79&z=119279159 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_v=j79&z=119279159&slf_rd=1&random=497120610

Request Chain 99

https://sslwidget.criteo.com/event?a=30790&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.deals.shermanstravel.com&p1=e%3Dce%26m%3D%255Bundefined%255D&p2=e%3Dvs%26ui_location%3Dundefined&p3=e%3Dvh&p4=e%3Ddis&adce=1&lwid=4125701a-a0ad-4a2c-9ad9-d9f89be8ae8f&tld=autorentals.com&dtycbr=73287 HTTP 302
https://widget.us.criteo.com/event?a=30790&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.deals.shermanstravel.com&p1=e%3Dce%26m%3D%255Bundefined%255D&p2=e%3Dvs%26ui_location%3Dundefined&p3=e%3Dvh&p4=e%3Ddis&adce=1&lwid=4125701a-a0ad-4a2c-9ad9-d9f89be8ae8f&tld=autorentals.com&dtycbr=73287

Request Chain 100

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=42dce7f6-b26a-40ba-9556-9859e176c488 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=42dce7f6-b26a-40ba-9556-9859e176c488

Request Chain 102

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/xfMjA9LHOaOpJQ0Fh7o4jfrKfRhgfb6G/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2540391108146462417

Request Chain 103

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

Request Chain 104

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no HTTP 302
https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_cm&google_hm=9ufcQmqyukCVVphZ4XbEiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_cm=&google_hm=9ufcQmqyukCVVphZ4XbEiA&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_gid=CAESEH3oYGXchGfvCJfJo6dZvTY&google_cver=1&google_ula=913071,0

Request Chain 107

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2705188877568417993

Request Chain 110

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488 HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488&C=1

Request Chain 111

https://pixel.advertising.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1&apid=UPb78c8135-20fb-11ea-9e2d-063425d84240

Request Chain 112

https://us-u.openx.net/w/1.0/sd?id=537072953&val=42dce7f6-b26a-40ba-9556-9859e176c488&c=us HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=42dce7f6-b26a-40ba-9556-9859e176c488&c=us

Request Chain 114

https://x.bidswitch.net/sync?dsp_id=46&user_id=42dce7f6-b26a-40ba-9556-9859e176c488&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=42dce7f6-b26a-40ba-9556-9859e176c488&expires=30

Request Chain 115

https://sync.outbrain.com/cookie-sync?p=criteo&uid=42dce7f6-b26a-40ba-9556-9859e176c488 HTTP 302
https://sync.outbrain.com/cookie-sync?p=criteo&uid=42dce7f6-b26a-40ba-9556-9859e176c488&rdrctExp=true

Request Chain 120

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488

Request Chain 126

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=vwHqAzuhszTNqI3J8GH0veRy3JpNzCT9

Request Chain 128

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GMkBl8bP-KeqoFfG5__ZwPqdnUVWSDaz

Request Chain 129

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AYBP1ypD1ZMzwUKr9VWxuS2yU8HhBVge HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=AYBP1ypD1ZMzwUKr9VWxuS2yU8HhBVge

131 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

canada-daily-car-rentals-from-toronto Show response
click.deals.shermanstravel.com/1674532/281/
Redirect Chain

http://e.bookingbuddy.com/redirect/?vv=2&q=eJxFULGOwyAM_ZqwJQqGBDJ4aO_U5XRLb7vNAdqiEogCrdS_P9LlJOvJz37vyfKKIJUQWrKMklnkEwfOOchJStkLVpD3oNkDz8dv-NLi9-fMnkgsYPC55G5O6e7jdX5Y--pMWtiCgwY5imqKOHClat7AHD...
https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

14 KB
5 KB

335ms
111ms

Document
text/html

34.237.24.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.24.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-237-24-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: be6b5d528dd30d5efde802a76d7a2f1fd62fc9dec2d29ee24859a7a23412ac6b

Request headers

:method: GET
:authority: click.deals.shermanstravel.com
:scheme: https
:path: /1674532/281/canada-daily-car-rentals-from-toronto
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:21 GMT
content-type: text/html
server: nginx
last-modified: Mon, 11 Nov 2019 11:41:19 GMT
content-encoding: gzip

Redirect headers

Content-Length: 0
Location: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Server: Skipper
Expires: Tue, 17 Dec 2019 18:33:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:21 GMT
Connection: keep-alive

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
33 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 04:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2298135
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 04:11:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
578 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:33:21 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 18:33:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 18:33:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
696 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:33:21 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 18:33:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 18:33:21 GMT

GET
H2 200 interstitial-18b4490c67debd584ae96942f161a42c.css
click.deals.shermanstravel.com/assets/ 1 KB
745 B 107ms
106ms Stylesheet
text/css 34.237.24.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/assets/interstitial-18b4490c67debd584ae96942f161a42c.css
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.24.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-237-24-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d4f4be14ec90c84952052c340e8a18f447de2f305eab176bf70dc04e4b32e818

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:21 GMT
cache-control: max-age=31536000, public
expires: Wed, 16 Dec 2020 18:33:21 GMT
server: nginx
content-encoding: gzip
content-type: text/css

GET
H2 200 interstitial_external-280e77248e226b071b4a84b58d622434.css
click.deals.shermanstravel.com/assets/ 1 KB
682 B 107ms
107ms Stylesheet
text/css 34.237.24.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/assets/interstitial_external-280e77248e226b071b4a84b58d622434.css
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.24.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-237-24-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ef60e5fe54f75b0825bc3a51830b26709a96843762ae26a45f4439a749df039f

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:21 GMT
cache-control: max-age=31536000, public
expires: Wed, 16 Dec 2020 18:33:21 GMT
server: nginx
content-encoding: gzip
content-type: text/css

GET
H2 200 st_landscape.js Show response
landscape.shermanstravel.com/ 1 KB
946 B 332ms
109ms Script
application/javascript 54.88.110.223
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://landscape.shermanstravel.com/st_landscape.js?v=20190528
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.110.223 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-88-110-223.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec71478763d59753bb1931f8cc7f3ce6584d5a60fa15dfe00eaf52c4458fe695

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Tue, 17 Dec 2019 18:33:21 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 16:58:55 GMT
server: nginx
etag: W/"5db86fcf-524"
content-type: application/javascript
status: 200
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sht_logo_desktop-cbea7eafa6612ce39709903a4388d300.png
click.deals.shermanstravel.com/assets/logos/ 12 KB
12 KB 107ms
107ms Image
image/png 34.237.24.105
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/logos/sht_logo_desktop-cbea7eafa6612ce39709903a4388d300.png
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.24.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-237-24-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a82d5d6368f34a1384c667f859540aebb8eb4f071d80de35c861f4919b5a209d

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:21 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 12484
expires: Wed, 16 Dec 2020 18:33:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 7184
date: Tue, 17 Dec 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 17 Dec 2019 18:33:37 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 159ms
40ms Script
application/x-javascript 91.228.74.226
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17-Dec-2019 18:33:21 GMT
Server: QS
ETag: M0-56c8c653
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Tue, 24 Dec 2019 18:33:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 65 KB
25 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

466ae79072173fd95bd576272b17a35716d12eb85e0b438ccc38b7a6db02af7d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:21 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24987
x-xss-protection: 0
expires: Tue, 17 Dec 2019 18:33:21 GMT

POST
H2 200 canada-daily-car-rentals-from-toronto Show response
click.deals.shermanstravel.com/1674532/281/ 671 B
860 B 155ms
155ms XHR
application/json 34.237.24.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.237.24.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-237-24-105.compute-1.amazonaws.com

Software

nginx /

Resource Hash

44376ed0805057167fcdae5b974da1c179a273704daae976a4163a75e2d9c57f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Origin: https://click.deals.shermanstravel.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-runtime: 0.047024
date: Tue, 17 Dec 2019 18:33:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
status: 200
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: 2366548b-4347-44c2-b243-a2051ee38c83

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin: https://click.deals.shermanstravel.com

Response headers

date: Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 2258110
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:18:11 GMT

GET
H2 200 sht_logo_desktop_external-4d3e24203927fcefe8237d75b0fcc93b.png
click.deals.shermanstravel.com/assets/logos/ 8 KB
9 KB 105ms
104ms Image
image/png 34.237.24.105
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/logos/sht_logo_desktop_external-4d3e24203927fcefe8237d75b0fcc93b.png
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.24.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-237-24-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 363e30beb9afe4a368061173b2a840f64412a2b1a0c76e6ee0a11fd20fe91603

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:22 GMT
server: nginx
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 8638
expires: Wed, 16 Dec 2020 18:33:22 GMT

GET
H2 200 arrows-8d8e8b955e27d8c6747cc06635e44272.gif
click.deals.shermanstravel.com/assets/ 3 KB
3 KB 108ms
108ms Image
image/gif 34.237.24.105
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/arrows-8d8e8b955e27d8c6747cc06635e44272.gif
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.24.105 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-237-24-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3287d19fb549ad1443377c8490fe1cf95b9ef35cb8473747b54662c1f1add459

Request headers

Referer: https://click.deals.shermanstravel.com/assets/interstitial_external-280e77248e226b071b4a84b58d622434.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:22 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2899
expires: Wed, 16 Dec 2020 18:33:22 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed
Origin: https://click.deals.shermanstravel.com

