playrento.com Open in urlscan Pro
195.154.106.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://playrento.com/
Submission Tags: falconsandbox
Submission: On December 15 via api (December 15th 2021, 4:30:20 pm UTC) from US — Scanned from FR

Summary HTTP 271 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 67 IPs in 6 countries across 54 domains to perform 271 HTTP transactions. The main IP is 195.154.106.178, located in Ivry-sur-Seine, France and belongs to Online SAS, FR. The main domain is playrento.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on June 12th 2020. Valid for: 2 years.

This is the only time playrento.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	195.154.106.178 195.154.106.178	12876 (Online SAS) (Online SAS)
9	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
9	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.64.126 65.9.64.126	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:310... 2606:4700:3108::ac42:28fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3 6	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	51.195.5.234 51.195.5.234	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 9	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700:20:... 2606:4700:20::681a:8b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.156.230.193 35.156.230.193	16509 (AMAZON-02) (AMAZON-02)
1 9	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.86.138.122 185.86.138.122	201081 (SMARTADSE...) (SMARTADSERVER)
2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
5 19	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2a00:1450:401... 2a00:1450:401b:800::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 2	63.34.178.174 63.34.178.174	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6 7	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
16	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:211... 2600:9000:211e:4a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
7	35.85.194.216 35.85.194.216	16509 (AMAZON-02) (AMAZON-02)
2	104.17.119.107 104.17.119.107	() ()
2	151.101.1.108 151.101.1.108	() ()
1	35.244.159.8 35.244.159.8	() ()
5 5	3.126.38.41 3.126.38.41	() ()
1 1	168.119.168.202 168.119.168.202	() ()
2 2	194.190.76.41 194.190.76.41	() ()
5 5	31.172.81.159 31.172.81.159	() ()
2 2	31.172.81.158 31.172.81.158	() ()
2 2	72.251.249.9 72.251.249.9	() ()
1	151.236.71.19 151.236.71.19	() ()
2 4	209.54.176.128 209.54.176.128	() ()
2	52.223.40.198 52.223.40.198	() ()
2	2a05:d018:d29... 2a05:d018:d29:3602:74fc:7750:9e36:ae36	() ()
1	2606:4700:303... 2606:4700:3039::6815:c034	() ()
1	52.45.16.192 52.45.16.192	() ()
2 2	18.185.171.80 18.185.171.80	() ()
1 1	54.86.54.37 54.86.54.37	() ()
1	35.241.40.233 35.241.40.233	() ()
1 1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	() ()
1 2	18.213.10.151 18.213.10.151	() ()
2 2	52.17.151.21 52.17.151.21	() ()
2 2	89.108.120.76 89.108.120.76	() ()
1	31.172.81.172 31.172.81.172	() ()
271	67

36 195.154.106.178 (Ivry-sur-Seine, France)

ASN12876 (Online SAS, FR)
PTR: 195-154-106-178.rev.poneytelecom.eu

playrento.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.64.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-64-126.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:28fd (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.5.234 (France)

ASN16276 (OVH, FR)
PTR: p36.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.37.42.132 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:8b2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 96.46.186.57 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.220.244 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

setupad-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:401b:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.178.174 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-178-174.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:4a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.85.194.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-194-216.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.119.107 (None, )

ASN- ()

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (None, )

ASN- ()

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.38.41 (None, ) 5 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.168.202 (None, ) 1 redirects

ASN- ()

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.41 (None, ) 2 redirects

ASN- ()

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.159 (None, ) 5 redirects

ASN- ()

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (None, ) 2 redirects

ASN- ()

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (None, ) 2 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.19 (None, )

ASN- ()

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.176.128 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:74fc:7750:9e36:ae36 (None, )

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c034 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.16.192 (None, )

ASN- ()

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.171.80 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.54.37 (None, ) 1 redirects

ASN- ()

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (None, )

ASN- ()

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (None, ) 1 redirects

ASN- ()

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.10.151 (None, ) 1 redirects

ASN- ()

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (None, ) 2 redirects

ASN- ()

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.76 (None, ) 2 redirects

ASN- ()

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (None, )

ASN- ()

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	playrento.com playrento.com	776 KB
34	googlesyndication.com 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	173 KB
24	doubleclick.net 7 redirects pubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	362 KB
21	criteo.net static.criteo.net pix.eu.criteo.net csm.eu.criteo.net	425 KB
17	casalemedia.com 5 redirects htlb.casalemedia.com ssum.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	28 KB
16	criteo.com 3 redirects gum.criteo.com mug.criteo.com bidder.criteo.com rtb.nl.eu.criteo.com ads.eu.criteo.com cat.fr.eu.criteo.com	58 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	95 KB
12	betweendigital.com 2 redirects ads.betweendigital.com cache.betweendigital.com	8 KB
12	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	34 KB
12	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	82 KB
11	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	48 KB
9	youtube.com www.youtube.com	713 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	67 KB
7	googletagservices.com www.googletagservices.com	184 KB
6	setupad.net prebid-stag.setupad.net	7 KB
6	4dex.io script.4dex.io mp.4dex.io	47 KB
6	google.com www.google.com adservice.google.com	15 KB
5	bumlam.com 5 redirects sync.bumlam.com	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
4	indexww.com js-sec.indexww.com	4 KB
4	openx.net setupad-d.openx.net u.openx.net	651 B
4	emxdgt.com hb.emxdgt.com cs.emxdgt.com	313 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	avct.cloud 2 redirects ads.avct.cloud	892 B
2	eqads.com 1 redirects um2.eqads.com	563 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	yahoo.com pr-bh.ybp.yahoo.com	2 KB
2	adsrvr.org match.adsrvr.org	529 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	adhigh.net 2 redirects px.adhigh.net	821 B
2	brealtime.com biddr.brealtime.com	2 KB
2	setupad.com node.setupad.com	417 B
2	a-mo.net prebid.a-mo.net	615 B
2	adform.net adx.adform.net	893 B
2	smartadserver.com prg.smartadserver.com	1 KB
2	creativecdn.com prebid-eu.creativecdn.com	350 B
2	id5-sync.com id5-sync.com	1 KB
2	stpd.cloud stpd.cloud	284 KB
2	adlightning.com tagan.adlightning.com	711 B
1	sniperlog.ru sync3.sniperlog.ru	516 B
1	quantserve.com 1 redirects pixel.quantserve.com	512 B
1	brand-display.com dmp.brand-display.com	253 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	adentifi.com rtb.adentifi.com	88 B
1	ad4m.at ad4m.at
1	splicky.com 1 redirects bidswitch-eu.splicky.com	221 B
1	2mdn.net s0.2mdn.net	46 KB
1	googleapis.com fonts.googleapis.com	981 B
1	google.fr adservice.google.fr	792 B
1	ytimg.com i.ytimg.com	57 KB
1	ggpht.com yt3.ggpht.com	5 KB
1	google-analytics.com www.google-analytics.com	438 B
0	tns-counter.ru Failed www.tns-counter.ru Failed
271	54

	Domain	Requested by
36	playrento.com	playrento.com
18	pagead2.googlesyndication.com	1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com
16	static.criteo.net	ads.eu.criteo.com stpd.cloud static.criteo.net
12	tpc.googlesyndication.com	1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
11	ads.betweendigital.com	2 redirects playrento.com stpd.cloud ads.betweendigital.com
9	ib.adnxs.com	1 redirects stpd.cloud googleads.g.doubleclick.net acdn.adnxs.com ssum-sec.casalemedia.com
9	www.youtube.com	playrento.com www.youtube.com
8	c.amazon-adsystem.com	playrento.com c.amazon-adsystem.com
7	dt.adsafeprotected.com
7	dsum-sec.casalemedia.com	1 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com um2.eqads.com
7	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net playrento.com 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
7	www.googletagservices.com	playrento.com 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com www.googletagservices.com
6	prebid-stag.setupad.net	stpd.cloud playrento.com
6	eus.rubiconproject.com	playrento.com eus.rubiconproject.com cache.betweendigital.com
6	gum.criteo.com	3 redirects static.criteo.net
5	sync.bumlam.com	5 redirects
5	x.bidswitch.net	5 redirects
5	mug.criteo.com	playrento.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
4	js-sec.indexww.com	stpd.cloud ssum-sec.casalemedia.com
4	csi.gstatic.com	securepubads.g.doubleclick.net
4	ssum.casalemedia.com	4 redirects
4	script.4dex.io	stpd.cloud script.4dex.io
4	www.google.com	www.youtube.com 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	1 redirects www.youtube.com 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com playrento.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
3	pix.eu.criteo.net	ads.eu.criteo.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	secure-assets.rubiconproject.com	3 redirects
2	x01.aidata.io	2 redirects
2	ads.avct.cloud	2 redirects
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	sync3.adsniper.ru	2 redirects
2	px.adhigh.net	2 redirects
2	acdn.adnxs.com	stpd.cloud
2	biddr.brealtime.com	stpd.cloud
2	u.openx.net	stpd.cloud
2	node.setupad.com	playrento.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pixel.adsafeprotected.com	1 redirects 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
2	f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cs.emxdgt.com	stpd.cloud
2	1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	prebid.a-mo.net	stpd.cloud
2	adx.adform.net	stpd.cloud
2	prg.smartadserver.com	stpd.cloud
2	bidder.criteo.com	stpd.cloud
2	setupad-d.openx.net	stpd.cloud
2	hb.emxdgt.com	stpd.cloud
2	htlb.casalemedia.com	stpd.cloud
2	mp.4dex.io	stpd.cloud
2	prebid-eu.creativecdn.com	stpd.cloud
2	id5-sync.com	stpd.cloud
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	stpd.cloud	playrento.com
2	tagan.adlightning.com	playrento.com
2	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
2	pubads.g.doubleclick.net	playrento.com
1	sync3.sniperlog.ru
1	pixel.quantserve.com	1 redirects
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	sync.extend.tv	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	cache.betweendigital.com	ads.betweendigital.com
1	bidswitch-eu.splicky.com	1 redirects
1	s0.2mdn.net	1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
1	fonts.googleapis.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ad.doubleclick.net	www.googletagservices.com
1	ads.eu.criteo.com	f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com
1	rtb.nl.eu.criteo.com	playrento.com
1	adservice.google.fr	securepubads.g.doubleclick.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.google-analytics.com	playrento.com
0	www.tns-counter.ru Failed
271	86

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
store.steampowered.com
www.playstation.com
www.microsoft.com
www.nintendo.com
www.amazon.com
boardgamesonline.net
twitter.com
www.facebook.com
plus.google.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.playrento.com RapidSSL TLS RSA CA G1	`2020-06-12` - `2022-08-11`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-21` - `2022-08-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
node.setupad.com R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://playrento.com/
Frame ID: E3E72949E77FBF01D349F12A4D4C1D69
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_BLK8l-OtlM
Frame ID: 503A39D3D49532031CBF3B85E9805868
Requests: 18 HTTP requests in this frame

Frame: https://tagan.adlightning.com/NaN/op.js
Frame ID: BA26956517633DD2DF6D4588D77FD089
Requests: 40 HTTP requests in this frame

Frame: https://tagan.adlightning.com/NaN/op.js
Frame ID: 4666EB23D669C45013904028FAF3E9FA
Requests: 34 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 7630A46D0A2A95AA0B0FB928D810BA23
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 0D655D570FD70064A7865A3F2AA07A9D
Requests: 3 HTTP requests in this frame

Frame: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 632B04D523A5C34598BDB3FDE6B43143
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: C0C3CFE227585CEAC465A24DAA6CB23F
Requests: 1 HTTP requests in this frame

Frame: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 0B95CF0A98547A51F90A2D79FF332C5F
Requests: 1 HTTP requests in this frame

Frame: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 136B080379632EA1F880A6A227E1B79E
Requests: 32 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 7942861E6861BF002F204C3530AA16DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhidxaWfATAB&v=APEucNV1XK0SvmMNgv4mBtN--M_vpu0RDyuUfT_XbE0LTyzSWfZDUbvSlzZyMtw_MgyMMRESYkLIFK_4Ie4F3cb6B-r2j_M9pdOOpDvFdbZLO0aWQJN_m4ZQMJR7OpaDfhMAhvVsLAdzzQVR2rDM88TrKX6bLLvauqZCmfMKEV2kgRxw8Gc_8avYUK6NgX6tandd9E1ozdzmKqR0Xk6n8295iGvmzjR4Qg
Frame ID: 061676018B1F18E5409343D2703F668E
Requests: 5 HTTP requests in this frame

Frame: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: BA3E495617F70734F9C63914AAB3C301
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Frame ID: AB385D5BBC7D09376E5D8A9FDCAA52EB
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9326CCD3DAC72A52798855B4D2BE29CC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 91BD144781AD483C4AB14D6081DC9636
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 1E5CFEA89BFDBF67AEA3B847DD941EAE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E0CC07498FA5624B0114AC0AAA9D1836
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF9E2980D3528D9CEF666028FBE44A6B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8597486A6989B287C9C21E97FB22D091
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FDA7BC0F03735D409F0DBD98B85DF0F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=playrento.com
Frame ID: F6204993064F43211DE4E203EEA4D191
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A0C9C1C0837EEF7421C6BA8F940CD6E9
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 5F2FC6BACD96A638560F8A1CC63B5A78
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5E9658F64D61D3CAD531759D70A2319F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9B16A9D741739C6EE92F8CCE1CFFA014
Requests: 3 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 5062A46B3E4DF40BD4FE6331D38957F4
Requests: 5 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 9009309CF6F0F4FC240B308E1C86C1A6
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: B014ED20FE6C91B226D37200AAC59178
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8EC8DDE81E087593F61AD57194D282E8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BA2E4A01A7D737D1865BE5FE7C1E3DD4
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 019D47224D04C68B0A07516635B362AD
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=0a265c90-7b87-535d-871a-e6e0e6a0fef6&CACHEBUSTER=666548
Frame ID: A6476F9D1452C502E87142B4D6F7C710
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 81C7F59257F3E04FF9B0FD416ABBB7FA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A9BAD182D776BE12BD69F826B74C680C
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 927E1003687B3ABF31E4EAFD30EA9932
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 677300505621AFB08F9192B2737D553C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rento | Online Monopoly Board Game

Page Statistics

271
Requests

90 %
HTTPS

36 %
IPv6

54
Domains

86
Subdomains

67
IPs

6
Countries

3521 kB
Transfer

8555 kB
Size

25
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=air.bg.lan.Monopoli
Title: Download for Android from:Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/rento-fortune-dice-board-game/id1231737310?ls=1&mt=8
Title: Download for iOS from:Apple Store

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/app/663390/Rento_Fortune__Multiplayer_Board_Game/
Title: Play Rento in:Steam

Search URL Search Domain Scan URL

URL: https://www.playstation.com/en-us/games/rento-fortune-ps4/
Title: Play Rento in:PlayStation 4

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/rento-fortune-monolit-tycoon/bq19273kdvtk
Title: Play Rento in:Xbox One

Search URL Search Domain Scan URL

URL: https://www.nintendo.com/games/detail/rento-fortune-monolit-switch
Title: Play Rento in:Nintendo Switch

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/store/games/rento-monopoly-game-online/9nblggh4x4gn
Title: Download from:Win 10 Store

Search URL Search Domain Scan URL

URL: https://www.amazon.com/LAN-GAMES-Rento-Monopoly-game/dp/B00QQMHAP4/
Title: Download from:Amazon Store

Search URL Search Domain Scan URL

URL: http://boardgamesonline.net/
Title: Board Games Online

Search URL Search Domain Scan URL

URL: http://boardgamesonline.net/Online/monopoli
Title: PLAY RENTO MONOPOLY

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/app/1074660/Rento_Fortune__Map_Editor/
Title: "Map Editor"

Search URL Search Domain Scan URL

URL: https://twitter.com/boardgamesonlin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rento.monopoly

Search URL Search Domain Scan URL

URL: https://plus.google.com/102111874019837595566

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rento.monopoly/

Search URL Search Domain Scan URL

URL: http://www.youtube.com/c/BoardgamesonlineNet1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 62

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplayrento.com%2F&domain=playrento.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=LNH19nxEKzRLbVJlNFpNbXRyMVR2SGUySUpkc1I2Y2Y1M2doSm9HT3g5d3FVSHNncHc1Qzd0dzRoZHBOOXRlekhjSG1NVVl1R2NOQXRFYzhSYThuV2pUWldUcmdwOFRub1Z1eEt5UWI4QndKNFp4aW9BTUhuOW5reTU0K0RqWWVxZUxINk5ab2x1OGtobnlGcCtIRUJyYnZZVnBWV2NscWIycitZdTFJZk5pcmw5YUFnUHVNQUtaR3VTMXNhWmY2WmFvYWtpTWRoUktVbytWUit6bjY0M0pJNzJPcFRJOXRNcklUMWlybDBiR0E0cVZnPXw&cppv=2

Request Chain 65

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 68

https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=6976129942035481&tz=0&fl=0&rr=direct&s=4413340&bidid=10bec4ed4c05a3b&transactionid=990bfa2d-4d8d-4f9d-b296-3d3177aa5cda&auctionid=fc41ba28-df23-46b5-bcc7-38bcb7744e6a&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F HTTP 302
https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=6976129942035481&tz=0&fl=0&rr=direct&s=4413340&bidid=10bec4ed4c05a3b&transactionid=990bfa2d-4d8d-4f9d-b296-3d3177aa5cda&auctionid=fc41ba28-df23-46b5-bcc7-38bcb7744e6a&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F&crf=1

Request Chain 82

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplayrento.com%2F&domain=playrento.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=C9y7d3xONyt1U3M1VjJKakJSU1hyd0N6RXlxY1dOYW9HbVV6ZmdMNEVaN0p4emxHcFFDZGRidTBlN3VsM1Q4SnZsTDdYMEhoNzRlaXgyRUFlME1qMzNjWkxXbStWZUNHVjFlOUMwK002MCtLREJqZVpveHQ3cXhtQzhhMm9BS0cwV0x1bE4wYkNCc3FYN1FNcS9GdEpFOWZMaStrK1Rpcnc2eWxDaDR4VmRMU2hidGJsbzlsOUV1dm9VeDN4bjV5elEyTENqU2M2d2c3bklsaEhIZ2lLTlVDQnE0TytkaGE4YzZsUUFwQ1BwU0MvTmhRPXw&cppv=2

Request Chain 85

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 89

https://ads.betweendigital.com/adjson?sizes=300x250%252C300x300&jst=hb&ord=2792361931183715.5&tz=0&fl=0&rr=direct&s=4413339&bidid=10ecd0b09bdef6&transactionid=dacc3329-3e40-4bbf-bd05-c5bb34b231d9&auctionid=c0c95b4b-aefc-4529-aef4-eaee9bab884c&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F HTTP 302
https://ads.betweendigital.com/adjson?sizes=300x250%252C300x300&jst=hb&ord=2792361931183715.5&tz=0&fl=0&rr=direct&s=4413339&bidid=10ecd0b09bdef6&transactionid=dacc3329-3e40-4bbf-bd05-c5bb34b231d9&auctionid=c0c95b4b-aefc-4529-aef4-eaee9bab884c&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F&crf=1

Request Chain 113

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1 HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oJwAA%261143

Request Chain 114

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1 HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oKAAA%261143

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPXKPS7yjxxYyVvZRrgEC7M&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YboYFqDSqKC.IlHfNq2oKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzjhMBQfgvKfZ0mStEx6gg&google_cver=1&google_hm=2

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPOeNSNGZPSvLv0J0ZYD4sM&google_cver=1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwMjI4NDQ0NDY2NDMzODIxMg%3D%3D

Request Chain 194

https://pixel.adsafeprotected.com/rfw/st/578207/53137881/skeleton.js?adsafe_url=https%3A%2F%2Fplayrento.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fplayrento.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:147eb70c-5cd1-1032-990f-676c82ff2291,c:wSQdaK,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6d588df4d9-h2q8m,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:223,fm:sRGeZFG+11%7C1211%7C1212%7C12131%7C13%7C141%7C142%7C143*.578207-53137881%7C1431%7C1432%7C14331,idMap:143*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:242,oid:48edf4be-5dc4-11ec-8b16-a2d60bed0077,v:19.8.273,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 224

https://gum.criteo.com/sid/json?origin=publishertag&domain=playrento.com&sn=ChromeSyncframe&so=3&topUrl=playrento.com&bundle=e5t1hl8lMkY2WHltV2lvN1lGbkJvQ0FkWUcwMW9aUEE0MGpMVyUyQiUyQnVWUTFicm4xZXFBS2hhcVRvWTViVzd3VWE4RG8lMkZyZDdNYnVFa245VnhBZkI3TTclMkZzaWM2NHZiYlBWZzdDRHllejclMkZjeGZIM3lUN1h4dXZVR2ZleVdwMDBsN1ptZW9QcQ&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-yMYxXxWbUxQQ0wyd2RONlpOQlQ2QWJWRmxhSTAvdWZ5bmQ5OUJKQXB6amtCQWIwUzdZT3VlOFljNkEybS8vSWxHMDdGZklSbmhPTGJzM05pSDNnNGgrV2doK3dpQ2JuTFRQTHpIZWZmMmpkQkMxUjV2Y0Fqb0N4YkpIMEdkbmZ0MzZ4Tys5NHNnb0o3b0xUUjNJaUNBbjBkelc0M0dXa2RhVTVxK09WZS8wenF6QzdRVTBmb1VsUUJWYnpQZWpkWHAyc0h0SUJWa1NTU0VGM1lZQVZWSC8vWDQzWEhua0VFMXVEUlYycmFLUGZYYlYxZERtRXR3ajFkQk9ieVMxVmhQcFh0RjFoK2FlOHM5NXhCMEQ1WWZ1cUhYOG5DanJjSTAvMXB1Y09kN3B1Vkp4cz18&cppv=2

Request Chain 238

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=ee56251a-8a2e-4a5a-9be0-b278a0f514c0 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=ee56251a-8a2e-4a5a-9be0-b278a0f514c0 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0

Request Chain 239

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L2jF9IRygZ.AikABlF9vu4pGg

Request Chain 240

https://sync.bumlam.com/?src=bw1&uid=0a265c90-7b87-535d-871a-e6e0e6a0fef6 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiasOiNBlIFvp7KygpiJDBhMjY1YzkwLTdiODctNTM1ZC04NzFhLWU2ZTBlNmEwZmVmNg** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiasOiNBlIFvp7KygpiJDBhMjY1YzkwLTdiODctNTM1ZC04NzFhLWU2ZTBlNmEwZmVmNqIBEErN2YpdxBHshuAAJZDAZHw* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiasOiNBmIkMGEyNjVjOTAtN2I4Ny01MzVkLTg3MWEtZTZlMGU2YTBmZWY2ogEQSs3Zil3EEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiasOiNBmIkMGEyNjVjOTAtN2I4Ny01MzVkLTg3MWEtZTZlMGU2YTBmZWY2ogEQSs3Zil3EEeyG4AAlkMBkfA** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4acdd98a-5dc4-11ec-86e0-002590c0647c

Request Chain 241

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=58c5bc9341393a63ed9f3798

Request Chain 246

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1

Request Chain 252

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Cb4RzuWK1MXxay5&gdpr=1

Request Chain 253

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7b47fc2f-4ebf-4bbf-9748-8ec0336cf5f0

Request Chain 255

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1

Request Chain 261

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BTeTFAI-wBQeY8gTUT_cTVUylUMeMZMQBT-ii5e8

Request Chain 263

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 264

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=71a944c8-0878-4dc9-80cb-e27657e0c657&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0

Request Chain 266

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4acdd98a-5dc4-11ec-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4acdd98a-5dc4-11ec-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=b5sg2clOqobzeHOvsuQ%2Bng& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=b5sg2clOqobzeHOvsuQ+ng&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=b5sg2clOqobzeHOvsuQ+ng&extra2=aidata&google_gid=CAESELWPI722CFEhht_DjREWTAs&google_cver=1

Request Chain 269

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

271 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
playrento.com/ 34 KB
10 KB 151ms
55ms Document
text/html 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8e22cc7c0776cc9fc2d482bf258e54b52de9f6d1f92f435a0626f81371d19d8b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

GET
H/1.1 200
OK style-min.css
playrento.com/assets/stylesheets/ 43 KB
10 KB 36ms
36ms Stylesheet
text/css 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/stylesheets/style-min.css
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 80fd176b393ae6856b8e87e2140f1e4d7e1c01de429cdcfa1a7cb7a1188e491c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Mar 2018 16:41:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5ab52e2e-abf3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK styles-media-screen40-min.css
playrento.com/assets/stylesheets/ 7 KB
2 KB 67ms
29ms Stylesheet
text/css 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/stylesheets/styles-media-screen40-min.css
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 46598da199ff89f48a8d794aa9547c9e729b60b6ac0a0fcc925c56702d55d460

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Mar 2018 16:41:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5ab52e2e-1cff"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK styles-media-screen64-min.css
playrento.com/assets/stylesheets/ 6 KB
2 KB 90ms
33ms Stylesheet
text/css 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/stylesheets/styles-media-screen64-min.css
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7fbecc0664365b7a928b0530106c327ecaa9ddf838cccd596fe3a48bdc7250ac

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Mar 2018 16:41:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5ab52e2e-19b5"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK app-min.js Show response
playrento.com/assets/js/ 60 KB
17 KB 112ms
54ms Script
application/javascript 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/js/app-min.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5ded03731dc38d96f11a50bc816923dc0a85eb7851d8b8596b56ff083172b16e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Mar 2018 14:51:31 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5ab51473-f091"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK logo.png
playrento.com/assets/images/ 13 KB
13 KB 35ms
35ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/logo.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c41c7e5c097d1924fe97fc7992586fb9a10700728fa6b664057c75ddc14209d2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:28 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a8c-33f3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13299
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-gplay.png
playrento.com/assets/images/icons/ 2 KB
2 KB 31ms
31ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-gplay.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 36f9e09aff3e804d6fb601fa5a322651490056c2ad9345a8d897592d8401b32a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a82-804"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2052
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-apple.png
playrento.com/assets/images/icons/ 2 KB
2 KB 32ms
31ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-apple.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 84af9a91a0ff9d42fe6abc848bc852f91bdd780eedf263d7c93f86c8af90997d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a82-7fa"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2042
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-steam.png
playrento.com/assets/images/icons/ 3 KB
3 KB 33ms
31ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-steam.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 98ccdd74d201275a5e6d90fc9769ca682a8edf381bf95c6cce465ed5dc5ec11c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a82-a2f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2607
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-ps4.png
playrento.com/assets/images/icons/ 3 KB
3 KB 91ms
30ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-ps4.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5d2955922e5eb8cf40fd048aa24ccec33000c051d2bd995238003fe1c264d7ca

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a82-ae5"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2789
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-xbox.png
playrento.com/assets/images/icons/ 3 KB
3 KB 95ms
31ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-xbox.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8c2d5f1af3ecb9736b338c75f00a4e0429ac9f91eff20a5f374f7657c0d3d5a8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 02 Jun 2018 08:13:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b1251a1-bd5"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3029
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-switch.png
playrento.com/assets/images/icons/ 2 KB
3 KB 31ms
31ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-switch.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9ab1a8e8b2f0c0e2bcb0e9da0854517f270c35988fbc522682f0e95bcba8dfac

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 02 Jun 2018 08:13:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b1251a1-9db"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2523
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-windows.png
playrento.com/assets/images/icons/ 2 KB
2 KB 29ms
29ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-windows.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b44e693ac9a4edb423ec7e932a45a0b0f45ffe6898713484cc24741ea6a397c8

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a82-6de"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1758
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK icon-amazon.png
playrento.com/assets/images/icons/ 3 KB
3 KB 30ms
30ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/icon-amazon.png
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 534838b0bb1d51d565835b272ed07219ff0494dc5770ccff08a9babb8a46ceb1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a82-b89"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2953
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK ratings.jpg
playrento.com/assets/images/ 33 KB
34 KB 35ms
34ms Image
image/jpeg 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/ratings.jpg
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8af382f2bf1c515d529103bedb916a3cb1472446b60bf0673e150621311b733c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 02 Jun 2018 08:13:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b1251a1-8563"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34147
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK reviews.jpg
playrento.com/assets/images/ 18 KB
19 KB 36ms
36ms Image
image/jpeg 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/reviews.jpg
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c8c1157a2da223023210cb81985597b26cf53da1efc43a51f10f9ff473304303

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 02 Jun 2018 08:13:21 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5b1251a1-48e4"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18660
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK achievements.jpg
playrento.com/assets/images/gallery/ 87 KB
87 KB 36ms
36ms Image
image/jpeg 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/gallery/achievements.jpg
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 83e6d468e9bd9cd239342d611a7a87b4a79539e132332014496e7930284ca724

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a90-15b8c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88972
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK multi-language.jpg
playrento.com/assets/images/gallery/ 79 KB
79 KB 36ms
36ms Image
image/jpeg 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/gallery/multi-language.jpg
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 82469f22589dafc42f48eca0fe6109c7c9e639f19e054b41313f19d1b2ca130c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a90-13ae6"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80614
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK functions.js Show response
playrento.com/assets/js/ 3 KB
1 KB 30ms
29ms Script
application/javascript 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/js/functions.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4832bacf3ca0142fe8c8eac6f8a590ad60bc2d006fd7001f1cf35e56d0570e60

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5aad5a9a-c54"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK bg-menu.png
playrento.com/assets/images/backgrounds/ 21 KB
22 KB 47ms
37ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/bg-menu.png
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2b75399afac771b69eea3a0afb7c2993339dc3c3c8bdaae7c7cf6a6bac906efd

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-55ea"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21994
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK header.jpg
playrento.com/assets/images/header/ 284 KB
284 KB 34ms
34ms Image
image/jpeg 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/header/header.jpg
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 903e384132753c595dcdb7c734c4727528595f29d50462c259505fb93ca503ca

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sun, 18 Mar 2018 21:00:43 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aaed37b-46f76"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290678
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK lettering-bg.png
playrento.com/assets/images/backgrounds/ 118 B
436 B 30ms
30ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/lettering-bg.png
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fc8d5d0572f55ec1e6f93dcfd1fff777fe8fe588b36c705245cd668b9cc8643f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-76"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK bg-body-top.png
playrento.com/assets/images/backgrounds/ 23 KB
24 KB 52ms
40ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/bg-body-top.png
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4242dd15359fa7bbd212ccd1d4573193bffe980ec2d87851215a94484fee4a18

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-5d3c"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23868
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK rax_HiqOu8IVPmnzxKl8Axhf.woff2
playrento.com/assets/stylesheets/google-fonts/ 9 KB
9 KB 62ms
34ms Font
application/octet-stream 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/stylesheets/google-fonts/rax_HiqOu8IVPmnzxKl8Axhf.woff2
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ff8503107014f509fa8b4b0ce1f4307bf2068308db1b8cd847d6c26cafc48ff9

Request headers

Referer: https://playrento.com/assets/stylesheets/style-min.css
Origin: https://playrento.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sun, 18 Mar 2018 22:40:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aaeeac7-249c"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9372