Response headers

date: Fri, 13 Dec 2019 20:56:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:48:22 GMT
server: sffe
age: 336991
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10968
x-xss-protection: 0
expires: Sat, 12 Dec 2020 20:56:50 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i
Origin: https://click.deals.shermanstravel.com

Response headers

date: Fri, 13 Dec 2019 20:56:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 337026
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Sat, 12 Dec 2020 20:56:15 GMT

GET
H2 200 rules-p-y7jhK3PrFbS21.js Show response
rules.quantcount.com/ 3 B
356 B 7ms
7ms Script
application/x-javascript 2600:9000:21f3:f200:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-y7jhK3PrFbS21.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 17:23:10 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 21:24:26 GMT
server: AmazonS3
age: 4212
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3
x-amz-cf-id: JHoDUpyUgtTjC85HTfuKbodHYVZcPhYmt3e_zgWoLZKrVGBSYL2Ctg==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=483180158&t=pageview&_s=1&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&ul=en-us&de...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_gid=543542431.1576607602&gjid=687368951&_v=j79&z=73560419
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_v=j79&z=73560419
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_v=j79&z=73560419&slf_rd=1&random=1493702725

42 B
109 B

30ms
30ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_v=j79&z=73560419&slf_rd=1&random=1493702725

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:22 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1330290918&_v=j79&z=73560419&slf_rd=1&random=1493702725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel;r=1975076610;labels=ShermansTravel%20Deals%20Network;rf=0;a=p-y7jhK3PrFbS21;url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto;fpan=1;fpa...
pixel.quantserve.com/ 35 B
494 B 384ms
33ms Image
image/gif 91.228.74.226
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1975076610;labels=ShermansTravel%20Deals%20Network;rf=0;a=p-y7jhK3PrFbS21;url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto;fpan=1;fpa=P0-25126593-1576607601987;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1576607601987;tzo=-60;ogl=
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:22 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 1229ms
81ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9933
x-xss-protection: 0
server: cafe
etag: 9795501548502167919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Dec 2019 18:33:23 GMT

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/ 45 KB
11 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/lio.js
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d59bc574072ae7d8cc6932c0941a31ffe6a84be848e48945edc824f09b5b9422

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:22 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 4474
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 546afc288caacba4-VIE
access-control-allow-origin: *

GET
H/1.1 200
OK deals-lytics.js Show response
s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/stm/stm/ 352 B
773 B 1771ms
203ms Script
application/javascript 52.218.218.0
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/stm/stm/deals-lytics.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.218.0 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e8c6e9a411d4bdae76eb9009337698c76c11d0aa41eb79410b60b6b03c7f4d22

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:24 GMT
Last-Modified: Tue, 03 Dec 2019 21:17:35 GMT
Server: AmazonS3
x-amz-request-id: CC5B402603ECA480
ETag: "cbdedaeccadd9552a72fe5da36cf8cff"
Content-Type: application/javascript
Content-Length: 352
Accept-Ranges: bytes
x-amz-version-id: 454mrkwbQRXhiaUfh8afD.yUmIlUYc0v
x-amz-id-2: mSGy9tVQsia1xhnpBv6vt5qvoaOEEJV4F5M4Xr1x4ucuayskgw5QQ2JpLBpqAqxCmmjHP2sU3ms=

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame A972 326 B
392 B 42ms
42ms Script
application/javascript 2606:4700::6810:4da5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1576607601996&lv=1
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5afd25c518d6323642296ae7d20719893cefca86b772851e8d6780c073097da9

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:22 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 76437
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 546afc289dd259dc-VIE

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/lio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:22 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 03 Dec 2019 23:11:46 GMT
server: cloudflare
age: 1787
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: max-age=7200
cf-ray: 546afc28ad33cba4-VIE

GET
H2 200 2033ac07a2eae34026d3189da90d18b6 Show response
c.lytics.io/cid/ 76 B
200 B 151ms
150ms Script
text/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/cid/2033ac07a2eae34026d3189da90d18b6?callback=jQuery18209369996805884864_1576607601477&_=1576607602048
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc6d62421647c05f32071438ebf0f718edcdcda351f90439ba524053a4da2566

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: text/javascript
status: 200
content-encoding: br
cache-control: no-cache, no-store, must-revalidate
cf-ray: 546afc28dddccba4-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 2033ac07a2eae34026d3189da90d18b6 Show response
c.lytics.io/cid/ 76 B
199 B 149ms
149ms Script
text/javascript 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/cid/2033ac07a2eae34026d3189da90d18b6?callback=jQuery18209369996805884864_1576607601478&_=1576607602049
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c6c84e0ca7a76edcb93422ebc6d6db4782d14c342437e671dbf9101147a667

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: text/javascript
status: 200
content-encoding: br
cache-control: no-cache, no-store, must-revalidate
cf-ray: 546afc28ddebcba4-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame A972 807 KB
141 KB 35ms
34ms Script
application/javascript 2606:4700::6810:4da5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1576607601996&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb569f9e38441522b18006c60627dc28e36059482ffa85e5c2aee3301c5c138

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Dec 2019 18:33:22 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: YVi7Obr2VN73m8LMI/3ZBA==
age: 76435
cf-polished: origSize=1305620
status: 200
x-ms-lease-status: unlocked
last-modified: Mon, 16 Dec 2019 21:18:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 5a51a991-a01e-0002-7f56-b4573b000000
expires: Wed, 16 Dec 2020 18:33:22 GMT
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 546afc28de3659dc-VIE
cf-bgj: minify

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 23ms
23ms Stylesheet
text/css 2606:4700::6810:4da5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637121278994972112
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69712c99f8c76ce00e78844aeb06715ad42e3343fe2f9eea1013580a9ca9be41

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Dec 2019 18:33:22 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 76433
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
status: 200
x-ms-lease-status: unlocked
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: daff98ea-701e-00ee-1956-b45f42000000
expires: Wed, 16 Dec 2020 18:33:22 GMT
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 546afc299ee459dc-VIE
cf-bgj: minify

GET
H/1.1 200
OK z Show response
lightboxapi1.azurewebsites.net/z9l/42332/click.deals.shermanstravel.com/jsonp/ 329 B
569 B 749ms
312ms Script
application/javascript 23.99.128.52
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi1.azurewebsites.net/z9l/42332/click.deals.shermanstravel.com/jsonp/z?cb=1576607602185&callback=jQuery17107077961932357495_1576607602154&_=1576607602187
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.99.128.52 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: waws-prod-dm1-001.cloudapp.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 57f72adfda4b6cd243ed02e976fb81d8cb8efbd22cbc826e17196228c6d1e105

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:21 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 356
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 z.gif Show response
api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQO... 183 B
370 B 19ms
18ms XHR
application/javascript 2606:4700::6810:4da5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api1.lightboxcdn.com/z9u/LIewXglgNlCGD0BWAdABgAQApiwMYQDsAXEAZwAsBudASWIFMp0dd0B5AZXQA10BGVAH0-AFkGIAlOgCCAB1lR6AdXoAjANIQiSAMwB2ZDoBsWdQAkAKsAAyAGnRQIAa3roA4vVxOQUgMLkAJxAAW3p4PRE0Qz0AJgBOZD4jOPQOWAAzWACIXQNjIA__XZX/z.gif
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5106a4e511706df433181790f4549462307d69dc064ac24e3c3520c201b89611

Request headers

Accept: */*
Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Origin: https://click.deals.shermanstravel.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 59978
x-powered-by: ASP.NET
status: 200
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
cf-ray: 546afc29bbc8cbb4-VIE
expires: Wed, 18 Dec 2019 18:33:22 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
107 B 25ms
25ms Image
image/gif 2606:4700::6810:4da5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1576607602170&h=click.deals.shermanstravel.com&e=p&u=42332
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4da5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 17 Dec 2019 18:33:22 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1596724
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 48b7eafb-401e-010c-457d-f6fd65000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 546afc29bf0359dc-VIE
cf-bgj: imgq:85

GET
H2 200 ce2ae8e82b60c20b2c8932caa6d60823 Show response
api.lytics.io/api/personalize/2033ac07a2eae34026d3189da90d18b6/user/_uid/ 131 B
372 B 173ms
128ms Script
application/json 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/personalize/2033ac07a2eae34026d3189da90d18b6/user/_uid/ce2ae8e82b60c20b2c8932caa6d60823?segments=true&callback=window.lio.segmentscb&ts=1576607602204
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/lio.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io a5cae8e4d284d1dd792248d5ea9723652a357423 /
Resource Hash: d83748241789904aa24e4454187d110696607f23cc8fc6a635ec9495bd6d4ecd

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:22 GMT
content-encoding: gzip
alt-svc: clear
server: lytics.io a5cae8e4d284d1dd792248d5ea9723652a357423
access-control-allow-origin
access-control-allow-methods: GET
content-type: application/json
status: 200
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 129
via: 1.1 google