GET
H/1.1 200
OK _gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
playrento.com/assets/stylesheets/google-fonts/ 17 KB
17 KB 76ms
49ms Font
application/octet-stream 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/stylesheets/google-fonts/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f8bdc315a554303bd7f4ca9bb658aac03b413943dfbf91dcc2dca14efed6feb9

Request headers

Referer: https://playrento.com/assets/stylesheets/style-min.css
Origin: https://playrento.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sun, 18 Mar 2018 22:40:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aaeeac7-4280"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17024

GET
H2 200 _BLK8l-OtlM Show response
www.youtube.com/embed/ Frame 503A 60 KB
26 KB 154ms
79ms Document
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/_BLK8l-OtlM

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfe38b7787ab34a6bbca380e565613060f3c5df4b83d23443a24e6409633c175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Dec 2021 16:30:13 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fr for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK bg-body.jpg
playrento.com/assets/images/backgrounds/ 31 KB
32 KB 38ms
36ms Image
image/jpeg 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/bg-body.jpg
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 68967dd22a741f256cb480e1f984d0153c3b480c082335a6afde23aaaff9974e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-7df6"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32246
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK big-sep.png
playrento.com/assets/images/backgrounds/ 3 KB
3 KB 61ms
30ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/big-sep.png
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6bb7e1ef531075ce136925099e18dd1c7f9e8946ed2d60e7fc0e7feda5127178

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-a0f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2575
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK btn-large.png
playrento.com/assets/images/backgrounds/ 2 KB
2 KB 49ms
29ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/btn-large.png
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a7f5f0a68b10d96a9c69a8d5cc638387d5e1b1f7f7f38b57a11f8923af19b1dc

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-762"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1890
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK aside-header.png
playrento.com/assets/images/backgrounds/ 9 KB
10 KB 35ms
32ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/aside-header.png
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0774113f0ee1c6bd5a73c95bec59c8d536f21929be30b934865cf839ad2fd9c4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-2592"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9618
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK notepad-pattern.jpg
playrento.com/assets/images/backgrounds/ 375 B
695 B 47ms
35ms Image
image/jpeg 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/notepad-pattern.jpg
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: fe8c502c47649e2fa3ce346ec4a04c79b33b82da161d6f59ce57e62707189b79

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-177"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 375
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UNirkOUuhp.woff2
playrento.com/assets/stylesheets/google-fonts/ 14 KB
14 KB 69ms
49ms Font
application/octet-stream 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/stylesheets/google-fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2

Request headers

Referer: https://playrento.com/assets/stylesheets/style-min.css
Origin: https://playrento.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sun, 18 Mar 2018 22:40:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aaeeac7-38d0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14544

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
playrento.com/assets/js/ 93 KB
33 KB 56ms
55ms Script
application/javascript 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/js/jquery-1.7.2.min.js
Requested by: Host: playrento.com
URL: https://playrento.com/assets/js/app-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5aad5a9a-17278"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
13 KB 161ms
94ms XHR
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22597107721/playrento.com_300x300_sidebar_desktop_DFP&sz=300x250&t=Placement_type%3Dserving&1639585813749

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7794a35404083a71c400c71d689820e8cfde6e57a74190b9ef1937302d1d1f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
google-lineitem-id: 5789584502
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363881395
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ga-lite.min.js Show response
playrento.com/assets/js/ 8 KB
3 KB 37ms
37ms Script
application/javascript 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/js/ga-lite.min.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 01bd83f8aec34240bebf6811ef98f0fbdadb3f3f1b820373a72357e9cfac5b91

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Mar 2018 20:44:12 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5aaecf9c-1e8a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK bg-footer-fill.png
playrento.com/assets/images/backgrounds/ 11 KB
12 KB 42ms
41ms Image
image/png 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/backgrounds/bg-footer-fill.png
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ba5923c17ddb466ea1ad69503c74086bae45ab0128bbf33fdb8d4e7f82cb1629

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/assets/stylesheets/style-min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sat, 17 Mar 2018 18:12:42 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aad5a9a-2dd8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11736
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H/1.1 200
OK memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2
playrento.com/assets/stylesheets/google-fonts/ 13 KB
13 KB 40ms
34ms Font
application/octet-stream 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://playrento.com/assets/stylesheets/google-fonts/memnYaGs126MiZpBA-UFUKXGUdhrIqM.woff2
Requested by: Host: playrento.com
URL: https://playrento.com/assets/stylesheets/style-min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: dd6e14944b8bb220a27f603d79ead255a9c456884befb6b5649c988449ce7a7c

Request headers

Referer: https://playrento.com/assets/stylesheets/style-min.css
Origin: https://playrento.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Last-Modified: Sun, 18 Mar 2018 22:40:07 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5aaeeac7-34d8"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13528

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
14 KB 127ms
84ms XHR
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22597107721/playrento.com_970x90_sticky_anchorad_desktop_DFP&sz=970x90&t=Placement_type%3Dserving&1639585813773

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

066ee0c3302143d4757cdb6acc6b94ed6652e1504ec9472eddfa4a245d21d80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13295
x-xss-protection: 0
google-lineitem-id: 5787661860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371519279
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/204bfffb/ Frame 503A 337 KB
47 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a9ae6f4226f2a69171713a1a08bf670297ae4b2517d8df0d707a206b0bb5b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47300
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 503A 15 KB
16 KB 107ms
31ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 84212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 17:06:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/204bfffb/www-embed-player.vflset/ Frame 503A 225 KB
73 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9cf9fe55d2740f89e2bbbd96b47d2793948cb9480aae05f7db428b41e9d8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74767
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/ Frame 503A 2 MB
529 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86f6d89cd95e9adfeb3c89cb1d4a10546107bc5b06a19e105a9adf01229c215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:02:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541113
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:02:08 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/204bfffb/fetch-polyfill.vflset/ Frame 503A 8 KB
3 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:43 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
438 B 129ms
52ms Ping
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect?v=1&ul=en-us&de=UTF-8&dl=https%3A%2F%2Fplayrento.com%2F&dt=Rento%20%7C%20Online%20Monopoly%20Board%20Game&sd=24-bit&sr=1200x1600&vp=1600x1200&dr=&t=pageview&cid=0.29481404391057797.0.048130315119418565&tid=UA-21542136-8&z=1639585813888

Requested by

Host: playrento.com
URL: https://playrento.com/assets/js/ga-lite.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/NaN/ Frame BA26 0
356 B 489ms
407ms Script
text/plain 65.9.64.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/NaN/op.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.64.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-64-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: sioiBZ23vWdRQHGqdFj0Itnffu8xR4D.
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 18:38:17 GMT
server: AmazonS3
age: 58699
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/plain
date: Wed, 15 Dec 2021 11:10:14 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 9H4beOnAsS7K2GN4j3TKXijgXD3Z67wJp1oizgndAXf90f7EYcZUYA==

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame BA26 461 KB
142 KB 187ms
78ms Script
application/javascript 2606:4700:3108::ac42:28fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66673d0b4c8c341378a025ddaac4287c285ba15046485b1782cebfb676010e7b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: NdT9YoD6mIxWGrWUt3CtdQ==
age: 6752
x-ms-lease-status: unlocked
last-modified: Tue, 14 Dec 2021 10:36:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCZYHos79qKwejOSp0Hd0MKuVK3mlfAIWcaYGn097BNLYwbYi6I6vec992KBwIEX0SUlwRPEMN4tpsEDFZ%2FIVQRInH4YkI%2FuMTloG8QxcLFIQ6H36zlXSynwmyI6XwXJEDr5k7ULIqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: 7a9ca44f-a01e-002a-2bd6-f02087000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6be10e29dfc90e26-MXP

GET
H/1.1 200
OK burger.svg
playrento.com/assets/images/icons/ 482 B
598 B 46ms
45ms Image
image/svg+xml 195.154.106.178
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://playrento.com/assets/images/icons/burger.svg
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.106.178 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-106-178.rev.poneytelecom.eu
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: eb4865eeae0fb07d9459750e6b5b1d14e74c1801a2237b8218ba197d302994c1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:13 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Mar 2018 18:12:18 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"5aad5a82-1e2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 14 Jan 2022 16:30:13 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/NaN/ Frame 4666 0
355 B 538ms
507ms Script
text/plain 65.9.64.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/NaN/op.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.64.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-64-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: sioiBZ23vWdRQHGqdFj0Itnffu8xR4D.
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 18:38:17 GMT
server: AmazonS3
age: 58699
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: text/plain
date: Wed, 15 Dec 2021 11:10:14 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: KLyevOMtLQQoqFe6BCTKG0khqPD2WjD_gVNxhX7iPPvpmvAM3kwcMg==

GET
H2 200 stpd201221.js Show response
stpd.cloud/assets/postbid/ Frame 4666 461 KB
142 KB 182ms
125ms Script
application/javascript 2606:4700:3108::ac42:28fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd201221.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66673d0b4c8c341378a025ddaac4287c285ba15046485b1782cebfb676010e7b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: NdT9YoD6mIxWGrWUt3CtdQ==
age: 6752
x-ms-lease-status: unlocked
last-modified: Tue, 14 Dec 2021 10:36:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYcrnEAcCfOrjq52kUOxu4s26v4LoszUEIn6TOVwoHlpg9rg997bm%2Fw%2BFhVzPf8NXqm14oWw2RKm7z2LXbD6sW2axxTGs2NneAa02pq3QXtoN42aS%2FzY8GzzcK3%2B3D6mC%2FtouvJZ%2F3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: 7a9ca44f-a01e-002a-2bd6-f02087000000
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6be10e29dfd10e26-MXP

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 503A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

74ms
36ms

XHR
application/json

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32f4fd99d45f996d836819b6b7e65ab5cf38d56950a230204c3bdaf8651e56a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Dec 2021 16:30:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 503A 29 B
588 B 96ms
28ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:27:15 GMT
x-content-type-options: nosniff
age: 179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Dec 2021 16:42:15 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/ Frame 503A 94 KB
29 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6203a724c916a02c7315c11aa93673f31c94b8b8923c0b1c24498316bf99bca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29814
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:02:10 GMT

GET
H2 200 a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js Show response
www.google.com/js/th/ Frame 503A 35 KB
14 KB 96ms
29ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/a3fmBC5pwb_hc1vtPj8EisbHNaOXXVv65hr18gGbcOg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 17:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 17:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 17:54:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/ Frame 503A 25 KB
7 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62e61332d226845672d7c3596a6e6e7a50a18917e1678a5f6c62acd3e11d0d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:02:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7366
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:02:49 GMT

GET
DATA 200
OK truncated
/ Frame 503A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRBdIRtl5Z-NNxiMPhUZKNDZmvtacZL3J1s5WCEag=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 503A 5 KB
5 KB 96ms
29ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRBdIRtl5Z-NNxiMPhUZKNDZmvtacZL3J1s5WCEag=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

543a1236baadb53fae40e38560acfddba4e71140aab04389a961ae52046f550e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:31:02 GMT
x-content-type-options: nosniff
age: 3552
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5226
x-xss-protection: 0
server: fife
etag: "v8a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 16:11:58 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/_BLK8l-OtlM/ Frame 503A 57 KB
57 KB 96ms
30ms Image
image/webp 2a00:1450:4001:809::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/_BLK8l-OtlM/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

741ef1e1c358aa43b0f8e210c6caf68bd4aec51b329f2cd7970eb7773b81b4b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:31:02 GMT
x-content-type-options: nosniff
age: 3552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58262
x-xss-protection: 0
server: sffe
etag: "1520428382"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 17:31:02 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 503A 4 KB
3 KB 113ms
46ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Dec 2021 16:30:14 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 503A 0
9 B 32ms
29ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?7JAtTQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/_BLK8l-OtlM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame 503A 52 KB
15 KB 66ms
29ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 16 Dec 2021 16:02:02 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 114ms
34ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplayrento.com%2F&domain=playrento.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://playrento.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://playrento.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1678
date: Wed, 15 Dec 2021 16:30:14 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame BA26 134 KB
36 KB 124ms
41ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 345
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0ANVKY4EJS5RMHFF7100
date: Wed, 15 Dec 2021 16:25:17 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4elHI5Gl7izaUuvTKm36jZOmV7IHxfn9gIJJ5A7AiMcO44quF8zebw==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame BA26 483 B
970 B 166ms
57ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1851
content-type: application/javascript
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vRv22gJf5COlw%2F3suTGmrKbq1GKoN51BCv4SdKJ%2F%2Bo4hb8Uqe1YwcuQ1gNMHrt177wdN83k05ylzMAAYBvHSl2%2FdRf%2Fbkg3T9SPdI%2BMZN7Yd6qKlMH2ifZzTNYL%2BD9vYjchxRJQ53bhoOeD"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1638788436623244
cache-control: public, max-age=1800
cf-ray: 6be10e2d1d0b83a9-MXP
expires: Wed, 15 Dec 2021 17:00:14 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame BA26
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplayrento.com%2F&domain=playrento.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=LNH19nxEKzRLbVJlNFpNbXRyMVR2SGUySUpkc1I2Y2Y1M2doSm9HT3g5d3FVSHNncHc1Qzd0dzRoZHBOOXRlekhjSG1NVVl1R2NOQXRFYzhSYThuV2pUWldUcmdwOFRub1Z1eEt5UWI4QndKNFp4aW9BTUhuOW5reTU0K0...

358 B
615 B

123ms
48ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LNH19nxEKzRLbVJlNFpNbXRyMVR2SGUySUpkc1I2Y2Y1M2doSm9HT3g5d3FVSHNncHc1Qzd0dzRoZHBOOXRlekhjSG1NVVl1R2NOQXRFYzhSYThuV2pUWldUcmdwOFRub1Z1eEt5UWI4QndKNFp4aW9BTUhuOW5reTU0K0RqWWVxZUxINk5ab2x1OGtobnlGcCtIRUJyYnZZVnBWV2NscWIycitZdTFJZk5pcmw5YUFnUHVNQUtaR3VTMXNhWmY2WmFvYWtpTWRoUktVbytWUit6bjY0M0pJNzJPcFRJOXRNcklUMWlybDBiR0E0cVZnPXw&cppv=2

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c4be6bb57b520fdc7db538f112cc1d7b7652a9b7bf636b68a23aa424a5e3fc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2142
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
location: https://mug.criteo.com/sid?cpp=LNH19nxEKzRLbVJlNFpNbXRyMVR2SGUySUpkc1I2Y2Y1M2doSm9HT3g5d3FVSHNncHc1Qzd0dzRoZHBOOXRlekhjSG1NVVl1R2NOQXRFYzhSYThuV2pUWldUcmdwOFRub1Z1eEt5UWI4QndKNFp4aW9BTUhuOW5reTU0K0RqWWVxZUxINk5ab2x1OGtobnlGcCtIRUJyYnZZVnBWV2NscWIycitZdTFJZk5pcmw5YUFnUHVNQUtaR3VTMXNhWmY2WmFvYWtpTWRoUktVbytWUit6bjY0M0pJNzJPcFRJOXRNcklUMWlybDBiR0E0cVZnPXw&cppv=2
strict-transport-security: max-age=86400; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2063
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame BA26 213 B
531 B 139ms
34ms XHR
application/json 51.195.5.234
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.234 , France, ASN16276 (OVH, FR),

Reverse DNS

p36.id5-sync.com

Software

Resource Hash

3086b0d7d8794f0eb35628ff777781e62dcfe8daa0b5347e9ab4232a8e814dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://playrento.com
Date: Wed, 15 Dec 2021 16:30:04 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame BA26 78 KB
27 KB 108ms
36ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0f32a00e2e5123efc567d501376d2cd929e6f80b0970d88e455364047accce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1071 / 259 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26914
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Dec 2021 16:30:14 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7630
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

165ms
37ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 15 Dec 2021 16:30:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Wed, 15 Dec 2021 16:30:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame BA26 948 B
943 B 246ms
126ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9956231f3db0daee705727c64da7566b4f1eddd4d5d5e548e9c4c3f8a9851fb3

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fs21OX3DqDy%2BJGhl2Pe4ORJk3UpqyU6vJK%2FHC2sIsjGhkoQF4QkgKryp3K4eq6%2BKlFORIdGMqXoe6Ho8fH%2Bki%2B1uklfmLzW0t0PLVWA2AmRHoPUZ%2B%2FvxGcWxoh23GNxmeHGsGGrbY79gl9t9yeAWk2v385mV"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6be10e2d9e7e83a9-MXP
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame BA26 159 B
432 B 296ms
178ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5e025585bead2f3a5cb34cfd09a8f3008915614aa4092e8b9248b772dec462

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGRDZ%2BBZ5L0EvBhLo2fcSSK5L8I2AblEdpC2IM7vltJAMwcLSVWE68gQsOxovBxmrYMGw3sEW2yR8BnqFCApdxcWLBAPaZTWK5gA%2BpPIqbk1N0LNxLa1iuoAneo6eIN1FSV6WVj5yBlzf9ZN%2BwpcqXywG4cs"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6be10e2d9e9683a9-MXP
expires: 0

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame BA26
Redirect Chain

https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=6976129942035481&tz=0&fl=0&rr=direct&s=4413340&bidid=10bec4ed4c05a3b&transactionid=990bfa2d...
https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=6976129942035481&tz=0&fl=0&rr=direct&s=4413340&bidid=10bec4ed4c05a3b&transactionid=990bfa2d...

2 B
216 B

128ms
127ms

XHR
application/json

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=6976129942035481&tz=0&fl=0&rr=direct&s=4413340&bidid=10bec4ed4c05a3b&transactionid=990bfa2d-4d8d-4f9d-b296-3d3177aa5cda&auctionid=fc41ba28-df23-46b5-bcc7-38bcb7744e6a&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F&crf=1
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

Redirect headers

location: /adjson?sizes=970x90%252C950x90%252C900x90%252C728x90%252C970x50&jst=hb&ord=6976129942035481&tz=0&fl=0&rr=direct&s=4413340&bidid=10bec4ed4c05a3b&transactionid=990bfa2d-4d8d-4f9d-b296-3d3177aa5cda&auctionid=fc41ba28-df23-46b5-bcc7-38bcb7744e6a&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://playrento.com
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame BA26 0
175 B 123ms
42ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:14 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid Show response
mp.4dex.io/ Frame BA26 99 B
509 B 240ms
101ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa9b7ae892db64ba3621aaa58a0cbe993d32c191e2acdc8d3e0ef7649c1b1923

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playrento.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6be10e2dcb330f66-MXP
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame BA26 11 KB
11 KB 247ms
173ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=719513&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221534954d202791%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fplayrento.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%221064%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216d57e2901901de%22%2C%22ext%22%3A%7B%22siteID%22%3A%22719513%22%2C%22sid%22%3A%22playrento.com_970x90_sticky_anchorad_desktop%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22171438afeba7761%22%2C%22ext%22%3A%7B%22siteID%22%3A%22719513%22%2C%22sid%22%3A%22playrento.com_970x90_sticky_anchorad_desktop%22%7D%2C%22banner%22%3A%7B%22w%22%3A950%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22186c22d55ac8662%22%2C%22ext%22%3A%7B%22siteID%22%3A%22719513%22%2C%22sid%22%3A%22playrento.com_970x90_sticky_anchorad_desktop%22%7D%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221998a9fdc16776c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22719513%22%2C%22sid%22%3A%22playrento.com_970x90_sticky_anchorad_desktop%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222069599b3ba5938%22%2C%22ext%22%3A%7B%22siteID%22%3A%22719513%22%2C%22sid%22%3A%22playrento.com_970x90_sticky_anchorad_desktop%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A50%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9c0cb94cbe878ea5d5da995c383be11303881ec9362c7e4712de94b984b398b6

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[37.120.204.198], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://playrento.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11060
x-ak-client-geo: 28
expires: Wed, 15 Dec 2021 16:30:14 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ Frame BA26 0
157 B 132ms
45ms XHR
text/plain 35.156.230.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1639585814523&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BA26 139 B
818 B 102ms
33ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1b9cce0e936048383711530d309ea901c046d91ecb72ec8629b84ea005c3dd2c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:14 GMT
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ef146b28-e5f0-4083-a131-543bf566838b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://playrento.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame BA26 73 B
378 B 121ms
31ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fplayrento.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=990bfa2d-4d8d-4f9d-b296-3d3177aa5cda&nocache=1639585814526&pubcid=d4d887f6-872c-4750-b98a-1b01f7e068c4&schain=1.0%2C1!setupad.com%2C1064%2C1%2C%2C%2C&aus=970x90%2C950x90%2C900x90%2C728x90%2C970x50&divIds=div-custom-ad-1639585813930-0&auid=551032187
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: b2af092bbbe2865602beef247486d2c405dff79c6826ae3e389e9db5fba57062

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://playrento.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame BA26 0
186 B 69ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=88053869287
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:14 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame BA26 171 B
564 B 252ms
145ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b25%3b71
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://playrento.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 / Show response
adx.adform.net/adx/ Frame BA26 5 B
446 B 199ms
100ms XHR
application/json 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA0MzcmdHJhbnNhY3Rpb25JZD05OTBiZmEyZC00ZDhkLTRmOWQtYjI5Ni0zZDMxNzdhYTVjZGE%3D&pt=gross&stid=fc41ba28-df23-46b5-bcc7-38bcb7744e6a&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImQ0ZDg4N2Y2LTg3MmMtNDc1MC1iOThhLTFiMDFmN2UwNjhjNCI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame BA26 0
378 B 478ms
257ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:14 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 136
vary: origin, Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 36ms
36ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplayrento.com%2F&domain=playrento.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://playrento.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://playrento.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1428
date: Wed, 15 Dec 2021 16:30:14 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 4666 134 KB
36 KB 55ms
55ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 345
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0ANVKY4EJS5RMHFF7100
date: Wed, 15 Dec 2021 16:25:17 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: XwidzZAZPKTnQrUbrFs7hnHbREtBmZPurKmb2ZwpZ8DNGzMVohqqew==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 4666 483 B
557 B 76ms
58ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1851
content-type: application/javascript
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8kxf7Oe1xG%2BmAujKZZjnyKAtFiflN7OVBcVRqXm%2BoTTVQoA%2BNF0XEzdNTGyz8aA7Itz7tIwL191ylpVhuf9vmcxt95o%2FsZAiDowpQp2Kve35AYeDZCFfBgtfMkV33TS%2B1dec%2BKDUrurFTUh"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1638788436623244
cache-control: public, max-age=1800
cf-ray: 6be10e2d1d1083a9-MXP
expires: Wed, 15 Dec 2021 17:00:14 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4666
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fplayrento.com%2F&domain=playrento.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=C9y7d3xONyt1U3M1VjJKakJSU1hyd0N6RXlxY1dOYW9HbVV6ZmdMNEVaN0p4emxHcFFDZGRidTBlN3VsM1Q4SnZsTDdYMEhoNzRlaXgyRUFlME1qMzNjWkxXbStWZUNHVjFlOUMwK002MCtLREJqZVpveHQ3cXhtQzhhMm...

358 B
621 B

124ms
48ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=C9y7d3xONyt1U3M1VjJKakJSU1hyd0N6RXlxY1dOYW9HbVV6ZmdMNEVaN0p4emxHcFFDZGRidTBlN3VsM1Q4SnZsTDdYMEhoNzRlaXgyRUFlME1qMzNjWkxXbStWZUNHVjFlOUMwK002MCtLREJqZVpveHQ3cXhtQzhhMm9BS0cwV0x1bE4wYkNCc3FYN1FNcS9GdEpFOWZMaStrK1Rpcnc2eWxDaDR4VmRMU2hidGJsbzlsOUV1dm9VeDN4bjV5elEyTENqU2M2d2c3bklsaEhIZ2lLTlVDQnE0TytkaGE4YzZsUUFwQ1BwU0MvTmhRPXw&cppv=2

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f16f694a20673558fde799a231608be61bb4cc99b4223252bb6aa512a33fddfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2182
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
location: https://mug.criteo.com/sid?cpp=C9y7d3xONyt1U3M1VjJKakJSU1hyd0N6RXlxY1dOYW9HbVV6ZmdMNEVaN0p4emxHcFFDZGRidTBlN3VsM1Q4SnZsTDdYMEhoNzRlaXgyRUFlME1qMzNjWkxXbStWZUNHVjFlOUMwK002MCtLREJqZVpveHQ3cXhtQzhhMm9BS0cwV0x1bE4wYkNCc3FYN1FNcS9GdEpFOWZMaStrK1Rpcnc2eWxDaDR4VmRMU2hidGJsbzlsOUV1dm9VeDN4bjV5elEyTENqU2M2d2c3bklsaEhIZ2lLTlVDQnE0TytkaGE4YzZsUUFwQ1BwU0MvTmhRPXw&cppv=2
strict-transport-security: max-age=86400; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1889
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 4666 213 B
531 B 87ms
35ms XHR
application/json 51.195.5.234
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.234 , France, ASN16276 (OVH, FR),

Reverse DNS

p36.id5-sync.com

Software

Resource Hash

3984580315105678e95b727ad819af2a9e5456c36726c5b720ee39b0c41a9fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://playrento.com
Date: Wed, 15 Dec 2021 16:30:04 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4666 78 KB
26 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0f32a00e2e5123efc567d501376d2cd929e6f80b0970d88e455364047accce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1071 / 383 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26914
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Dec 2021 16:30:14 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0D65
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
554 B

132ms
37ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 15 Dec 2021 16:30:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Wed, 15 Dec 2021 16:30:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BA26 348 KB
117 KB 127ms
53ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Dec 2021 16:30:14 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 4666 948 B
632 B 150ms
128ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9956231f3db0daee705727c64da7566b4f1eddd4d5d5e548e9c4c3f8a9851fb3

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6JfOP0tt8jKMqlHfxHo6r5sPIX2%2FoIAoWnIquSDoGVDoSJ3nxhu%2F639wlsO0rNrwrei2%2BNiz4ckNUY0hRHKbeMbHQt%2FHTl0mj9tXW7DHovm8jLAlDQ0%2BbitdJv8h0tcOu7nMcVFU3exylzxUIUGzn4AgDi3"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6be10e2d9e9c83a9-MXP
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 4666 7 KB
5 KB 308ms
287ms XHR
application/json 2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ba0396d1001f2f2c4bc32aed4a2fcd96032353f276f10a41e5baf22d0959665

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72I9rzzR2Y%2FGPMIEAaZL30V5JAB4ksaxdf6eh9Z9HF6XdU4jWzrFeaP68G1lhCA44E3TCU7KV8pEzS7bhFah4Qs248PEKwiDp%2BbBpWRQ%2BBq9RuImABdO3DSLhSqdoI993CJmhHBX2Sm5ZbE7sx3gh85Y6aXD"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6be10e2d9e9b83a9-MXP
expires: 0

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame 4666
Redirect Chain

https://ads.betweendigital.com/adjson?sizes=300x250%252C300x300&jst=hb&ord=2792361931183715.5&tz=0&fl=0&rr=direct&s=4413339&bidid=10ecd0b09bdef6&transactionid=dacc3329-3e40-4bbf-bd05-c5bb34b231d9&a...
https://ads.betweendigital.com/adjson?sizes=300x250%252C300x300&jst=hb&ord=2792361931183715.5&tz=0&fl=0&rr=direct&s=4413339&bidid=10ecd0b09bdef6&transactionid=dacc3329-3e40-4bbf-bd05-c5bb34b231d9&a...

2 B
216 B

124ms
123ms

XHR
application/json

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?sizes=300x250%252C300x300&jst=hb&ord=2792361931183715.5&tz=0&fl=0&rr=direct&s=4413339&bidid=10ecd0b09bdef6&transactionid=dacc3329-3e40-4bbf-bd05-c5bb34b231d9&auctionid=c0c95b4b-aefc-4529-aef4-eaee9bab884c&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F&crf=1
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

Redirect headers

location: /adjson?sizes=300x250%252C300x300&jst=hb&ord=2792361931183715.5&tz=0&fl=0&rr=direct&s=4413339&bidid=10ecd0b09bdef6&transactionid=dacc3329-3e40-4bbf-bd05-c5bb34b231d9&auctionid=c0c95b4b-aefc-4529-aef4-eaee9bab884c&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTA2NCIsImhwIjoxfV19&ref=https%3A%2F%2Fplayrento.com%2F&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://playrento.com
content-length: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 4666 37 B
331 B 133ms
133ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=719513&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22115c94530cc2b0a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fplayrento.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%221064%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212b6f3ba0d6e035%22%2C%22ext%22%3A%7B%22siteID%22%3A%22719513%22%2C%22sid%22%3A%22playrento.com_300x300_sidebar_desktop%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221342cfb55150529%22%2C%22ext%22%3A%7B%22siteID%22%3A%22719513%22%2C%22sid%22%3A%22playrento.com_300x300_sidebar_desktop%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A300%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 926e9eca2a85ad55a07431d65bb75d68898491b9f019b8233476f39a87f3ac91

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
x-ak-initial-geo: CC:[FR], RC:[IDF], CN:[EU], CIP:[37.120.204.198], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://playrento.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 28
expires: Wed, 15 Dec 2021 16:30:14 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4666 15 KB
8 KB 558ms
546ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

440f145199d6f9407944b8d42fccab58c72c29f76c44e481c4dfaca1de52d9f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 15 Dec 2021 16:30:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 61e5097b-2bf0-4a01-8fe3-144a424f8238
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://playrento.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4666 171 B
563 B 244ms
168ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b0%3b51
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://playrento.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 arj Show response
setupad-d.openx.net/w/1.0/ Frame 4666 73 B
147 B 39ms
39ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fplayrento.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dacc3329-3e40-4bbf-bd05-c5bb34b231d9&nocache=1639585814618&pubcid=d4d887f6-872c-4750-b98a-1b01f7e068c4&schain=1.0%2C1!setupad.com%2C1064%2C1%2C%2C%2C&aus=300x250%2C300x300&divIds=div-custom-ad-1639585813981-0&auid=551032186
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 1442fff89f39fdcb58444fac8119d945c62b56c0827896094dd9635cdf64a794

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://playrento.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 4666 5 B
447 B 108ms
96ms XHR
application/json 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTExMzA0MzUmdHJhbnNhY3Rpb25JZD1kYWNjMzMyOS0zZTQwLTRiYmYtYmQwNS1jNWJiMzRiMjMxZDk%3D&pt=gross&stid=c0c95b4b-aefc-4529-aef4-eaee9bab884c&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImQ0ZDg4N2Y2LTg3MmMtNDc1MC1iOThhLTFiMDFmN2UwNjhjNCI6WzFdfX0%3D

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://playrento.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4666 0
175 B 44ms
44ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:14 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 4666 99 B
176 B 150ms
110ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592c0dd39c50fbb09f0fe8cc3d42df7ffdedb41fd30f8ba1cf6664eac1c1e196

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://playrento.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6be10e2dcb370f66-MXP
x-err: Validating the Prebid Request adunits. Sampled or No valid non-debug AdUnits