GET
H2 200 default
c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6/ 35 B
95 B 137ms
136ms Image
image/gif 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6/default?gtm.start=1576607601793&event=gtm.js&gtm.uniqueEventId=0&_ts=1576607602202&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&_uid=ce2ae8e82b60c20b2c8932caa6d60823&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 546afc29d9a4cba4-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ 35 B
95 B 170ms
169ms Image
image/gif 2606:4700:20::681a:316
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6?_ts=1576607602046&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&_v=2.0.0&_e=pv&_sesstart=1&_tz=1&_ul=en-US&_sz=1600x1200&_uid=62b76616e795239fefe8a4ed43c99912&_getid=t&_ca=jstag1
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 546afc29d9abcba4-VIE
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=483180158&t=event&ni=1&_s=2&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&ul=en-us&...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_gid=543542431.1576607602&gjid=897410219&_v=j79&z=2046694477
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_v=j79&z=2046694477
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_v=j79&z=2046694477&slf_rd=1&random=295230426

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_v=j79&z=2046694477&slf_rd=1&random=295230426

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-13162027-3&cid=58884400.1576607602&jid=1635095339&_v=j79&z=2046694477&slf_rd=1&random=295230426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016878300/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016878300/?random=1576607603277&cv=9&fst=1576607603277&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&tiba=Redirecting%20you%20to%20your%20deal...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8f0a9dc4e3ea1aac2b1e7ef7473208ec52f745afbe1780c5b0f5b9a74104a21f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1016878300/ 42 B
119 B 21ms
21ms Image
image/gif 2a00:1450:4001:824::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1016878300/?random=1576607603277&cv=9&fst=1576605600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&tiba=Redirecting%20you%20to%20your%20deal...&async=1&fmt=3&is_vtc=1&random=639880977&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1016878300/ 42 B
110 B 22ms
21ms Image
image/gif 2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1016878300/?random=1576607603277&cv=9&fst=1576605600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&tiba=Redirecting%20you%20to%20your%20deal...&async=1&fmt=3&is_vtc=1&random=639880977&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 502 prod
0fknmj8f9h.execute-api.us-west-2.amazonaws.com/ 0
0 1079ms
672ms Fetch
application/json 54.69.45.28
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://0fknmj8f9h.execute-api.us-west-2.amazonaws.com/prod?deal_id=1674532&uid=ce2ae8e82b60c20b2c8932caa6d60823
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/s.leveragelab.com/release/config/sites/stm/stm/deals-lytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.45.28 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-69-45-28.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK Primary Request Cookie set hp Show response
www.autorentals.com/ 65 KB
12 KB 1420ms
1215ms Document
text/html 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef5b921c461fd3e67f41204801a9794528007be421fe59843551207b5e2040b2

Request headers

Host: www.autorentals.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Response headers

Date: Tue, 17 Dec 2019 18:33:25 GMT
Server: nginx/1.10.3 (Ubuntu)
Set-Cookie: SSID=CADu6h04AAAAAAB0H_ld1CkDEXQf-V0BAAAAAAAAAAAAdB_5XQDpK_6vAAO-pBYAdB_5XQEAB78AAVSoGQB0H_ldAQBewgABtmMaAHQf-V0BAMK2AAHwDxgAdB_5XQEA; path=/; domain=.autorentals.com; expires=Wed, 16-Dec-2020 18:33:24 GMT SSSC=655.G6771478098090338772.1|45054.1483966:46786.1576944:48903.1681492:49758.1729462; path=/; domain=.autorentals.com SSRT=dB_5XQABAA; path=/; domain=.autorentals.com; expires=Wed, 16-Dec-2020 18:33:24 GMT cid=96491; Max-Age=7776000; Expires=Mon, 16-Mar-2020 18:33:24 GMT osid=903200a3-544e-46c5-93be-503efcf8408b; Max-Age=31536000; Expires=Wed, 16-Dec-2020 18:33:24 GMT; Path=/ vidt=903200a3-544e-46c5-93be-503efcf8408b; Max-Age=1800; Expires=Tue, 17-Dec-2019 19:03:25 GMT; Path=/; Secure; HttpOnly vids=903200a3-544e-46c5-93be-503efcf8408b; Path=/; Secure; HttpOnly query_location=YYZ%3A%3AYYZ%3A%3A; Max-Age=31536000; Expires=Wed, 16-Dec-2020 18:33:25 GMT; Path=/ SESSION=YzYyZDBkZDAtMjA1Yi00NDM0LWIwZWQtMGMwOTc3ODVhMmFj; Path=/; HttpOnly; SameSite=Lax
RTSS: 1-2-68
Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Vary: Accept-Encoding
Pragma: no-cache
Cache-Control: private, max-age=0, proxy-revalidate, no-store, no-cache, must-revalidate
Expires: Thu, 20 Jun 2019 17:23:52 GMT
Content-Encoding: gzip
Content-Length: 11147
Keep-Alive: timeout=5, max=250
Connection: Keep-Alive

GET
H/1.1 200
OK core.js+ssdomvar.js+generic-adapter.js Show response
www.autorentals.com/__ssobj/ 21 KB
7 KB 46ms
46ms Script
application/javascript 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/__ssobj/core.js+ssdomvar.js+generic-adapter.js
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: Apache /
Resource Hash: 82cb1795a37860a5cfc79636942092b4f42c4db919d2df99752fbc03f11f6f62

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 08 Dec 2019 00:00:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
SBSS: 1
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-68
Content-Length: 6733
Keep-Alive: timeout=5, max=249
Expires: Wed, 18 Dec 2019 18:33:25 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.autorentals.com/css/bootstrap/css/ 118 KB
25 KB 201ms
152ms Stylesheet
text/css 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/css/bootstrap/css/bootstrap.min.css
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5df2bbfa-1d9ac"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
RTSS: 1-2-68
Keep-Alive: timeout=5, max=248
Expires: Wed, 16 Dec 2020 18:33:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
504 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:33:25 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 18:33:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 18:33:25 GMT

GET
H/1.1 200
OK jquery-ui.min.css
www.autorentals.com/frontend/css/ 29 KB
9 KB 627ms
481ms Stylesheet
text/css 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/frontend/css/jquery-ui.min.css
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a9dfb2718340136d36e66028d8b7bfa1fe121fc6a54ee12bd76b5300af2e4349

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Dec 2019 22:15:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5df2bbf8-73d2"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
RTSS: 1-2-34
Keep-Alive: timeout=5, max=250
Expires: Wed, 16 Dec 2020 18:33:25 GMT

GET
H/1.1 200
OK cookie.js Show response
www.autorentals.com/js/ 5 KB
2 KB 670ms
463ms Script
application/javascript 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/js/cookie.js
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 920d6c0bfc9b53a23bbc2ce56b8388734ce72ebdc058c05f96f1151cc4eaad88

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5df2bbfa-1482"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
RTSS: 1-2-34
Keep-Alive: timeout=5, max=250
Expires: Wed, 16 Dec 2020 18:33:25 GMT

GET
H/1.1 200
OK homepage.bundled.js Show response
www.autorentals.com/frontend/js/ 450 KB
157 KB 665ms
483ms Script
application/javascript 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/frontend/js/homepage.bundled.js?cache=1576596711523
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fa4f178e9c8d87cd1f5194d699eeaf38f47e5798c1802ecf62b59d45db0869a2

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Dec 2019 18:29:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5df7cd04-70837"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
RTSS: 1-2-34
Keep-Alive: timeout=5, max=250
Expires: Wed, 16 Dec 2020 18:33:25 GMT

GET
H/1.1 200
OK homepage.min.css
www.autorentals.com/frontend/css/ 34 KB
8 KB 647ms
476ms Stylesheet
text/css 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/frontend/css/homepage.min.css?cache=1576596711523
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a8ec79820aaae7ae10369bb446208f7d1e24cb1511685b7925038689b22ba8ff

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Dec 2019 18:28:46 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5df7ccde-87aa"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
RTSS: 1-2-34
Keep-Alive: timeout=5, max=250
Expires: Wed, 16 Dec 2020 18:33:25 GMT

GET
H/1.1 200
OK EN-114x40.png
www.autorentals.com/resources/resultspage/logos/ 981 B
1 KB 709ms
483ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/EN-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1b54dff3c8992a7dfd6eef2a2a64799e068be5186793a03f1bec2c23d37bc500

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-3d5"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 981
Keep-Alive: timeout=5, max=250
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK HZ-114x40.png
www.autorentals.com/resources/resultspage/logos/ 1 KB
2 KB 151ms
151ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/HZ-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bf48f689cf281d8e742fcb3ee8a26860b8de6fc06455fe4d0f3f3063251b664c

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-4af"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 1199
Keep-Alive: timeout=5, max=249
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK CS-114x40.png
www.autorentals.com/resources/resultspage/logos/ 949 B
1 KB 198ms
198ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/CS-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6aab51b2feda0924594d57cf0158e483723d7108c0ddcf9752a5c23e12031010

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-3b5"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 949
Keep-Alive: timeout=5, max=249
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK EB-114x40.png
www.autorentals.com/resources/resultspage/logos/ 2 KB
2 KB 155ms
154ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/EB-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0ff82ec70bd61fa92ff673aa88c511a8bd0edc336e6995e70c956763c36ad529

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-884"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 2180
Keep-Alive: timeout=5, max=248
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK AV-114x40.png
www.autorentals.com/resources/resultspage/logos/ 878 B
1 KB 167ms
167ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/AV-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5acbc4cf863b4beeadfa8991263ead88d80c353d86161ec0df76d9667db4746c