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4666 0
186 B 25ms
24ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=83305793578
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:13 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 4666 0
156 B 44ms
44ms XHR
text/plain 35.156.230.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1639585814620&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 4666 0
237 B 433ms
301ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://playrento.com
date: Wed, 15 Dec 2021 16:30:14 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 179
vary: origin, Accept-Encoding

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame BA26 0
302 B 135ms
134ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fplayrento.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://playrento.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: rww_JyAhQc6QrOcLfKNvqpqJeNAvnCSRB0IkmDTIJb23dZDmypeQ-Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame BA26 23 B
491 B 76ms
75ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fplayrento.com%2F&pid=H62Jzd363R7qm&cb=0&ws=300x150&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1639585813930-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22950x90%22%2C%22900x90%22%2C%22728x90%22%2C%22970x50%22%5D%2C%22sn%22%3A%22%2F147246189%2C22597107721%2Fplayrento.com_970x90_sticky_anchorad_desktop%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: P9VY93RQCKBE08DKESJ7
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://playrento.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: V7o2HQ4bWOrI9QYI3MiZXM9pzzUCpVDfBM8QVIH0EvWfy1GJ2Eg8RA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BA26 6 KB
3 KB 115ms
46ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 27309
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Wed, 15 Dec 2021 08:55:06 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: P2qdaep3hfLjWLIL9zv05Ud6zYsWoQweWx633AJuTrrUEhCZt5wb-A==

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4666 348 KB
117 KB 120ms
120ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Dec 2021 16:30:14 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 4666 0
300 B 79ms
79ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fplayrento.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
access-control-allow-origin: https://playrento.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 85UTmPsyss1vSm-dABDX7eLZUPh5PknEcH3-Ju1R2CZPAw3hSBfH5Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 4666 23 B
490 B 89ms
88ms XHR
text/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fplayrento.com%2F&pid=gupXbJKeF1kGz&cb=0&ws=300x150&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1639585813981-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F147246189%2C22597107721%2Fplayrento.com_300x300_sidebar_desktop%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.29.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-29-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: 4BXK6KVG6A9FWQ2RG6DH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://playrento.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: sGVLxYhH4fsM38kSdy58bZBHOakq-qBjPCb55PWnMWsc7MSYsS6tlQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4666 6 KB
3 KB 66ms
48ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 27309
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Wed, 15 Dec 2021 08:55:06 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Ep2DHWtF7bEF3J6nS8epsstXykJTGkng-mk1BYaLr9MfzsPIbV2kWQ==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 133ms
33ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1246
date: Wed, 15 Dec 2021 16:30:14 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 133ms
34ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1176
date: Wed, 15 Dec 2021 16:30:13 GMT
strict-transport-security: max-age=86400; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame BA26 71 KB
23 KB 185ms
69ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 796077
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txadf414ca90414bdea858e-0061adeee4
x-amz-id-2: txadf414ca90414bdea858e-0061adeee4
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loJhlqcf7KyGd%2Fb3DbsPjpGYvWnLlOX12tjMkU2IjFZICvVx4%2Bx04EAduQ%2FmAyTfAHYHOErShAsotLxkVHn%2BAOLDlj0Ch9rZOofbVct33P3w4xeIQ%2BE1db%2FfzmRozu7In%2FbHQAa1vli322dj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6be10e2eba3e83ba-MXP
access-control-allow-headers: Authorization

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 4666 71 KB
22 KB 223ms
107ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 796077
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txadf414ca90414bdea858e-0061adeee4
x-amz-id-2: txadf414ca90414bdea858e-0061adeee4
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPk2TBJA4%2BtKZEZJwwqjuOHYKUPKmk19QVfVrRJcuV0W7%2BOxUK07Kvs5aWaQH0P2mQ%2BDXkiyr%2Bb6Qe7I4XpoeC0SDb%2FDVpic0%2BLNZXzOnHltgS1Nu2kyt1ogMA24oa7iYOKAp0F48l%2FK%2BR5d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6be10e2eba3f83ba-MXP
access-control-allow-headers: Authorization

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7630 32 KB
10 KB 45ms
45ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fe65c69aebe71039902645cc96ed098f382cc6bfd4e5bb29e9f873a73fc2b2e6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 01:01:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31034
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Thu, 16 Dec 2021 01:07:28 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D65 32 KB
10 KB 45ms
45ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fe65c69aebe71039902645cc96ed098f382cc6bfd4e5bb29e9f873a73fc2b2e6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 01:01:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31034
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Thu, 16 Dec 2021 01:07:28 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame BA26
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oJwAA%261143

36 B
36 B

108ms
108ms

Image
text/plain

2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oJwAA%261143
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHGUH60w2gLwzi5Rvixy16jdEKFAClj4WnyTS%2B6DbesYjdtwl5CotheLxiuS4veiS%2FqLUELJn%2FzbxyLdbYoxgQ5R6ddwM5AyRO9d2mVJlzaSa8ifErHg4e09MnZW1Hhlq6EZi89YwG8HsH8dlZQblHm3uegu"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6be10e303f2583a9-MXP
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oJwAA%261143
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301
Expires: Wed, 15 Dec 2021 16:30:15 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 4666
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D1%26gdpr_consent%3D%26uid%3D&s=184932&C=1
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oKAAA%261143

36 B
36 B

457ms
457ms

Image
text/plain

2606:4700:20::681a:8b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oKAAA%261143
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Server: 2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB3%2FGXmgOIMj2Y%2Fr4Gl%2BVgD%2FCS1x4KudPdokYwi5udvp%2BN2sl0Hi933%2Fi4SlY4GNPdDX%2F5a1yaplAO7HMuqOTCgO6SCvTL3M4kQVTY2Jek6B1s0X%2Fh%2BzfAaNOcE8hgFiDBUpNJFzzoPXlVadnRMX99ZrLeX%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6be10e304f2d83a9-MXP
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oKAAA%261143
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 301
Expires: Wed, 15 Dec 2021 16:30:15 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7630 284 B
536 B 215ms
54ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0D65 284 B
536 B 213ms
54ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame BA26 57 KB
22 KB 102ms
48ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

24c11ee30699eb692260f80e31b87c841b1caf1736cc701004446f8efa9ad7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22234
x-xss-protection: 0
server: cafe
etag: 15485993355261459839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 17:21:47 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame BA26 0
327 B 290ms
97ms Ping
image/gif 2a00:1450:401b:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kx7r27k4&c=3590131676622485&e=31063378%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYjAEgNSoECAcSAAoLGJcCIDoqBAgIEgA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:401b:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:15 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ Frame BA26 107 B
792 B 219ms
69ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=playrento.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA26 107 B
549 B 155ms
40ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=playrento.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BA26 19 KB
10 KB 444ms
443ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3590131676622485&correlator=2511737614936850&output=ldjh&impl=fifs&eid=31063378%2C31061166%2C31061691%2C31061693&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211215&iu_parts=147246189%3A22597107721%2Cplayrento.com_970x90_sticky_anchorad_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C950x90%7C900x90%7C728x90%7C970x50&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D359c99a7a73df17%26hb_bidder%3Dix&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=playrento.com&bc=31&abxe=1&lmt=1639585815&dt=1639585815027&dlt=1639585813926&idt=918&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=2&adxs=5&adys=5028&adks=730903818&ucis=8xbb0k9fsnpz&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fplayrento.com%2F&top=https%3A%2F%2Fplayrento.com%2F&rumc=3590131676622485&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x0&ga_vid=488455063.1639585815&ga_sid=1639585815&ga_hid=1503444305&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

1b43c50e78861648ef7d89435ba46dfb9a80f9b2dbde3a51e9053599e7e5f97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9844
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 632B 6 KB
4 KB 218ms
73ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Dec 2021 16:30:15 GMT
expires: Thu, 15 Dec 2022 16:30:15 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 um
cs.emxdgt.com/ Frame C0C3 0
0 841ms
116ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

content-type: text/html
date: Wed, 15 Dec 2021 16:30:15 GMT
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4666 107 B
122 B 145ms
77ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=playrento.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4666 22 KB
9 KB 491ms
491ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=867847765400964&correlator=390966670267973&output=ldjh&impl=fifs&eid=31060439%2C31063914%2C31062931&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211215&iu_parts=147246189%3A22597107721%2Cplayrento.com_300x300_sidebar_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D331b29af4a41a2c%26hb_size%3D300x250%26hb_pb%3D0.00%26hb_bidder%3DappnexusS2S&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=playrento.com&bc=31&abxe=1&lmt=1639585815&dt=1639585815185&dlt=1639585813940&idt=932&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=2&adxs=1069&adys=1276&adks=2698471653&ucis=ndlw4qveqiok&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fplayrento.com%2F&top=https%3A%2F%2Fplayrento.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x0&ga_vid=772015550.1639585815&ga_sid=1639585815&ga_hid=446356248&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9dff37121507808136616142c6f29f066a4a8fb32094c1a71c34f6f74af38dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9553
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://playrento.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B95 6 KB
3 KB 125ms
75ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Dec 2021 16:30:15 GMT
expires: Thu, 15 Dec 2022 16:30:15 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 136B 6 KB
3 KB 157ms
77ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Dec 2021 16:30:15 GMT
expires: Thu, 15 Dec 2022 16:30:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 um
cs.emxdgt.com/ Frame 7942 0
0 491ms
117ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

content-type: text/html
date: Wed, 15 Dec 2021 16:30:15 GMT
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0616 624 B
300 B 98ms
98ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhidxaWfATAB&v=APEucNV1XK0SvmMNgv4mBtN--M_vpu0RDyuUfT_XbE0LTyzSWfZDUbvSlzZyMtw_MgyMMRESYkLIFK_4Ie4F3cb6B-r2j_M9pdOOpDvFdbZLO0aWQJN_m4ZQMJR7OpaDfhMAhvVsLAdzzQVR2rDM88TrKX6bLLvauqZCmfMKEV2kgRxw8Gc_8avYUK6NgX6tandd9E1ozdzmKqR0Xk6n8295iGvmzjR4Qg

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Dec 2021 16:30:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Dec 2021 16:30:15 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 136B 24 KB
14 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DI89RTZ-OB57oJr5ygLdXx6leGy0gw03YDDzeR8PVSSOYmo1_rg3boD4pIuw8t5spmxvvJzKVABF6NhD733Hk-3ckAZU1UaSMrIiGpfA7dL1e65us_0u8VElxgAZirDUg3uoFYqtJXDsN40rXzUX7MSMiF_A&cry=1&dbm_d=AKAmf-AklamxqMmRHsmHpBJWkrVTrbpRHnW7X6QwKcBUekrmUJOB3_iqtFiMGiBZ9K6rhsO6i1PKmJDe6tgKx1ql3tJBeq9xj1t0TOoITlyfvlCS9lE2u2c29lXnFh47D62AZtFGod0JWeMRBlQeqypjAs6vAK8tBb5YINtBfh4birqECppEFAJpTIlYRGPG7VyKavkW8hJxE13xdku1WRMeK4WzzzYGXHYZcPxdwOU1tMsARYXW9UeHTKksv12Nu7yrUqht3AA_TxNBnDVjQJHCdQosXxfNzjHjhOtCW720SxQrYtGY5fxE6rKYWluiw90ujU-TlOslxXxYNxddgPqte2oHFmSYvZuP43RsKuJUd5mXrqND8gfb37zVO1ZLXfcWXHyxlNBK86TMGX52niCviQc2np4GNiWbf-VOkFAye3ZMbsKI8drYOUTPiUxC2k4-XBHFKc6USyNDi59OA4XAzCobS_vzAwy3Puif7HJiYZHasbidj_T-76mML_w2IUSod3ExVqXIbNydbCGP0KKUKaCQb9KEsn7FaWPBja9JZP8d5iLZGK9N1G9V0byyLcoEOb5iFHc_JWVrBPN0tQ8m9_Ula9PX0HVtmXqZyz1yLCjGKOLsrfs22Q57MBv9IVTJIfL8o88VQooN7CUuSIiwpZhhwdvEcO71YvaqfZZ0WwuVHTRYq93okX6reVS9r0W5A7-sLsF6mXx_SbYl0Ec1DdF8a7NWMcCMMTaHbItPMAtq1fkdCziiz_9x3a_Ctv1yP9ZdnP7vvW7ePEJc8ALO3lPfCsxnGDCnVYi9Lm8LqfBU6gfRyAqA0iQcly_LyKbLRWzL3LJzNYZqdYuxpXYNMds-5VtitXAyOvOAM09Rp7jZl0oAfe7ZaXj2tBtsfigxVSWRoUJtdChV4Lc1LQTzP-S_Of3Mg289SO1KoL2Luldg98QmS_LmGBPq5MapY0Wz3FNbJ3CB52sm5lSSv43_vjeEMOu6Dq6X4gGiK7nhJeXY6_edTvURxg7GWQCmDJa_wo_z4chrc9x8UtoXpG8df9mZHi9-pxY-zWgajmmTEI2XdZJbw8lZ3GF9TslVqhjvv6OViE4bDkErqJpP5VWGTdmf_F1YRbj9jvreQaH9ISvsmJEzPUStbNPDSWs_nU-WiFQuZib-WUc7IHeXtJeRNKLPBz_ImWu_V0o5vlG9-JW3iUUVot9ePR1pSFrUc044EAeONMO0jdyn9VIG29NoNrwxXxbHxkNrnJDaOmy_y-yudt3wC1tAP4j-TuVsLFilweBcSEfzrqwI7EoFEfcJ_C7KTqDACA763aSWd83MNFU1F28oLlIwnyrJLKbo0F_lUQfPTo8WBqP3SdDEu4tnN_5exT_AcjsmJx3g20peFZHP4a1MKGsaKae7j5gbO8-be7SIs8LIjGLuomruFhCvKvIHmytZoGQigNt8R4kXe71VPyvQBSZByiHs5FUPKdsBtPiKhxrKNehrr9cnbNhVBu9ZN6hMeqWcFhV8IXDlc34T2d3RTEPcVGNF49yoeNvond7on0Jcd3w4XZjPKgtFnhUXCbIbvmTgba37mcGGNTw-S2NRZeXOc0dFD2PZor2l2eC8s7zRb00OOtLQbBmgv9EQBJOBrYEgZ3az5j1DTX0zNrW4UcZAQhIfNJlDZRZNreeyNoES-lAg8nfyfUvv5qovsYPLiqDINNly0W4RG_qTJiOCttc9yvjdBo-7q7eGBvfBAUndAthjYbYvunrYR9ZOgXihlhXQbEFRyQs_fQLwmL72JbeKUQ2udQRpxdt4UD4qf99TmsY31D3Kqfma5M3ew-dFJEZWwNL311uSxAXlb8kIfI59OEN9hzjR_GALHpp5Llo1zpv63ZPRHskMPPV8hhO-Q-1XppcMRBP0-dyjGZv05esuu5ljDPwYvlf-cCHnPK95oycA7E9_DnoqpCeaPB04Z0l4jON6wEPFl-CwKS1oEGXE4PB1gaHtSoA1BYTbprdKZhHBNtrDwBw8SQWS47lin-mROIoocipmuO24fVJgtHDhrjnRBtjoobUXZF9lUbG6HVp2nCLEtp2Wrt0Gh4tpSoEwYKnDcPS643dSExKuLXDuT3nQX6Wfm4upxsWBVnL5y0DRYuIbHeieUVlBGFE5v-ftev5M1_Yc0SoVAyAD9iHMLC-esVUz3yaH6w3B7jVDFbhaWqMbK3ltH_m-TBjeZ06h-Gl4fMhRuLDHjqwsStvT_W0Cf995nQz4U4D1QkPDVdRGMRYcXLZLXCOQgw1Yw3YpjjMgrg2VvwswewYZM_6CtHC0yT_Gqsn2gbGFsGOMvzqc1W7St5wNbuLyLaeDvoYdMwVD_jPVz3fXRhukRwThDbekzebTAzr8gRsayFxw5IhDvRiMN5W1JzfdsYIMA5X8mMnsj-z8K09gwInZaVyBAxDIAjQfnaeAaAth2hfVTSz7NXEwz6Ld99tFLUtJxOGhAT5XQawfhUtUSGxnhh_GvOTeSMUYNhNIF2WE5e1IhDTzU28I-G4pwWlCHKlyhpZZbseI0IemsWzMMiKnxFpUT_doVE74yPTLpD0h5MEUuJuY9Bf4BrWyRetLOZnsIerpgTdiYMrp0sglmj-L11iAGnQS-6L1NsQSZynrkdTqKAxeVzR35FhVWwNLvNMLUZRUUOUQqlHqXXhaSUAR8f2cPv7vCwI4aRXHkIjPOtPygzMzPZKQQ6K0zbxR_QywAdtQ2HyT0XTCQk-J87w0NYvSJCAJiKrNYBI2dNIjxKi4ZtEv2njEE8GRsRrfmvMcV4GfKiTsboLpeZkbWUwzW7NUBTtvVm4BB-d5w-S4NEVEZO9nPnHRjiGbYOO1N84Y9zBFwtsa1MpbKRv3p5s8HnNA5rq_BoPW_A36qTySiUVg9J0n9GJq-zQhBpOM6PVukJrGnUk-Nfm1rFbF8kGebFrcd_Zx-xsPTNzDho6BdGS9ya8kc8Kmq56J4AyKf_cmfcA5nF6_MPidqBDrMHtZMd6nN5sLv6wly5_mNNgzk38mgqTVth_kZwIiAtvocbpj6WxOzeOZEJfMq2vDif-omuWPPBKOWC2Uo7g7U8qmizjo0GDaPmJ3u1gH8P9e7HdwtSE2Lcb7GDlIrZu4JhYRKE7aC-bjSshDcPIdGtiGg6ZeECbHsIWNhFMdhlrEy9fuft91ptfUOrTons_jo-Q12tM&cid=CAASFeRoynSFlVn2gI8McttQZD1ALh3CRg&rfl=2%2Chttps%253A%252F%252Fplayrento.com%242%2Chttps%253A%252F%252Fplayrento.com%252F%240

Requested by

Host: playrento.com
URL: https://playrento.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8c2c35304233f4cc6f2d88f319bbd70858d62e749ab6e2ad79325ee4b3240c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14034
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 136B 42 B
173 B 265ms
106ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B12ZOz9Qn8KTwJAf718GkEUrKL2K4XZOqhdIFb3URed4yVWhg1Yd1q7u35-hyKBXyh8Qj2VpeyNBRe94GrreRTuLAp5zjezsqkjvGXSO9qWhI3O9c

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 136B 9 KB
4 KB 167ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 15 Dec 2021 17:14:45 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/578207/53137881/ Frame 136B 46 KB
12 KB 379ms
43ms Script
application/javascript 63.34.178.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/578207/53137881/skeleton.js
Requested by: Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.178.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-178-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b3c47ff6cad912569c0f7d3b2643baf72adc4273da241dfca13c22fdecb4674d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 136B 2 KB
1 KB 333ms
169ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 16:28:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 136B 15 KB
7 KB 235ms
71ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 16:28:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 136B 0
0 176ms
80ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9Sn8J7pTbp0bugJmQti13MrxDMzCZmvhBwcDQTux531LsZF5zR-zi6G5f89_pQd1fShRtHmodgVxdt2aesz5d383p_g
Requested by: Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 136B 119 KB
36 KB 176ms
86ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Dec 2021 16:30:15 GMT

GET
H3 200 container.html Show response
f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA3E 6 KB
3 KB 85ms
85ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 15 Dec 2021 16:30:15 GMT
expires: Thu, 15 Dec 2022 16:30:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0616
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPXKPS7yjxxYyVvZRrgEC7M&google_cver=1

43 B
1014 B

52ms
51ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPXKPS7yjxxYyVvZRrgEC7M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhidxaWfATAB&v=APEucNV1XK0SvmMNgv4mBtN--M_vpu0RDyuUfT_XbE0LTyzSWfZDUbvSlzZyMtw_MgyMMRESYkLIFK_4Ie4F3cb6B-r2j_M9pdOOpDvFdbZLO0aWQJN_m4ZQMJR7OpaDfhMAhvVsLAdzzQVR2rDM88TrKX6bLLvauqZCmfMKEV2kgRxw8Gc_8avYUK6NgX6tandd9E1ozdzmKqR0Xk6n8295iGvmzjR4Qg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:16 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPXKPS7yjxxYyVvZRrgEC7M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0616
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YboYFqDSqKC.IlHfNq2oKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzjhMBQfgvKfZ0mStEx6gg&google_cver=1&google_hm=2

43 B
894 B

46ms
45ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzjhMBQfgvKfZ0mStEx6gg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhidxaWfATAB&v=APEucNV1XK0SvmMNgv4mBtN--M_vpu0RDyuUfT_XbE0LTyzSWfZDUbvSlzZyMtw_MgyMMRESYkLIFK_4Ie4F3cb6B-r2j_M9pdOOpDvFdbZLO0aWQJN_m4ZQMJR7OpaDfhMAhvVsLAdzzQVR2rDM88TrKX6bLLvauqZCmfMKEV2kgRxw8Gc_8avYUK6NgX6tandd9E1ozdzmKqR0Xk6n8295iGvmzjR4Qg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:16 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDzjhMBQfgvKfZ0mStEx6gg&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0616
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPOeNSNGZPSvLv0J0ZYD4sM&google_cver=1

43 B
1006 B

34ms
34ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPOeNSNGZPSvLv0J0ZYD4sM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhC20MOsAhidxaWfATAB&v=APEucNV1XK0SvmMNgv4mBtN--M_vpu0RDyuUfT_XbE0LTyzSWfZDUbvSlzZyMtw_MgyMMRESYkLIFK_4Ie4F3cb6B-r2j_M9pdOOpDvFdbZLO0aWQJN_m4ZQMJR7OpaDfhMAhvVsLAdzzQVR2rDM88TrKX6bLLvauqZCmfMKEV2kgRxw8Gc_8avYUK6NgX6tandd9E1ozdzmKqR0Xk6n8295iGvmzjR4Qg

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:16 GMT
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fb2d4337-7773-4143-aada-d5535bec09ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPOeNSNGZPSvLv0J0ZYD4sM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0616
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwMjI4NDQ0NDY2NDMzODIxMg%3D%3D

170 B
502 B

208ms
74ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwMjI4NDQ0NDY2NDMzODIxMg%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:15 GMT
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 05f14bd9-bc78-47f5-9898-f7d42ffb4147
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYwMjI4NDQ0NDY2NDMzODIxMg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BA3E 0
0 108ms
108ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtbVzFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT1AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8OdBfvbDCEjBIqc4gLDuMX_pZ_375cXsJ-zC9xWPZkqMDH4GRor-4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzM4MzE3MTgzMDYxNDIxNhiV4h8&sigh=daREvAGFdgU&uach_m=[UACH]&cid=CAQSPwCNIrLM2Bj1Xh4kenHw1vsEjFJnQmAzVqjkZ7yVg8tq46mNhHlLHGpGVlQOaZtBKmnp4suiBAb7zGnJPj9G_BgB
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame BA3E 0
0 276ms
38ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U__uEZ-2XawC-gGdg2ICAgAAAO0gSF20iG5G4LMnt_nn2owQFxi6YZD6FUpUHylQKJVZABI&wp=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:15 GMT
server: Kestrel
content-length: 0
server-processing-duration-in-ticks: 285719

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AB38 153 KB
49 KB 248ms
54ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Requested by: Host: f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com
URL: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 74394cb0ec75278d9b71616ae6413b038456f8763c678ecde751fec3ee4a0327

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/

Response headers

date: Wed, 15 Dec 2021 16:30:15 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7DWKIQDcneiNEWqJthCsy2BAm7sc4T3O4bYb5aCrCWk-kRTzxNU--3FXL0mniRkFDxShTg1TySFF2TNKaUFAPZyEE-KFB-zvx0CXRXVt1NoOsToRb76IJP9qApA09ar0l2spfJz5g5qYyAx3ZLw9poLOf4ToD7BPwIPHTKoTAZuLSG4MpH7v4-qAb5kraOuN9ytSvpnZWsItdHuvsfPsTUcjy04eliV-r1TS4koIuIhAP6-IuFNdXXaGnefKGGkSrYZhNw"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 23059467
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BA3E 2 KB
1 KB 201ms
163ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com
URL: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 16:28:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA3E 119 KB
36 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com
URL: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Dec 2021 16:30:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BA3E 15 KB
6 KB 117ms
80ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com
URL: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 16:28:03 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BA3E 22 KB
7 KB 130ms
94ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com
URL: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 15:13:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91017
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Dec 2022 15:13:18 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 136B 24 KB
10 KB 100ms
71ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DI89RTZ-OB57oJr5ygLdXx6leGy0gw03YDDzeR8PVSSOYmo1_rg3boD4pIuw8t5spmxvvJzKVABF6NhD733Hk-3ckAZU1UaSMrIiGpfA7dL1e65us_0u8VElxgAZirDUg3uoFYqtJXDsN40rXzUX7MSMiF_A&cry=1&dbm_d=AKAmf-AklamxqMmRHsmHpBJWkrVTrbpRHnW7X6QwKcBUekrmUJOB3_iqtFiMGiBZ9K6rhsO6i1PKmJDe6tgKx1ql3tJBeq9xj1t0TOoITlyfvlCS9lE2u2c29lXnFh47D62AZtFGod0JWeMRBlQeqypjAs6vAK8tBb5YINtBfh4birqECppEFAJpTIlYRGPG7VyKavkW8hJxE13xdku1WRMeK4WzzzYGXHYZcPxdwOU1tMsARYXW9UeHTKksv12Nu7yrUqht3AA_TxNBnDVjQJHCdQosXxfNzjHjhOtCW720SxQrYtGY5fxE6rKYWluiw90ujU-TlOslxXxYNxddgPqte2oHFmSYvZuP43RsKuJUd5mXrqND8gfb37zVO1ZLXfcWXHyxlNBK86TMGX52niCviQc2np4GNiWbf-VOkFAye3ZMbsKI8drYOUTPiUxC2k4-XBHFKc6USyNDi59OA4XAzCobS_vzAwy3Puif7HJiYZHasbidj_T-76mML_w2IUSod3ExVqXIbNydbCGP0KKUKaCQb9KEsn7FaWPBja9JZP8d5iLZGK9N1G9V0byyLcoEOb5iFHc_JWVrBPN0tQ8m9_Ula9PX0HVtmXqZyz1yLCjGKOLsrfs22Q57MBv9IVTJIfL8o88VQooN7CUuSIiwpZhhwdvEcO71YvaqfZZ0WwuVHTRYq93okX6reVS9r0W5A7-sLsF6mXx_SbYl0Ec1DdF8a7NWMcCMMTaHbItPMAtq1fkdCziiz_9x3a_Ctv1yP9ZdnP7vvW7ePEJc8ALO3lPfCsxnGDCnVYi9Lm8LqfBU6gfRyAqA0iQcly_LyKbLRWzL3LJzNYZqdYuxpXYNMds-5VtitXAyOvOAM09Rp7jZl0oAfe7ZaXj2tBtsfigxVSWRoUJtdChV4Lc1LQTzP-S_Of3Mg289SO1KoL2Luldg98QmS_LmGBPq5MapY0Wz3FNbJ3CB52sm5lSSv43_vjeEMOu6Dq6X4gGiK7nhJeXY6_edTvURxg7GWQCmDJa_wo_z4chrc9x8UtoXpG8df9mZHi9-pxY-zWgajmmTEI2XdZJbw8lZ3GF9TslVqhjvv6OViE4bDkErqJpP5VWGTdmf_F1YRbj9jvreQaH9ISvsmJEzPUStbNPDSWs_nU-WiFQuZib-WUc7IHeXtJeRNKLPBz_ImWu_V0o5vlG9-JW3iUUVot9ePR1pSFrUc044EAeONMO0jdyn9VIG29NoNrwxXxbHxkNrnJDaOmy_y-yudt3wC1tAP4j-TuVsLFilweBcSEfzrqwI7EoFEfcJ_C7KTqDACA763aSWd83MNFU1F28oLlIwnyrJLKbo0F_lUQfPTo8WBqP3SdDEu4tnN_5exT_AcjsmJx3g20peFZHP4a1MKGsaKae7j5gbO8-be7SIs8LIjGLuomruFhCvKvIHmytZoGQigNt8R4kXe71VPyvQBSZByiHs5FUPKdsBtPiKhxrKNehrr9cnbNhVBu9ZN6hMeqWcFhV8IXDlc34T2d3RTEPcVGNF49yoeNvond7on0Jcd3w4XZjPKgtFnhUXCbIbvmTgba37mcGGNTw-S2NRZeXOc0dFD2PZor2l2eC8s7zRb00OOtLQbBmgv9EQBJOBrYEgZ3az5j1DTX0zNrW4UcZAQhIfNJlDZRZNreeyNoES-lAg8nfyfUvv5qovsYPLiqDINNly0W4RG_qTJiOCttc9yvjdBo-7q7eGBvfBAUndAthjYbYvunrYR9ZOgXihlhXQbEFRyQs_fQLwmL72JbeKUQ2udQRpxdt4UD4qf99TmsY31D3Kqfma5M3ew-dFJEZWwNL311uSxAXlb8kIfI59OEN9hzjR_GALHpp5Llo1zpv63ZPRHskMPPV8hhO-Q-1XppcMRBP0-dyjGZv05esuu5ljDPwYvlf-cCHnPK95oycA7E9_DnoqpCeaPB04Z0l4jON6wEPFl-CwKS1oEGXE4PB1gaHtSoA1BYTbprdKZhHBNtrDwBw8SQWS47lin-mROIoocipmuO24fVJgtHDhrjnRBtjoobUXZF9lUbG6HVp2nCLEtp2Wrt0Gh4tpSoEwYKnDcPS643dSExKuLXDuT3nQX6Wfm4upxsWBVnL5y0DRYuIbHeieUVlBGFE5v-ftev5M1_Yc0SoVAyAD9iHMLC-esVUz3yaH6w3B7jVDFbhaWqMbK3ltH_m-TBjeZ06h-Gl4fMhRuLDHjqwsStvT_W0Cf995nQz4U4D1QkPDVdRGMRYcXLZLXCOQgw1Yw3YpjjMgrg2VvwswewYZM_6CtHC0yT_Gqsn2gbGFsGOMvzqc1W7St5wNbuLyLaeDvoYdMwVD_jPVz3fXRhukRwThDbekzebTAzr8gRsayFxw5IhDvRiMN5W1JzfdsYIMA5X8mMnsj-z8K09gwInZaVyBAxDIAjQfnaeAaAth2hfVTSz7NXEwz6Ld99tFLUtJxOGhAT5XQawfhUtUSGxnhh_GvOTeSMUYNhNIF2WE5e1IhDTzU28I-G4pwWlCHKlyhpZZbseI0IemsWzMMiKnxFpUT_doVE74yPTLpD0h5MEUuJuY9Bf4BrWyRetLOZnsIerpgTdiYMrp0sglmj-L11iAGnQS-6L1NsQSZynrkdTqKAxeVzR35FhVWwNLvNMLUZRUUOUQqlHqXXhaSUAR8f2cPv7vCwI4aRXHkIjPOtPygzMzPZKQQ6K0zbxR_QywAdtQ2HyT0XTCQk-J87w0NYvSJCAJiKrNYBI2dNIjxKi4ZtEv2njEE8GRsRrfmvMcV4GfKiTsboLpeZkbWUwzW7NUBTtvVm4BB-d5w-S4NEVEZO9nPnHRjiGbYOO1N84Y9zBFwtsa1MpbKRv3p5s8HnNA5rq_BoPW_A36qTySiUVg9J0n9GJq-zQhBpOM6PVukJrGnUk-Nfm1rFbF8kGebFrcd_Zx-xsPTNzDho6BdGS9ya8kc8Kmq56J4AyKf_cmfcA5nF6_MPidqBDrMHtZMd6nN5sLv6wly5_mNNgzk38mgqTVth_kZwIiAtvocbpj6WxOzeOZEJfMq2vDif-omuWPPBKOWC2Uo7g7U8qmizjo0GDaPmJ3u1gH8P9e7HdwtSE2Lcb7GDlIrZu4JhYRKE7aC-bjSshDcPIdGtiGg6ZeECbHsIWNhFMdhlrEy9fuft91ptfUOrTons_jo-Q12tM&cid=CAASFeRoynSFlVn2gI8McttQZD1ALh3CRg&rfl=2%2Chttps%253A%252F%252Fplayrento.com%242%2Chttps%253A%252F%252Fplayrento.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 16:26:02 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 136B 41 KB
15 KB 174ms
138ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 15:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Dec 2022 15:13:53 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 136B 41 KB
17 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 09:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 09:06:19 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9326 22 KB
8 KB 73ms
33ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 14 Dec 2021 15:13:54 GMT
expires: Wed, 14 Dec 2022 15:13:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 90982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BA3E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6814b6c4baa029c03d29d0b4cf4b71353db056078fb25d3fcd09973b8622645