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-36e"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 878
Keep-Alive: timeout=5, max=248
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK HW-114x40.png
www.autorentals.com/resources/resultspage/logos/ 949 B
1 KB 173ms
172ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/HW-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2f0ad7f989c1cc24277db75f8e4c93320be97acad0023c7db790a2f255120237

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-3b5"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 949
Keep-Alive: timeout=5, max=247
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK BU-114x40.png
www.autorentals.com/resources/resultspage/logos/ 897 B
1 KB 173ms
173ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/BU-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bc576c811d4bb6f46d0bcc0d54819651dc047538b35a47bef87192deed123b50

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-381"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 897
Keep-Alive: timeout=5, max=249
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK EX-114x40.png
www.autorentals.com/resources/resultspage/logos/ 1 KB
1 KB 419ms
418ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/EX-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2f1f068ee104fe4d11a6c74068f9c54d12279a390cb81299a0815b2cc63f5594

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-41e"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 1054
Keep-Alive: timeout=5, max=249
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK DL-114x40.png
www.autorentals.com/resources/resultspage/logos/ 2 KB
2 KB 173ms
172ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/resultspage/logos/DL-114x40.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3cecc3b847e0dbeb4a471645da4ed01be1be03beb5aac664baf60f783eceae0a

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-631"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-68
Content-Length: 1585
Keep-Alive: timeout=5, max=247
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK subscriber-offers-text.png
www.autorentals.com/resources/homepage/images/ 17 KB
17 KB 636ms
161ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/homepage/images/subscriber-offers-text.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c09e3322da8376b46a3207492a160ea314b05be55cd008ab239ef4dd7785184a

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Last-Modified: Thu, 07 Nov 2019 17:33:34 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5dc4556e-42c5"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-68
Content-Length: 17093
Keep-Alive: timeout=5, max=244
Expires: Wed, 16 Dec 2020 18:33:27 GMT

GET
H/1.1 200
OK download-app-text.png
www.autorentals.com/resources/homepage/images/ 27 KB
27 KB 286ms
151ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/homepage/images/download-app-text.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef0bd4c76841efe803f82e73b4d0c0b3e8be9369a6c8064d84b84e05ca8851c1

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 07 Nov 2019 17:33:34 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5dc4556e-6abf"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 27327
Keep-Alive: timeout=5, max=248
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK carousel-lg.png
www.autorentals.com/resources/images/ 152 B
517 B 300ms
165ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/images/carousel-lg.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c53cd201d11995dc17d000d18cb2723ad61a1ac9664ab8dcfd7c445d6c2a82f5

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Last-Modified: Thu, 07 Nov 2019 17:33:34 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5dc4556e-98"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-68
Content-Length: 152
Keep-Alive: timeout=5, max=246
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK carousel-sm.png
www.autorentals.com/resources/images/ 142 B
507 B 645ms
188ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/images/carousel-sm.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0f70e28d8b6e8e05b36f03b12be47f90811b3931dc13b92837a5de08b2e41602

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Last-Modified: Thu, 07 Nov 2019 17:33:34 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5dc4556e-8e"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 142
Keep-Alive: timeout=5, max=245
Expires: Wed, 16 Dec 2020 18:33:27 GMT

GET
H/1.1 200
OK facebook.png
www.autorentals.com/resources/homepage/images/ 2 KB
3 KB 144ms
144ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/homepage/images/facebook.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6b296dc636469a3d5d9767d204e3b215e5295510ab3b86cf3f6d088c48bb6575

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-921"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 2337
Keep-Alive: timeout=5, max=244
Expires: Wed, 16 Dec 2020 18:33:27 GMT

GET
H/1.1 200
OK twitter.png
www.autorentals.com/resources/homepage/images/ 2 KB
2 KB 165ms
164ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/homepage/images/twitter.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 706a88ee14f46ef56f9d9a0a47d144c4ddb160b33a5aa2fc1a5087ee5cc4507a

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-77e"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 1918
Keep-Alive: timeout=5, max=247
Expires: Wed, 16 Dec 2020 18:33:27 GMT

GET
H/1.1 200
OK linkedin.png
www.autorentals.com/resources/homepage/images/ 2 KB
2 KB 170ms
169ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/homepage/images/linkedin.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 020510cd77714e10ec94ddbf8ab53f5690794972392011bdb2d9db5a68d217cb

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-7da"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-68
Content-Length: 2010
Keep-Alive: timeout=5, max=243
Expires: Wed, 16 Dec 2020 18:33:27 GMT

GET
H/1.1 200
OK instagram.png
www.autorentals.com/resources/homepage/images/ 65 KB
65 KB 146ms
146ms Image
image/png 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/homepage/images/instagram.png
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 780b9cbb60ad09e24712beca3b51278db7ecb6947a4270e7670268e618e847d4

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-10399"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 66457
Keep-Alive: timeout=5, max=246
Expires: Wed, 16 Dec 2020 18:33:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
31 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53X4K5

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2c2ae118080f1f7881fd68d32ad55e3bd6fbd298285e2a2a169177af13e9827

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:26 GMT
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 32099
x-xss-protection: 0
expires: Tue, 17 Dec 2019 18:33:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 7189
date: Tue, 17 Dec 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 17 Dec 2019 18:33:37 GMT

PUT
H/1.1 202
OK 903200a3-544e-46c5-93be-503efcf8408b Show response
www.autorentals.com/api/v1/log/screen/ 0
176 B 189ms
188ms XHR
text/plain 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/api/v1/log/screen/903200a3-544e-46c5-93be-503efcf8408b
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/frontend/js/homepage.bundled.js?cache=1576596711523
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Origin: https://www.autorentals.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: Keep-Alive
RTSS: 1-2-34
Content-Length: 0
Keep-Alive: timeout=5, max=249

GET
H/1.1 200
OK logo.svg
www.autorentals.com/resources/homepage/images/ 14 KB
6 KB 184ms
152ms Image
image/svg+xml 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/homepage/images/logo.svg
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4fecd1ef7ef202006dff46f7c8bbabf143f0dbb5d710dcde8efb9fef6e717e21

Request headers

Referer: https://www.autorentals.com/frontend/css/homepage.min.css?cache=1576596711523
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Nov 2019 17:33:34 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5dc4556e-37e6-gzip"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Keep-Alive: timeout=5, max=246
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
www.autorentals.com/css/bootstrap/fonts/ 18 KB
18 KB 161ms
152ms Font
application/octet-stream 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/css/bootstrap/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.autorentals.com/css/bootstrap/css/bootstrap.min.css
Origin: https://www.autorentals.com

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Dec 2019 22:15:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5df2bbfa-466c-gzip"
Vary: Accept-Encoding
Content-Type: application/octet-stream
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Keep-Alive: timeout=5, max=247

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin: https://www.autorentals.com

Response headers

date: Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 2258115
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:18:11 GMT

GET
H/1.1 200
OK YYZ-Toronto-Skyline-4.webp
www.autorentals.com/a/resources/images/ 202 KB
203 KB 298ms
150ms Image
image/webp 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/a/resources/images/YYZ-Toronto-Skyline-4.webp?v=w2018
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 25574f01cb2544965c18eef92d2139910bf305dc2535a70da33d493b02587c8b

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Oct 2019 14:06:44 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5d9f3af4-32954-gzip"
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Keep-Alive: timeout=5, max=248
Expires: Wed, 16 Dec 2020 18:33:26 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin: https://www.autorentals.com

Response headers

date: Thu, 21 Nov 2019 16:53:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:39 GMT
server: sffe
age: 2252373
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13912
x-xss-protection: 0
expires: Fri, 20 Nov 2020 16:53:53 GMT

GET
H/1.1 200
OK 0
www.autorentals.com/resources/carousel/ 40 KB
41 KB 461ms
207ms Image
image/jpeg 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/carousel/0
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 891ac896e5fb9dc268ed7acc5237612098c34ff2ff2ec2ba9d84fef00e1e13c1

Request headers

Referer: https://www.autorentals.com/frontend/css/homepage.min.css?cache=1576596711523
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Keep-Alive: timeout=5, max=245

GET
H/1.1 200
OK 1
www.autorentals.com/resources/carousel/ 13 KB
13 KB 560ms
156ms Image
image/jpeg 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/carousel/1
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 65c28371600bf80e2121dab08b33c608a7e676e6f41f518f723f1a6fabf9e68c

Request headers

Referer: https://www.autorentals.com/frontend/css/homepage.min.css?cache=1576596711523
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 13210
Keep-Alive: timeout=5, max=247

GET
H/1.1 200
OK 2
www.autorentals.com/resources/carousel/ 10 KB
10 KB 473ms
173ms Image
image/jpeg 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/carousel/2
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2f96ab1c90612d406876993414217d4d5e5503a8364d26e34b182b55f35bd58a

Request headers

Referer: https://www.autorentals.com/frontend/css/homepage.min.css?cache=1576596711523
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-68
Content-Length: 9956
Keep-Alive: timeout=5, max=245

GET
H/1.1 200
OK 3
www.autorentals.com/resources/carousel/ 18 KB
18 KB 437ms
165ms Image
image/jpeg 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/carousel/3
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c62c7d7f89c7c59c2f686371828c28a094a8942bd63490eadab90987bcfeb1bc

Request headers

Referer: https://www.autorentals.com/frontend/css/homepage.min.css?cache=1576596711523
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 18259
Keep-Alive: timeout=5, max=246

GET
H/1.1 200
OK 4
www.autorentals.com/resources/carousel/ 20 KB
20 KB 544ms
165ms Image
image/jpeg 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/resources/carousel/4
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6e7c4ca57b0a82f211d0844aa50818d5195a06e4f22a882d44ae2fd2e5028c99

Request headers

Referer: https://www.autorentals.com/frontend/css/homepage.min.css?cache=1576596711523
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:26 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Keep-Alive: timeout=5, max=248

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700
Origin: https://www.autorentals.com

Response headers

date: Fri, 13 Dec 2019 20:56:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 337031
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Sat, 12 Dec 2020 20:56:15 GMT

GET
H/1.1 200
OK ard.png
www.autorentals.com/__ssobj/ 0
390 B 46ms
45ms Image
text/javascript 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.autorentals.com/__ssobj/ard.png?6771478098090338772_1-655-1576607604&n=1
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:27 GMT
Last-Modified: Fri, 15 Nov 2019 02:23:00 GMT
Server: Apache
Content-Type: text/javascript
Cache-Control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
SBSS: 1
Connection: Keep-Alive
Accept-Ranges: bytes
RTSS: 1-2-34
Content-Length: 0
Keep-Alive: timeout=5, max=245
Expires: -1

GET
H/1.1 200
OK current Show response
www.autorentals.com/api/v1/user/ 0
510 B 663ms
166ms XHR
text/plain 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/api/v1/user/current
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/frontend/js/homepage.bundled.js?cache=1576596711523
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:27 GMT
Server: nginx/1.10.3 (Ubuntu)
Cache-Control: must-revalidate, proxy-revalidate, max-age=0
Connection: Keep-Alive
RTSS: 1-2-34
Content-Length: 0
Keep-Alive: timeout=5, max=247
Expires: Thu, 20 Jun 2019 17:19:06 GMT

GET
H2 200 serve.js Show response
travel.mediaalpha.com/js/ 12 KB
4 KB 152ms
44ms Script
application/javascript 52.29.140.54
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.mediaalpha.com/js/serve.js
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/frontend/js/homepage.bundled.js?cache=1576596711523
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.140.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-140-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 16997996bf0d12e3b625a2685ad586fa76bfb86ad1b276183748ea8a9f83916f

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:26 GMT
content-encoding: gzip
server: Apache
content-length: 4107
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

POST
H/1.1 202
OK log_ga_cid Show response
www.autorentals.com/api/v1/user/ 0
391 B 738ms
238ms XHR
text/plain 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/api/v1/user/log_ga_cid
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: no-cache
Origin: https://www.autorentals.com
Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Server: nginx/1.10.3 (Ubuntu)
Connection: Keep-Alive
RTSS: 1-2-34
Content-Length: 0
Keep-Alive: timeout=5, max=244

GET
H2 200 1rm18q9dn4timz.js Show response
tracker.marinsm.com/tracker/async/ 5 KB
2 KB 162ms
47ms Script
text/javascript 143.204.101.98
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.marinsm.com/tracker/async/1rm18q9dn4timz.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53X4K5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: /
Resource Hash: 2c3732b2263541b4a359743dee07143392197859ee498f4e2f40be61535410b0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 16:49:52 GMT
content-encoding: gzip
age: 6137
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-marintrackerversion: 3
x-amz-cf-id: DW0gBhoY7_6_8wn0qNsaxV0gaby-uF2SyYSgK7rxpwuBLGts16Uvtg==
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
expires: Tue, 17 Dec 2019 16:52:44 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 46ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53X4K5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:26 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: DE3E67FA466842439F0AF1F3C8AC9642 Ref B: VIEEDGE0615 Ref C: 2019-12-17T18:33:26Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 16ms
15ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30426
x-xss-protection: 0
pragma: public
x-fb-debug: J6N4AyKB3OZLKujvxTmpg5vrn3iQ4RK1H7P4xC4jKYyC+aIHtpopSP2bn3aVpAyusalrI0B0t8RgDtgQXs1PZw==
date: Tue, 17 Dec 2019 18:33:26 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=528790270&t=pageview&_s=1&dl=https%3A%2F%2Fwww.autorentals.com%2Fhp%3Fpl%3DYYZ%26cid%3D96491%26utm_campaign%3D96491%26utm_medium%3Ddisplay%26...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_gid=438156187.1576607607&gjid=734784010&_v=j79&z=119279159
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_v=j79&z=119279159
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_v=j79&z=119279159&slf_rd=1&random=497120610

42 B
109 B

30ms
30ms

Image
image/gif

2a00:1450:4001:824::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_v=j79&z=119279159&slf_rd=1&random=497120610

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:26 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87609804-1&cid=2061204747.1576607607&jid=93210440&_v=j79&z=119279159&slf_rd=1&random=497120610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1763635503890127 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 16ms
16ms Script
application/x-javascript 2a03:2880:f0ff:1a:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1763635503890127?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f0ff:1a:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

5d34e4fd5c0c599f4be72998a555e9943607db70f4b3dad9d79070e2bbae3032

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114919
x-xss-protection: 0
pragma: public
x-fb-debug: zuN0yIOg7Ue4e4KUsDUOmDyJ0SEp75vM6994kBdzgNPnifwNazl5A6e/jvJENJWEqihtmvQjwHQ83ey7os+PnA==
date: Tue, 17 Dec 2019 18:33:26 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 46ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26005609&Ver=2&mid=40950bf9-b68d-728e-32eb-f8e7c85e5064&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Compare%20Cheap%20Auto%20Rental%20Prices%20%7C%20Autorentals.com.&kw=auto%20rentals,%20auto%20rental,%20car%20rentals,%20rental%20cars,%20rental%20car,%20airport%20auto%20rental,%20airport%20auto%20rentals,%20car%20rental,%20cheap%20car%20rental,%20cheap%20car%20rentals,%20cheap%20auto%20rental,%20cheap%20auto%20rentals,%20discount%20auto%20rental,%20discount%20car%20rental&p=https%3A%2F%2Fwww.autorentals.com%2Fhp%3Fpl%3DYYZ%26cid%3D96491%26utm_campaign%3D96491%26utm_medium%3Ddisplay%26utm_source%3Dshermans%26pp%3D5&r=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&lt=2578&evt=pageLoad&msclkid=N&rn=369725
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 17 Dec 2019 18:33:26 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D0E29BFE0AA14CBFBF5D7CDFA332E1CC Ref B: VIEEDGE0615 Ref C: 2019-12-17T18:33:26Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
310 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1763635503890127&ev=PageView&dl=https%3A%2F%2Fwww.autorentals.com%2Fhp%3Fpl%3DYYZ%26cid%3D96491%26utm_campaign%3D96491%26utm_medium%3Ddisplay%26utm_source%3Dshermans%26pp%3D5&rl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&if=false&ts=1576607606665&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1576607606664.847815232&it=1576607606618&coo=false&rqm=GET

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 17 Dec 2019 18:33:26 GMT

GET
H2 200 serve_.js Show response
travel.mediaalpha.com/js/ 406 KB
124 KB 107ms
107ms Script
text/javascript 52.29.140.54
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.mediaalpha.com/js/serve_.js?z=vs~en~I[~HVnQksRET8LSYBNa2FUe909rFJlnzw~]K~903200a3-544e-46c5-93be-503efcf8408b~BDJ17N{vW~YYZ~vV~2019-12-24~vX~10%3A00~qAp~2019-12-27~r~10%3A00~}vC19&d=media_alpha_fdcb&_=502188529
Requested by: Host: travel.mediaalpha.com
URL: https://travel.mediaalpha.com/js/serve.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.140.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-140-54.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 795f97f3e05c82b590ca3368f421feff0f5ede57577eb8e5a0de122f23f420ea

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:26 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 tp
tracker.marinsm.com/ 36 B
448 B 52ms
51ms Image
image/gif 143.204.101.98
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracker.marinsm.com/tp?act=1&cid=1rm18q9dn4timz&tz=-1&ref=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1674532%2F281%2Fcanada-daily-car-rentals-from-toronto&page=https%3A%2F%2Fwww.autorentals.com%2Fhp%3Fpl%3DYYZ%26cid%3D96491%26utm_campaign%3D96491%26utm_medium%3Ddisplay%26utm_source%3Dshermans%26pp%3D5&uuid=A2658025-FC5C-4B1D-8A75-F7342F8508DB&rnd=807174657
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.98 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-98.fra50.r.cloudfront.net
Software: /
Resource Hash: be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:26 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-marintrackerversion: 3
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
cache-control: private, no-cache
content-type: image/gif
content-length: 36
x-amz-cf-id: XlcQXupAdWU1o2ZLhSGR5quA-e-Kd4FbGzc6uWulYwVNtLrvVke1vQ==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
504 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,700

Requested by

Host: travel.mediaalpha.com
URL: https://travel.mediaalpha.com/js/serve.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:33:26 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 18:33:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 18:33:26 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
373 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: travel.mediaalpha.com
URL: https://travel.mediaalpha.com/js/serve.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 17 Dec 2019 18:33:26 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 17 Dec 2019 18:33:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 17 Dec 2019 18:33:26 GMT