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 B25292844.297289244;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=3466583962;ord=5vtez7;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H0VFxi6YYWqBf-w7_UP25eDyAra3e6VZ8LcvbbM... Show response
ad.doubleclick.net/ddm/adj/N6410.3885621DV360-JELLYFISH/ Frame 136B 42 KB
22 KB 162ms
89ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N6410.3885621DV360-JELLYFISH/B25292844.297289244;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=3466583962;ord=5vtez7;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H0VFxi6YYWqBf-w7_UP25eDyAra3e6VZ8LcvbbMDaiTzLbeCRABII3kvSlg-4GAgIgKoAHFiOXTAcgBCakC8-fgQgnpsj6oAwGqBN4BT9A5NiOoLecGt-p8lmZJ02gG4Tog_Y3-yNKf5riqrk-4O6jjWJmd8gls2kzwFg7wL4B4ZafQRIo6QKL7NLwVI2cEsieqdSxKLcc6FtdRbfHjWBzVChrN5sZWfsS2b_68-8zwIFnjJJGJbfFNHD-jrfQfNP36RIceMyagoTQ5rzvCWtHOy-cKJBbzJ5_3tfcgsofLgwDvMB5xZ5qTOY9MN3j9mYrUU_bWuR8uyOlquhL_e1ipxO_oj268-BWDH4PGHK1raARaYguEvRg7fAmKNYRS3_sZkAKSBKGDeWnTwASHieeNuwPgBAOQBgGgBk2AB6P3mqwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOlj7kN0BMA2BMNiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoynSFlVn2gI8McttQZD1ALh3CRg%26sig%3DAOD64_2a3C25OdAr9uKrVxkPfPyAIQmNMQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-Bs5JBx_bl9EOwW_I0VwoemOc1174p5dM2n5JIaTOwDb89RtGf92rNndVa36E9caQFxrYK2V_u2Hz8pHBWx1MjktSO0WmCKRurHrGUCIc4JlJ4p0FNAWt5XTSiXqsWCM9RhNIvmzOgGAeQUR_adb9MvC_NVkw%26cry%3D1%26dbm_d%3DAKAmf-A3o26TL-2n13AA96okNPBkSlkLU9fpLRSlIk2tSVmJvbGzrc2QYksUjZlysehuf-g98JfDhLzmRSY6jVAs7YIiGPpnBeui1976SAB5NhzsJcQhBxq78B8u6ZMHAX_Xvq37ne-nWoDU0P2qOPpxGgeamlifNKmyMiCpdfyl78vFGZLptrWHpl1G82Zw5INbmlpRAGby1Y_5yRzwSwRRt4ylhKwb3OVD2-rkKfz6TAtOStbB1nYsZVA2bitkjpGEcQ2I8OaQPbNixmGgZy4apFd4NzcP3W1TXOWob7DrQFDvzqrRnVsGQwmBINixVee31wJg4y6ICs6BWEO6s3S8z1MgzmyChxmETHC0nEOMcayV8VFIKx286injA7GX-zl4p3ela8mEpe02Ekvv8aE4AFHb5RJvP0e9bgiSjS6m7NyUjFL9vj0YxAKaudKG2tOiBE0ioI53%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fplayrento.com$2,https%3A%2F%2Fplayrento.com%2F$0;xdt=1;crlt=x24z5QGaMm;sttr=116;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

f095944788db7ca720cd8e4431d851d7363508bcd86e3e328bb08b0cdd9be77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21838
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AB38 2 KB
1 KB 101ms
51ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy_small.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 adchoices_fr.svg
static.criteo.net/flash/icon/ Frame AB38 2 KB
1 KB 106ms
56ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/adchoices_fr.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-75e"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AB38 308 B
608 B 81ms
31ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/close_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame AB38 507 B
807 B 94ms
45ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/back_button.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame AB38 43 B
319 B 95ms
24ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=qsHhJ_CZEfI74WvhA3x62Dut8XFzsc_VO2ZM14StbbmsSyeZL_T69D9CKDL1iXcEHXJyvW5YtuyFCR4WbpHxc-7ln738R3nTewEOMCD2jF4sXSBvoV4DMgwcQIlH5_jPedr3jqIQ75lq2QqZWyj6kL2qZtKRgE60z9DVUndm-tl_3aoFuVhXVXTPhwRW_h5Dt4t--DOfqHKOsW_EKvjZpCHAU8NxcEsPM8nIlB2pHGuhL1MVLysZlKeypiemsYo0mO9Gz4sVUBz8ogK-XDIDt4abwJ1_MmQmi_a87UAwaLhFiTpn4ARRxwg43JC3OcnJXaEM3U93I7RW9K4igIfz3okGQz9w1HUGvEoPNFvfmbtxjdzABEat93chEfn5hlrPAfINeFPb99_-2okGSfRedoa66vMWexV9FSsD9I6KNk_8Z_ahTArlXX90jpegF-d8rFX1rw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:15 GMT
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3537802
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 6626c99a38994d8bbb4f056ebfbab171_bf6edfada33cbabbe2a1e4a78547247d.jpg
static.criteo.net/design/dt/83724/211124/ Frame AB38 8 KB
9 KB 75ms
32ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/83724/211124/6626c99a38994d8bbb4f056ebfbab171_bf6edfada33cbabbe2a1e4a78547247d.jpg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 73669406aad21c38cac20fe22592e8910314dc8b5dd9ab00e42fb8024f485e55

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Wed, 24 Nov 2021 12:03:45 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "619e2a21-215f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 8543
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 446041d3d9844b1ca3eadb035b873c22_32696b9e52547285074b5d0aca80437c.png
static.criteo.net/design/dt/83724/211124/ Frame AB38 7 KB
7 KB 98ms
55ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/83724/211124/446041d3d9844b1ca3eadb035b873c22_32696b9e52547285074b5d0aca80437c.png
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a40c79b003931f11136c98d5981e4ee5f7fcb7d7562b71c5f957b33b4c72add0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Wed, 24 Nov 2021 12:03:47 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "619e2a23-1c3b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7227
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 23b37b0ed47447be8c210089ebeb7e26_1302063b361d45b392a1e99917c2311d.png
static.criteo.net/design/dt/83724/211124/ Frame AB38 2 KB
2 KB 65ms
30ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/83724/211124/23b37b0ed47447be8c210089ebeb7e26_1302063b361d45b392a1e99917c2311d.png
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2c71b0e12642af48a6731f7ae179c5cb4c20041e01f85094e329136eb5465f50

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Wed, 24 Nov 2021 12:03:50 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "619e2a26-8b4"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 2228
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 e4c28343891a4e44b6408289a9be76eb_bf77ab98ccdbff2d3aca625e73e65bf5.png
static.criteo.net/design/dt/83724/211124/ Frame AB38 8 KB
9 KB 66ms
31ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/83724/211124/e4c28343891a4e44b6408289a9be76eb_bf77ab98ccdbff2d3aca625e73e65bf5.png
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: c461d22109349aae16b48708ecd4fddc9c3c5bbc2cff5b3f66b2c93ac054fd9c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Wed, 24 Nov 2021 12:03:46 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "619e2a22-215b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 8539
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 bf1f7cc9bca442b4ad926eab0b8f53a1_c290392ec6dfdd5649221b06b9cb90f0.png
static.criteo.net/design/dt/83724/211124/ Frame AB38 9 KB
9 KB 85ms
50ms Image
image/png 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/83724/211124/bf1f7cc9bca442b4ad926eab0b8f53a1_c290392ec6dfdd5649221b06b9cb90f0.png
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 99d1df7d3a6fef406a91222c673eb9b88a2ace7f6db53a1f2db6a5d7c651f3fb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Wed, 24 Nov 2021 12:03:47 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "619e2a23-22b9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 8889
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AB38 2 KB
981 B 120ms
43ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 15:38:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 16:30:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 16:30:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AB38 71 KB
71 KB 103ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=83724&q=80&r=0&u=https%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2Fccs%2Fherosku%2F83724%2Fjouets%2Fplaymobiljames-bond-aston-martin-edition-goldfinger-70578.png%3Fc%3D3&v=3&w=800&s=dj0MHgXpKaOA-XWTe6_Ewp0L
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 5e625ded30650495a36cb054f684d86704948e3da506ca752be9c6343c9980df

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 14:22:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 785260
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=30240615
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 72628
expires: Mon, 21 Nov 2022 14:32:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AB38 98 KB
98 KB 136ms
74ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=83724&q=80&r=0&u=https%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2Fccs%2Fherosku%2F83724%2Fjouets%2Fpack-beyblade-sps-motor.png%3Fc%3D3&v=3&w=800&s=hGCsNfjwMw7xe8mEkZiMP7QQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 0ac006355276cfffe792f65b2f350fbf79a443ae09982e7b4132140e11391d89

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 14:22:35 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 785260
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=30240614
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 100212
expires: Mon, 21 Nov 2022 14:32:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AB38 96 KB
96 KB 142ms
87ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=83724&q=80&r=0&u=https%3A%2F%2Fstatic.fr.eu.criteo.net%2Fimages%2Fccs%2Fherosku%2F83724%2Fjouets%2Ftableau-en-bois-double-face.png%3Fc%3D3&v=3&w=800&s=-XAPyCnlTxIO4OYfV39Vkmww
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: pix.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e99ec6869bd15bea953359c16a0b3882d94df869633ad24a23642315a143a445

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 14:22:35 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 785260
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=30240610
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 97801
expires: Mon, 21 Nov 2022 14:32:45 GMT

GET
H2 200 zepto-studio-1.0.1.js Show response
static.criteo.net/zepto/ Frame AB38 28 KB
11 KB 31ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/zepto/zepto-studio-1.0.1.js
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
last-modified: Wed, 21 Aug 2019 08:32:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5d5d018f-6f5d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 9326 35 KB
13 KB 67ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 15:24:47 GMT

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame AB38 33 KB
33 KB 74ms
31ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 03:02:29 GMT
x-content-type-options: nosniff
age: 48467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 03:02:29 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AB38 0
99 B 73ms
20ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=7DWKIQDcneiNEWqJthCsy2BAm7sc4T3O4bYb5aCrCWk-kRTzxNU--3FXL0mniRkFDxShTg1TySFF2TNKaUFAPZyEE-KFB-zvx0CXRXVt1NoOsToRb76IJP9qApA09ar0l2spfJz5g5qYyAx3ZLw9poLOf4ToD7BPwIPHTKoTAZuLSG4MpH7v4-qAb5kraOuN9ytSvpnZWsItdHuvsfPsTUcjy04eliV-r1TS4koIuIhAP6-IuFNdXXaGnefKGGkSrYZhNw&sds=2&rev=79757.1&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 16:30:15 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AB38 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AB38 2 KB
1 KB 21ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/flash/icon/privacy.svg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:30:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 136B 8 KB
3 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N6410.3885621DV360-JELLYFISH/B25292844.297289244;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=3466583962;ord=5vtez7;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC4H0VFxi6YYWqBf-w7_UP25eDyAra3e6VZ8LcvbbMDaiTzLbeCRABII3kvSlg-4GAgIgKoAHFiOXTAcgBCakC8-fgQgnpsj6oAwGqBN4BT9A5NiOoLecGt-p8lmZJ02gG4Tog_Y3-yNKf5riqrk-4O6jjWJmd8gls2kzwFg7wL4B4ZafQRIo6QKL7NLwVI2cEsieqdSxKLcc6FtdRbfHjWBzVChrN5sZWfsS2b_68-8zwIFnjJJGJbfFNHD-jrfQfNP36RIceMyagoTQ5rzvCWtHOy-cKJBbzJ5_3tfcgsofLgwDvMB5xZ5qTOY9MN3j9mYrUU_bWuR8uyOlquhL_e1ipxO_oj268-BWDH4PGHK1raARaYguEvRg7fAmKNYRS3_sZkAKSBKGDeWnTwASHieeNuwPgBAOQBgGgBk2AB6P3mqwCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOlj7kN0BMA2BMNiBQB2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASFeRoynSFlVn2gI8McttQZD1ALh3CRg%26sig%3DAOD64_2a3C25OdAr9uKrVxkPfPyAIQmNMQ%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-Bs5JBx_bl9EOwW_I0VwoemOc1174p5dM2n5JIaTOwDb89RtGf92rNndVa36E9caQFxrYK2V_u2Hz8pHBWx1MjktSO0WmCKRurHrGUCIc4JlJ4p0FNAWt5XTSiXqsWCM9RhNIvmzOgGAeQUR_adb9MvC_NVkw%26cry%3D1%26dbm_d%3DAKAmf-A3o26TL-2n13AA96okNPBkSlkLU9fpLRSlIk2tSVmJvbGzrc2QYksUjZlysehuf-g98JfDhLzmRSY6jVAs7YIiGPpnBeui1976SAB5NhzsJcQhBxq78B8u6ZMHAX_Xvq37ne-nWoDU0P2qOPpxGgeamlifNKmyMiCpdfyl78vFGZLptrWHpl1G82Zw5INbmlpRAGby1Y_5yRzwSwRRt4ylhKwb3OVD2-rkKfz6TAtOStbB1nYsZVA2bitkjpGEcQ2I8OaQPbNixmGgZy4apFd4NzcP3W1TXOWob7DrQFDvzqrRnVsGQwmBINixVee31wJg4y6ICs6BWEO6s3S8z1MgzmyChxmETHC0nEOMcayV8VFIKx286injA7GX-zl4p3ela8mEpe02Ekvv8aE4AFHb5RJvP0e9bgiSjS6m7NyUjFL9vj0YxAKaudKG2tOiBE0ioI53%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=2,https%3A%2F%2Fplayrento.com$2,https%3A%2F%2Fplayrento.com%2F$0;xdt=1;crlt=x24z5QGaMm;sttr=116;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 16:25:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 136B 0
524 B 154ms
68ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0A8sonA3WzfJWy3Ee388wV9ju_ATMbEEuxXK5zRCUEcrFoplwl_r7HNRPTI7qkWmzHrO1Pn9KnjUtz4POQ42myq-5wXZ_wCd6E4DiF7TgoyE310hF-3Bq57WouvwKt26_9V8V62hHmFESDn22VZD0xXEvlSrXM1mZnW9VzS6OkkrUvE9tLuc&sai=AMfl-YQLQvB0I8ZFG3AYGRj_HKGZgkSTSa7VmCR4cRKgoZ6ke4nz_w&sig=Cg0ArKJSzADxFnPT2-4vEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211207.84966&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 16:30:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 11017619634122854374
s0.2mdn.net/simgad/ Frame 136B 46 KB
46 KB 103ms
34ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11017619634122854374