POST
H/1.1 200
OK ad_log Show response
www.autorentals.com/ 5 B
861 B 297ms
171ms XHR
application/json 159.255.219.124
EQUINIX-NL-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.autorentals.com/ad_log
Requested by: Host: www.autorentals.com
URL: https://www.autorentals.com/frontend/js/homepage.bundled.js?cache=1576596711523
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.255.219.124 Almere Stad, Netherlands, ASN47886 (EQUINIX-NL-ASN, NL),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b4e19ee2ae632036a1bdee053d808dc889103022507c9a342d0ca0983a74a314

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Origin: https://www.autorentals.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:27 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Cache-Control: must-revalidate, proxy-revalidate, max-age=0
Connection: Keep-Alive
RTSS: 1-2-34
Content-Length: 25
Keep-Alive: timeout=5, max=246
Expires: Thu, 20 Jun 2019 17:19:06 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ 59 KB
60 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v48/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: www.autorentals.com
URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
Origin: https://www.autorentals.com

Response headers

date: Thu, 21 Nov 2019 04:28:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:50:48 GMT
server: sffe
age: 2297083
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 60840
x-xss-protection: 0
expires: Fri, 20 Nov 2020 04:28:43 GMT

GET
H2 200 inspectlet.js Show response
cdn.inspectlet.com/ 210 KB
69 KB 53ms
21ms Script
text/javascript 2606:4700:10::6814:b709
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inspectlet.com/inspectlet.js
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:b709 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd583a13a3f3adadbf4ae36d841b90c57f92efee77a92fb000552c8d1373630d

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
age: 57
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
content-encoding: gzip
cache-control: s-maxage=60, max-age=14400
cf-ray: 546afc489c1ccbbc-VIE

POST
H/1.1 200
OK 553311720 Show response
hn.inspectlet.com/ginit/ 26 B
454 B 321ms
110ms XHR
application/json 52.23.149.37
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hn.inspectlet.com/ginit/553311720
Requested by: Host: cdn.inspectlet.com
URL: https://cdn.inspectlet.com/inspectlet.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.149.37 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-23-149-37.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Origin: https://www.autorentals.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.autorentals.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 26

POST
H2 200 /
www.facebook.com/tr/ 0
82 B 7ms
7ms Other
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
Origin: https://www.autorentals.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4Sg24vHaimghzu7v

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.autorentals.com
date: Tue, 17 Dec 2019 18:33:27 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 30 KB
10 KB 41ms
41ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53X4K5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:27 GMT
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 10:45:26 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5da05d46-7682"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 18 Dec 2019 18:33:27 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=30790&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.deals.shermanstravel.com&p1=e%3Dce%26m%3D%255Bundefined%255D&p2=e%3Dvs%26ui_location%...
https://widget.us.criteo.com/event?a=30790&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.deals.shermanstravel.com&p1=e%3Dce%26m%3D%255Bundefined%255D&p2=e%3Dvs%26ui_location%...

7 KB
4 KB

118ms
117ms

Script
application/x-javascript

74.119.119.150
Criteo Corp.

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=30790&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.deals.shermanstravel.com&p1=e%3Dce%26m%3D%255Bundefined%255D&p2=e%3Dvs%26ui_location%3Dundefined&p3=e%3Dvh&p4=e%3Ddis&adce=1&lwid=4125701a-a0ad-4a2c-9ad9-d9f89be8ae8f&tld=autorentals.com&dtycbr=73287
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO - Criteo Corp., US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 71e8e08429c3df3bce660dc16763a15c37a7abed51a58f239d84a2f15e053569

Request headers

Referer: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 3327
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
location: https://widget.us.criteo.com/event?a=30790&v=5.4.0&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fclick.deals.shermanstravel.com&p1=e%3Dce%26m%3D%255Bundefined%255D&p2=e%3Dvs%26ui_location%3Dundefined&p3=e%3Dvh&p4=e%3Ddis&adce=1&lwid=4125701a-a0ad-4a2c-9ad9-d9f89be8ae8f&tld=autorentals.com&dtycbr=73287
status: 302
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame E136
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=42dce7f6-b26a-40ba-9556-9859e176c488
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=42dce7f6-b26a-40ba-9556-9859e176c488

95 B
423 B

32ms
31ms

Image
image/png

35.227.248.159
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 159.248.227.35.bc.googleusercontent.com
Software: Jetty(8.1.13.v20130916) /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 200
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=42dce7f6-b26a-40ba-9556-9859e176c488
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 302
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK /
customer.mediawallahscript.com/ Frame E136 32 B
367 B 32ms
31ms Image
image/png 34.249.84.151
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://customer.mediawallahscript.com/?account_id=1043&customer_id=1037&uid=42dce7f6-b26a-40ba-9556-9859e176c488&custom=&tag_format=img&tag_action=sync&custom=&cb=54fc797f-7a00-4e27-be3b-37517856cc8c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.84.151 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-249-84-151.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Server: nginx/1.12.1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 32
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame E136
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/xfMjA9LHOaOpJQ0Fh7o4jfrKfRhgfb6G/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2540391108146462417

43 B
291 B

31ms
30ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2540391108146462417
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2540391108146462417
Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:26 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/rightmedia/ Frame E136
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0

43 B
291 B

29ms
29ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://dis.criteo.com/dis/rtb/rightmedia/cookiematch.aspx?xid=E0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame E136
Redirect Chain

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
https://ads.yahoo.com/cms/v1?esig=2~53ef8d479c22b2f64b38b7c8ed96f504cd8e84c6&nwid=10033892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
291 B

33ms
33ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame E136 42 B
304 B 123ms
122ms Image
image/gif 35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=42dce7f6-b26a-40ba-9556-9859e176c488&ct=3&cv=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 42

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E136
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_cm&google_hm=9ufcQmqyukCVVphZ4XbEiA
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_cm=&google_hm=9ufcQmqyukCVVphZ4XbEiA&google_tc=
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_gid=CAESEH3oYGXchGfvCJfJo6dZvTY&google_cver=1&google_ula=913071,0

43 B
291 B

31ms
31ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_gid=CAESEH3oYGXchGfvCJfJo6dZvTY&google_cver=1&google_ula=913071,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: HTTP server (unknown)
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=42dce7f6-b26a-40ba-9556-9859e176c488&google_gid=CAESEH3oYGXchGfvCJfJo6dZvTY&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E136
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fsecure.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.as...
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2705188877568417993

43 B
291 B

32ms
32ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2705188877568417993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:29 GMT
AN-X-Request-Uuid: 24eaba14-af70-4d78-8f3f-56f54349c453
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2705188877568417993
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.9.113.123; 193.9.113.123; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame E136 0
239 B 42ms
41ms Image
image/gif 69.173.144.165
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=42dce7f6-b26a-40ba-9556-9859e176c488&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame E136 0
427 B 224ms
154ms Image
text/plain 23.210.248.44
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 17 Dec 2019 18:33:27 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame E136
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488&C=1

43 B
891 B

94ms
94ms

Image
image/gif

72.247.225.98
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:27 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 17 Dec 2019 18:33:27 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:27 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 292
Expires: Tue, 17 Dec 2019 18:33:27 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame E136
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1&apid=UPb78c8135-20fb-11ea-9e2d-063425d84240

0
514 B

37ms
37ms

Image
text/plain

52.58.41.129
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1&apid=UPb78c8135-20fb-11ea-9e2d-063425d84240

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.41.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-58-41-129.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 17 Dec 2019 18:33:27 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 17 Dec 2019 18:33:27 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=42dce7f6-b26a-40ba-9556-9859e176c488&_origin=1&apid=UPb78c8135-20fb-11ea-9e2d-063425d84240
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E136
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072953&val=42dce7f6-b26a-40ba-9556-9859e176c488&c=us
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=42dce7f6-b26a-40ba-9556-9859e176c488&c=us

43 B
109 B

31ms
31ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=42dce7f6-b26a-40ba-9556-9859e176c488&c=us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.171.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 google
server: OXGW/16.171.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 google
server: OXGW/16.171.0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=42dce7f6-b26a-40ba-9556-9859e176c488&c=us
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H2 200 pixel_sync
cm.revcontent.com/ Frame E136 35 B
257 B 31ms
31ms Image
image/gif 63.35.125.54
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.revcontent.com/pixel_sync?bidder=151&bidder_uid=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.125.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-35-125-54.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:27 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame E136
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=42dce7f6-b26a-40ba-9556-9859e176c488&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=42dce7f6-b26a-40ba-9556-9859e176c488&expires=30

43 B
379 B

45ms
45ms

Image
image/gif

52.28.211.49
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=42dce7f6-b26a-40ba-9556-9859e176c488&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.211.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-28-211-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:27 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Tue, 17 Dec 2019 18:33:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=42dce7f6-b26a-40ba-9556-9859e176c488&expires=30
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookie-sync
sync.outbrain.com/ Frame E136
Redirect Chain

https://sync.outbrain.com/cookie-sync?p=criteo&uid=42dce7f6-b26a-40ba-9556-9859e176c488
https://sync.outbrain.com/cookie-sync?p=criteo&uid=42dce7f6-b26a-40ba-9556-9859e176c488&rdrctExp=true

0
410 B

138ms
137ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=42dce7f6-b26a-40ba-9556-9859e176c488&rdrctExp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, FRA, Europe1
x-traceid: c993214bc0a6c49665e5d95b11a69e32
x-timer: S1576607608.889409,VS0,VE95
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.38
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-jfk8138-JFK, cache-fra19125-FRA

Redirect headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, FRA, Europe1
x-traceid: c4737d9cdda463a6bf5712a2f11fd769
x-timer: S1576607608.757054,VS0,VE89
location: https://sync.outbrain.com/cookie-sync?p=criteo&uid=42dce7f6-b26a-40ba-9556-9859e176c488&rdrctExp=true
x-cache: MISS, MISS
status: 302
backend-ip: 104.156.90.47
x-cache-hits: 0, 0
accept-ranges: bytes, bytes
content-length: 0
x-served-by: cache-jfk8147-JFK, cache-fra19125-FRA

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame E136 42 B
845 B 30ms
30ms Image
image/gif 185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:27 GMT
X-lat: Pug22030:0:434
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2 200 cksync.php
contextual.media.net/ Frame E136 46 B
46 B 190ms
98ms Image
image/gif 72.247.224.27
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.224.27 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-224-27.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Tue, 17 Dec 2019 18:33:27 GMT

GET
H2 200 um
criteo-sync.teads.tv/ Frame E136 23 B
390 B 207ms
101ms Image
image/gif 72.247.225.182
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.225.182 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-247-225-182.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Dec 2019 18:33:27 GMT
server: akka-http/10.1.5
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 23
expires: Tue, 17 Dec 2019 18:33:27 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E136 43 B
680 B 62ms
62ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=110&partneruserid=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:26 GMT
Cache-Control: no-cache, no-store
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Type: image/gif
Content-Length: 43
Expires: -1

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E136
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488

43 B
411 B

40ms
40ms

Image
image/gif

18.196.246.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.246.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-246-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:27 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Tue, 17 Dec 2019 18:33:27 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
location: https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=38&external_user_id=42dce7f6-b26a-40ba-9556-9859e176c488
content-type: text/plain

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame E136 35 B
463 B 438ms
114ms Image
image/gif 162.210.196.208
Leaseweb USA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01 - Leaseweb USA, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:28 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H2 200 um
sync.e-planning.net/ Frame E136 42 B
104 B 105ms
34ms Image
image/gif 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=42dce7f6-b26a-40ba-9556-9859e176c488&dc=6884a087b48abdb1&ibd=1&iss=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 17 Dec 2019 18:33:27 GMT
server: openresty
content-type: image/gif

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame E136 95 B
342 B 33ms
33ms Image
image/png 35.227.248.159
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tapestry.tapad.com/tapestry/1?ta_partner_id=2052&ta_partner_did=42dce7f6-b26a-40ba-9556-9859e176c488&ta_format=png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 159.248.227.35.bc.googleusercontent.com
Software: Jetty(8.1.13.v20130916) /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Dec 2019 18:33:27 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 200
content-type: image/png
alt-svc: clear
content-length: 95

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame E136 68 B
239 B 175ms
145ms Image
image/jpeg 2a02:26f0:6c00:194::143a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=42dce7f6-b26a-40ba-9556-9859e176c488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:194::143a , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
server: nginx
date: Tue, 17 Dec 2019 18:33:27 GMT
x-frame-options: sameorigin
content-type: image/jpeg
status: 200
content-disposition: inline;filename=f.txt
content-length: 68
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK rtset
bh.contextweb.com/bh/ Frame E136 49 B
631 B 139ms
57ms Image
image/gif 151.101.12.166
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=538064&ev=42dce7f6-b26a-40ba-9556-9859e176c488
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:27 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 49
X-Served-By: cache-fra19127-FRA
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: image/gif;charset=iso-8859-1
Cw-Server: bh-deployment-797d54649f-m8k7z
X-Cache-Hits: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame E136
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=vwHqAzuhszTNqI3J8GH0veRy3JpNzCT9

0
320 B

106ms
35ms

Image
text/plain

34.241.239.247
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=vwHqAzuhszTNqI3J8GH0veRy3JpNzCT9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.239.247 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-241-239-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 17 Dec 2019 18:33:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1576607607
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Tue, 17 Dec 2019 18:33:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
content-length: 218
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=vwHqAzuhszTNqI3J8GH0veRy3JpNzCT9
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame E136 43 B
1016 B 38ms
37ms Image
image/gif 185.33.223.83
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=42dce7f6-b26a-40ba-9556-9859e176c488&seg=95287

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 17 Dec 2019 18:33:29 GMT
AN-X-Request-Uuid: b923d735-8f07-4605-b242-f783f41cb53e
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.9.113.123; 193.9.113.123; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.80:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
tags.bluekai.com/site/29001/ Frame E136
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GMkBl8bP-KeqoFfG5__ZwPqdnUVWSDaz

62 B
765 B

325ms
239ms

Image
image/gif

23.5.109.152
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GMkBl8bP-KeqoFfG5__ZwPqdnUVWSDaz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.5.109.152 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-5-109-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 17 Dec 2019 18:33:28 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 62
BK-Server: 8f78
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

status: 302
date: Tue, 17 Dec 2019 18:33:27 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
content-length: 205
location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=GMkBl8bP-KeqoFfG5__ZwPqdnUVWSDaz
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E136
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=AYBP1ypD1ZMzwUKr9VWxuS2yU8HhBVge
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=AYBP1ypD1ZMzwUKr9VWxuS2yU8HhBVge

42 B
915 B

30ms
29ms

Image
image/gif

54.76.175.152
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=AYBP1ypD1ZMzwUKr9VWxuS2yU8HhBVge

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.175.152 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-76-175-152.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v055-0d3fa460d.edge-irl1.demdex.com 5.64.1.20191128093837 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: L7ZGtcqvQ+o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 4v7ojl1fRbw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=AYBP1ypD1ZMzwUKr9VWxuS2yU8HhBVge
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.autorentals.com/	1970-01-19 08:06:23	Name: _fbp Value: fb.1.1576607607194.61695197
.autorentals.com/	1970-01-19 14:42:23	Name: __insp_targlpt Value: Q29tcGFyZSBDaGVhcCBBdXRvIFJlbnRhbCBQcmljZXMgfCBBdXRvcmVudGFscy5jb20u
.autorentals.com/	1970-01-19 14:42:23	Name: __insp_targlpu Value: aHR0cHM6Ly93d3cuYXV0b3JlbnRhbHMuY29tL2hwP3BsPVlZWiZjaWQ9OTY0OTEmdXRtX2NhbXBhaWduPTk2NDkxJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fc291cmNlPXNoZXJtYW5zJnBwPTU%3D
www.autorentals.com/	1969-12-31 23:59:59	Name: SESSION Value: N2E3MjViZTAtNWI4Yy00MDAxLWE3M2QtOTJiYzNkMjg5YjA0
.autorentals.com/	1970-01-19 14:42:23	Name: __insp_slim Value: 1576607607180
.autorentals.com/	1970-01-19 14:42:23	Name: __insp_nv Value: true
.autorentals.com/	1970-01-19 14:42:23	Name: __insp_wid Value: 553311720
www.autorentals.com/	1970-01-19 05:56:49	Name: vidt Value: 903200a3-544e-46c5-93be-503efcf8408b
www.autorentals.com/	1969-12-31 23:59:59	Name: vids Value: 903200a3-544e-46c5-93be-503efcf8408b
www.autorentals.com/	1970-01-19 14:42:23	Name: osid Value: 903200a3-544e-46c5-93be-503efcf8408b
.autorentals.com/	1970-01-19 14:42:23	Name: _msuuid_1rm18q9dn4timz Value: A2658025-FC5C-4B1D-8A75-F7342F8508DB

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://click.deals.shermanstravel.com/1674532/281/canada-daily-car-rentals-from-toronto(Line 205) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953(Line 1816) Message: ERROR:::: loadAllClientSideDataFromClientStorage() - Cannot read property 'getItem' of null
console-api	log	URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953(Line 1816) Message: ERROR:::: removeOldCookieData() - Cannot read property 'setItem' of null
console-api	log	URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953(Line 1816) Message: ERROR:::: setCurrent() - Cannot read property 'setItem' of null
console-api	log	URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953(Line 1816) Message: ERROR:::: setPrevious() - Cannot read property 'setItem' of null
console-api	log	URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637121279002608953(Line 1816) Message: ERROR:::: initABSplitTests() - Cannot read property 'setItem' of null
console-api	log	URL: https://www.autorentals.com/hp?pl=YYZ&cid=96491&utm_campaign=96491&utm_medium=display&utm_source=shermans&pp=5(Line 1225) Message: window.SS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0fknmj8f9h.execute-api.us-west-2.amazonaws.com
ad.360yield.com
ade.clmbtech.com
ads.yahoo.com
ajax.googleapis.com
api.lytics.io
api1.lightboxcdn.com
bat.bing.com
beacon.krxd.net
bh.contextweb.com
c.lytics.io
cdn.inspectlet.com
click.deals.shermanstravel.com
cm.g.doubleclick.net
cm.revcontent.com
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
customer.mediawallahscript.com
cw.addthis.com
d.turn.com
dis.criteo.com
dpm.demdex.net
e.bookingbuddy.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hn.inspectlet.com
idsync.rlcdn.com
landscape.shermanstravel.com
lightboxapi1.azurewebsites.net
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
r.casalemedia.com
rtb-csync.smartadserver.com
rules.quantcount.com
s3-us-west-2.amazonaws.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
sync.e-planning.net
sync.outbrain.com
tags.bluekai.com
tapestry.tapad.com
tracker.marinsm.com
travel.mediaalpha.com
ups.analytics.yahoo.com
us-u.openx.net
widget.us.criteo.com
www.autorentals.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
x.bidswitch.net
143.204.101.98
151.101.12.166
151.101.14.2
159.255.219.124
162.210.196.208
172.217.16.130
172.217.23.162
178.250.0.130
178.250.0.163
178.250.2.151
18.196.246.102
185.33.223.83
185.64.189.110
185.86.137.110
2.19.34.65
212.82.100.181
23.210.248.44
23.5.109.152
23.99.128.52
2600:9000:21f3:f200:6:44e3:f8c0:93a1
2606:4700:10::6814:b709
2606:4700:20::681a:316
2606:4700::6810:4da5
2620:1ec:c11::200
2a00:1288:110:c305::9000
2a00:1450:4001:809::200a
2a00:1450:4001:814::2008
2a00:1450:4001:815::200e
2a00:1450:4001:816::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81b::2002
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c00::9d
2a02:2638::1c
2a02:26f0:6c00:194::143a
2a03:2880:f0ff:1a:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.237.24.105
34.241.239.247
34.249.84.151
34.95.120.147
35.156.98.228
35.190.72.21
35.227.192.113
35.227.248.159
46.228.164.13
5.178.65.246
52.218.218.0
52.23.149.37
52.28.211.49
52.29.140.54
52.58.41.129
54.69.45.28
54.76.175.152
54.88.110.223
63.35.125.54
69.173.144.165
72.247.224.27
72.247.225.182
72.247.225.98
74.119.119.150
91.228.74.226
020510cd77714e10ec94ddbf8ab53f5690794972392011bdb2d9db5a68d217cb
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0f70e28d8b6e8e05b36f03b12be47f90811b3931dc13b92837a5de08b2e41602
0ff82ec70bd61fa92ff673aa88c511a8bd0edc336e6995e70c956763c36ad529
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16997996bf0d12e3b625a2685ad586fa76bfb86ad1b276183748ea8a9f83916f
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1b54dff3c8992a7dfd6eef2a2a64799e068be5186793a03f1bec2c23d37bc500
1c0e0ca6ba3ee267ba14d39184efb68c958717fc6e58b528b700502c0aea5170
25574f01cb2544965c18eef92d2139910bf305dc2535a70da33d493b02587c8b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
2c3732b2263541b4a359743dee07143392197859ee498f4e2f40be61535410b0
2f0ad7f989c1cc24277db75f8e4c93320be97acad0023c7db790a2f255120237
2f1f068ee104fe4d11a6c74068f9c54d12279a390cb81299a0815b2cc63f5594
2f96ab1c90612d406876993414217d4d5e5503a8364d26e34b182b55f35bd58a
3287d19fb549ad1443377c8490fe1cf95b9ef35cb8473747b54662c1f1add459
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
363e30beb9afe4a368061173b2a840f64412a2b1a0c76e6ee0a11fd20fe91603
3cecc3b847e0dbeb4a471645da4ed01be1be03beb5aac664baf60f783eceae0a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44376ed0805057167fcdae5b974da1c179a273704daae976a4163a75e2d9c57f
466ae79072173fd95bd576272b17a35716d12eb85e0b438ccc38b7a6db02af7d
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fecd1ef7ef202006dff46f7c8bbabf143f0dbb5d710dcde8efb9fef6e717e21
5106a4e511706df433181790f4549462307d69dc064ac24e3c3520c201b89611
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57f72adfda4b6cd243ed02e976fb81d8cb8efbd22cbc826e17196228c6d1e105
5acbc4cf863b4beeadfa8991263ead88d80c353d86161ec0df76d9667db4746c
5afd25c518d6323642296ae7d20719893cefca86b772851e8d6780c073097da9
5d34e4fd5c0c599f4be72998a555e9943607db70f4b3dad9d79070e2bbae3032
65c28371600bf80e2121dab08b33c608a7e676e6f41f518f723f1a6fabf9e68c
69712c99f8c76ce00e78844aeb06715ad42e3343fe2f9eea1013580a9ca9be41
6aab51b2feda0924594d57cf0158e483723d7108c0ddcf9752a5c23e12031010
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b296dc636469a3d5d9767d204e3b215e5295510ab3b86cf3f6d088c48bb6575
6e7c4ca57b0a82f211d0844aa50818d5195a06e4f22a882d44ae2fd2e5028c99
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
706a88ee14f46ef56f9d9a0a47d144c4ddb160b33a5aa2fc1a5087ee5cc4507a
71e8e08429c3df3bce660dc16763a15c37a7abed51a58f239d84a2f15e053569
77ce0ec2a02b410eee12285bd7487b2599970ac39b6ff58c0b748b6e2df36f3c
780b9cbb60ad09e24712beca3b51278db7ecb6947a4270e7670268e618e847d4
795f97f3e05c82b590ca3368f421feff0f5ede57577eb8e5a0de122f23f420ea
81c6c84e0ca7a76edcb93422ebc6d6db4782d14c342437e671dbf9101147a667
82cb1795a37860a5cfc79636942092b4f42c4db919d2df99752fbc03f11f6f62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
891ac896e5fb9dc268ed7acc5237612098c34ff2ff2ec2ba9d84fef00e1e13c1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f0a9dc4e3ea1aac2b1e7ef7473208ec52f745afbe1780c5b0f5b9a74104a21f
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
920d6c0bfc9b53a23bbc2ce56b8388734ce72ebdc058c05f96f1151cc4eaad88
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a82d5d6368f34a1384c667f859540aebb8eb4f071d80de35c861f4919b5a209d
a8ec79820aaae7ae10369bb446208f7d1e24cb1511685b7925038689b22ba8ff
a9dfb2718340136d36e66028d8b7bfa1fe121fc6a54ee12bd76b5300af2e4349
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e19ee2ae632036a1bdee053d808dc889103022507c9a342d0ca0983a74a314
bc576c811d4bb6f46d0bcc0d54819651dc047538b35a47bef87192deed123b50
bc6d62421647c05f32071438ebf0f718edcdcda351f90439ba524053a4da2566
bcb569f9e38441522b18006c60627dc28e36059482ffa85e5c2aee3301c5c138
bd583a13a3f3adadbf4ae36d841b90c57f92efee77a92fb000552c8d1373630d
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f
be6b5d528dd30d5efde802a76d7a2f1fd62fc9dec2d29ee24859a7a23412ac6b
bf48f689cf281d8e742fcb3ee8a26860b8de6fc06455fe4d0f3f3063251b664c
c09e3322da8376b46a3207492a160ea314b05be55cd008ab239ef4dd7785184a
c53cd201d11995dc17d000d18cb2723ad61a1ac9664ab8dcfd7c445d6c2a82f5
c62c7d7f89c7c59c2f686371828c28a094a8942bd63490eadab90987bcfeb1bc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e
d4f4be14ec90c84952052c340e8a18f447de2f305eab176bf70dc04e4b32e818
d59bc574072ae7d8cc6932c0941a31ffe6a84be848e48945edc824f09b5b9422
d83748241789904aa24e4454187d110696607f23cc8fc6a635ec9495bd6d4ecd
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c6e9a411d4bdae76eb9009337698c76c11d0aa41eb79410b60b6b03c7f4d22
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ec71478763d59753bb1931f8cc7f3ce6584d5a60fa15dfe00eaf52c4458fe695
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef0bd4c76841efe803f82e73b4d0c0b3e8be9369a6c8064d84b84e05ca8851c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5b921c461fd3e67f41204801a9794528007be421fe59843551207b5e2040b2
ef60e5fe54f75b0825bc3a51830b26709a96843762ae26a45f4439a749df039f
f2c2ae118080f1f7881fd68d32ad55e3bd6fbd298285e2a2a169177af13e9827
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f7d6b1c8e88874fb2696fc3128ea91fc6f47915466ea9f566ab2c39fcebffbd6
fa4f178e9c8d87cd1f5194d699eeaf38f47e5798c1802ecf62b59d45db0869a2
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.autorentals.com Open in urlscan Pro 159.255.219.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

100 %HTTPS

30 %IPv6

51 Domains

66 Subdomains

54 IPs

9 Countries

1540 kBTransfer

3909 kBSize

11 Cookies

5 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.autorentals.com Open in urlscan Pro
159.255.219.124 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

100 %
HTTPS

30 %
IPv6

51
Domains

66
Subdomains

54
IPs

9
Countries

1540 kB
Transfer

3909 kB
Size

11
Cookies

131 HTTP transactions
0 data transactions