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c492d9c251ed43d3354b6530510ecc02eb3a845d32acdce146c3d6666960712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:37:04 GMT
x-content-type-options: nosniff
age: 586392
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46880
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 15:47:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 21:37:04 GMT

GET
H2 200 main.gr.19.8.273.js Show response
static.adsafeprotected.com/ Frame 136B 187 KB
60 KB 144ms
48ms Script
application/javascript 2600:9000:211e:4a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.273.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/578207/53137881/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 17:46:17 GMT
content-encoding: gzip
age: 427439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 10 Dec 2021 17:31:00 GMT
server: AmazonS3
etag: W/"dbbed9b42f871ade260381ef78b0cd71"
vary: Accept-Encoding
x-amz-version-id: RbTKyuj_rScIKJ79M7NB4z2hCQfzt2bN
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: 9SXCsKu9JWvqG0R1L2vDG4mLXiuFYAT6qXK7INvPq4ocZiVKrb3GFA==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 136B 119 KB
36 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Dec 2021 16:30:16 GMT

GET
DATA 200
OK truncated
/ Frame 136B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49914e063d94eedc1743bda6457e495c709c68dba811defd438cef6be64bff42

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 91BD 22 KB
8 KB 30ms
30ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 14 Dec 2021 15:13:54 GMT
expires: Wed, 14 Dec 2022 15:13:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 90982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 4666 0
209 B 155ms
50ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4666 11 KB
8 KB 84ms
43ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff15f34fbf9ff4a73f4247cc739a43e39ffa4a8721eae4fb59e9f07786a1d73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8558
x-xss-protection: 0

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 91BD 35 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 15:24:47 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 503A 28 B
54 B 63ms
63ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/fr_FR/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/_BLK8l-OtlM
X-YouTube-Client-Version: 1.20211210.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtNYzNSWHlQdElMVSiVsOiNBg%3D%3D
X-YouTube-Ad-Signals: dt=1639585814032&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C624%2C340&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 15 Dec 2021 16:30:16 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 136B 0
23 B 120ms
67ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 16:30:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4666 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Wed, 15 Dec 2021 16:30:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9326 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSZTBFxi6YZ6DKtnv7gP82rnIDAAAAAA4AeAEAg&bg=!hoWlhcHNAAZKWFskSlg7ACkAdvg8WstqVC9D95QJOoqIkjq7JMtHh_df5Yv--Tun9BzbSGRVyjgThQIAAACXUgAAACZoAQeZAysulk2iZaWF0DjpSycm3PXVveeJ4WwUPXIFb_dzT4zp714AhXy3YT26v_fIuW9QgUBOqpaxa980gBWd75TH8nxgmdFafs9ZwObpAB4kxAwX9OJkdKT_DfjT2rmF2f-3cx33XzHQVtjCFv2lzqH0DzyxTtLpZvZzsQOzbrr0wZ1QAT_sbdtElz-TX-FyD97AAzkIhCbYfjDrfDMZXX4-RWrQZK1M1DfAs4YpNNQ8F72QvvAzJmOioKE2eSMxyFlP2BeJ8bJHapNRG1x0vabuLMPyD5fp6f5frIVMkxRJ-VECKpU2jy-x4RKeRF-T8yhx3pa93j6DHbgWBJ4Oy2p6y5Vu-EvjRDbUWKGzv5SHTPjoQvfJphWa0BqV5NPr4v0F1cMYtzTa8yIiy4PMY2c_SdLFHIL6J9a9YSZLU8LoCnio8qPf8L0gFg1p8-zzh9jMjlBWiHYpqIkYNANw61DTMxJNHIxaQWP14ZD5hna-8tgXXShMQUsZuuK2bwwXGDI0pIdYDiOa-EEVF4c8EKYEaKL7sfFB2vyolCJORteoH7syPjSCzc8PUjDSjJ0vl_Q6w9yRCDOUuAtl3yuRc1QhriXyTRu7TIx3g3yiPlR2OBt7sloNjacv_yzfavpFJ2elmtZXztslgi9854knLuLHRZxl3gtSvx4ix9OK619efQH7TAnu1J9Mk0OeROXVvyllxnYzUdNcHRVwcx3oi0c6M3YV1sVfnLrgGDP3vYhw8ZZ_wq7z7d-I6Z50tiZJL4i-Q5Gux5ANF8J-Zh8Key-0S9I0RGByKY2gA4ZICyksyuzAZSOqXgB1DyqA4UeQP0Mn5CmxVhMOriD3bEajDkj8xHgvsH3YwtyeLaTP5H16Q0H4g8-LWbxA5GY2LfBB8it6E-aJQY4U0hwhOr0YIQ1zA7FvzWWavho9ocatA3CYZPxAx8IC-9Ep8iQ6gtk8uw4z-GSUoYZWgfvAMsBoQayJ3DUApEWy2O6GcEmo-tN9bT_K2X6wf53r1JxxSiN2oX6Tf-yA8Lq2TEx9FsJQq2WW9zgqLihUzBX6FsSeuk1fP5G17MSZrxooITAkm7aA

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame BA26 0
208 B 42ms
42ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: playrento.com
URL: https://playrento.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA26 11 KB
8 KB 48ms
48ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2581d53b17e4c12ac6843cd1b8e0b2a1669b45a23db307e959683e3653f7e219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8451
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 136B 57 KB
22 KB 30ms
30ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

24c11ee30699eb692260f80e31b87c841b1caf1736cc701004446f8efa9ad7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22234
x-xss-protection: 0
server: cafe
etag: 15485993355261459839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 17:21:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA26 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=playrento.com&doc=complete&pg_h=131&pg_w=1600&pg_hs=131&c=1&aa_c=0&av_h=101&av_w=1600&av_a=161600&b=0&all_b=0&d=0.771&all_d=0.771&ard=0.771&all_ard=0.771&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 136B
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/578207/53137881/skeleton.js?adsafe_url=https%3A%2F%2Fplayrento.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fplayrento.com%2F&adsafe_type=e&adsafe_url=https%3A...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

27ms
27ms

Script
application/javascript

2600:9000:211e:4a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Server: 2600:9000:211e:4a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
age: 13938860
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: zK2B4XEqXPlp-wEl6Iv-SYgEYTKQRNsQGW94W82tDF_95wTP8jLqdw==

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1E5C 80 KB
21 KB 32ms
32ms Script
application/javascript 2600:9000:211e:4a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
URL: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6510106
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: 8etWZ2G8z63xbyMZkhS537pFE2jGDg86yNp_6qfuasw-QSyMmMQc4g==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA26 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Wed, 15 Dec 2021 16:30:16 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 136B 43 B
216 B 553ms
178ms Image
image/gif 35.85.194.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=578207&asId=147eb70c-5cd1-1032-990f-676c82ff2291&tv=%7Bc:wSQdbh,pingTime:-3,time:275,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:241%7D,%7Bpiv:0,vs:o,r:l,t:275%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:275,n:275,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:241,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1,0~0%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:o,t:275,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRGeZFG+11%7C1211%7C1212%7C12131%7C13%7C141%7C142%7C143*.578207-53137881%7C1431%7C1432%7C14331,idMap:143*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.194.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-194-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 136B 43 B
215 B 552ms
180ms Image
image/gif 35.85.194.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=578207&asId=147eb70c-5cd1-1032-990f-676c82ff2291&tv=%7Bc:wSQdbi,pingTime:-6,time:276,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:276,n:275,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:241,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1,0~0%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:o,t:275,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRGeZFG+11%7C1211%7C1212%7C12131%7C13%7C141%7C142%7C143*.578207-53137881%7C1431%7C1432%7C14331,idMap:143*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:playrento.com*%2Cplayrento.com*&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.194.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-194-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 136B 43 B
215 B 543ms
179ms Image
image/gif 35.85.194.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=578207&asId=147eb70c-5cd1-1032-990f-676c82ff2291&tv=%7Bc:wSQdbs,pingTime:-2,time:286,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:173,bdZ:570,beA:731,beZ:732,mfA:954,cmA:956,inA:956,inZ:960,prA:960,prZ:966,si:974,poA:974,poZ:989,cmZ:989,mfZ:989,loA:1007,loZ:1009,ltA:1017,ltZ:1017%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:728.90,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:241%7D,%7Bpiv:0,vs:o,r:l,t:275%7D,%7Bpiv:100,vs:i,r:,t:285%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1,o:285,n:275,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:241,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1,0~0%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:o,t:275,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D,%7Bsl:i,t:285,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRGeZFG+11%7C1211%7C1212%7C12131%7C13%7C141%7C142%7C143*.578207-53137881%7C1431%7C1432%7C14331,idMap:143*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:43,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.194.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-194-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E0CC 13 KB
5 KB 29ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 15 Dec 2021 16:13:48 GMT
expires: Thu, 15 Dec 2022 16:13:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF9E 783 B
534 B 38ms
37ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ef430c44b025364043f339aa48b06e2225652ac8282a6277a3c31914242c6e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X+e69gnkerGXn4n/Mac3Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 15 Dec 2021 16:30:16 GMT
date: Wed, 15 Dec 2021 16:30:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-X+e69gnkerGXn4n/Mac3Dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 csi
csi.gstatic.com/ Frame 136B 0
17 B 126ms
62ms Ping
image/gif 2a00:1450:401b:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kx7r28qn&chm=1&c=3590131676622485&ctx=2&qqid=CMWR2ZCd5vQCFX_Yuwgd28sAqQ&met.4=fb.4q~lb.kd~ol.pt~idt.co~dt.-cu&met.3=374.ey~733.l2~742.l2_1~374.m1~743.mk~733.mk~742.mk~749.oq_3~749.ot_1~734.oz~734.oz~735.pb_1~735.pc~740.pd_1~735.qf_1~735.qg~736.rq~734.s3~734.s3~113.sf_2~112.se_2&met.1=1.kx7r27y9~6.0~7.1~8.1~9.1~10.29~11.1~12.29~13.4e~14.4f~15.4g~16.mk~17.mk~18.ml~19.ps~20.ps~21.pt~22.ru~23.ru&met.7=CBsQCBgBMJ8BOKEHUAFYUWABaFFwngF40BqAAaQYiAHOL7ABAbgBAw~CCgQBRgBIKsBKKsBMI8COGRorAFwjgJ4wASAAZQCiAHwBLABAbgBAw~CCgQChgBIKwBKKwBMKoCOH5orQFwpgJ4_m-AAdJtiAHQvAGwAQG4AQM~CBwQBhgBIK0BKK0BMLcDOIsCaMwCcLUDeNYCgAEqiAEqsAEBuAED~CCUQChgBIK0BKK0BMNkCOKwB~CB4QChgBIK0BKK0BMPsDOM4CaNICcPoDeOAMgAG0CogBnhOwAQG4AQM~CBsQCiCtATiNAw~CBwQChgBIK0BKK0BMKIDOPUBQK4BSK4BUK4BWNECYO4BaNICcJkDeOw0gAHAMogB0nWwAQG4AQM~CBsQBhgBIK0BKK0BMN4COLEB~CCoQChgBIK0BKK0BMMIDOJUC~CAkQChgBIK4CKK4CMJ8DOHBQrgJYywJgrgJozAJwkwN42EyAAaxKiAGQvwGwAQG4AQM~CCcQChgBIK8CKK8CMPUDOMcBaNICcNwDeJN5gAHndogBisUCsAEBuAED~CCYQChgBIKMDKKMDMPsDOFg~CCcQBRgBIIsEKIsEMNgEOE1QjARYtARgjARotARw1QR490OAActBiAHqsgGwAQG4AQM~CBsQChgBIJgEKJgEMNQFOLwBQJgESJkEUJkEWOAEYK4EaOEEcLoFePqsAYABzqoBiAGx0gKwAQG4AQM~CBwQChgBINkFKNkFMPcFOB5o2gVw9gV48BqAAcQYiAHrPrABAbgBAw~CCIQARgBINsFKNsFMPYGOJsBQNsFSOsFUOsFWLAGYP4FaLEGcPQGeKwCsAEBuAED~CCkQBhgBINsFKNsFMOMGOIgBQNsFSNwFUNwFWKAGYO4FaKAGcMIGeMzwAoABoO4CiAGg7gKwAQG4AQM~CBsQCiDcBTjBAQ~CCoQChgBIN0FKN0FMJIGODQ~CCcQBRgBII8GKI8GMLAGOCFokAZwrwZ490OAActBiAHqsgGwAQG4AQM~CCIQARgBIPoGKPoGMPMHOHhQ-wZYrwdg-wZorwdw8gd4rAKwAQG4AQM~CCgQChgBIKwHKKwHMNQHOChorQdwygd4hrABgAHarQGIAebJA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:401b:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8597 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Wed, 15 Dec 2021 16:13:48 GMT
expires: Thu, 15 Dec 2022 16:13:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FDA 783 B
533 B 38ms
38ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23913d11e17d3dbb0f9678307e71452ca08620c3bc4989ce0105763397394bfd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hHhwhSMCWjEHHDDRoDmbMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 15 Dec 2021 16:30:16 GMT
date: Wed, 15 Dec 2021 16:30:16 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-hHhwhSMCWjEHHDDRoDmbMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 91BD 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxL4QGBi6YfjiB7yV9u8P-K6XQAAAAAA4AeAEAg&bg=!Z2SlZCDNAAZKWFskSlg7ACkAdvg8WuIZ4CB1zJCZHB4XFneBkKdd8VKmgiQx3EwSTRnm-CsEZ0cjfQIAAACdUgAAAA1oAQeZAyKMfBvETY0myxwmTuMTPL9ve79oPvPOddCN2_3-0zYPmcwcpaCgJkTPU8WCHMh2Xuf-Bf721_saaPtF7fnEE7g5X8gig1gUeZMc6gXYNbUPG8Mq32kdNSXkrfpSP7vba8wNHYNC4QXbddUKq3Ln0CqKaHptJ7RIc0Lwzn_4cbjC23ZiUcFxk0I-CocdFZdQflBQxaLDZIoVQFVn60VLwLngSvm9ECOYeqky5bAbkowdhC6tqS687xDyGqkYuRVLtgRxkLr95nDtf-5X0OradtzL0j3kagpKiZvoOJ2X7PyKMhZY60JaNwOBgLbvjM56gIqr45e8nTR4mT555RhQXInlX9j0qpFj4o9h5KN85VH68qG_rV7pQoxJxB-O9RMQYGAIaAAZsEVg0q_3HUPcZmGwIdqicEi7TNrkl1q4X72vtteJH-BOgY8oGQWcJ_wOE5sC3lOGklk3MqIXpyti4SVYqj2KYK0cklEbXykasK5XdgrCXluKHCAEw_RKrajxw7sx4InMwU4Z9AZmnjHLMeR9h2PUn16wLCOBxWWTy6GJb6m8OTyRbNKnlInoKDDtX00EYCB7QqpTlcLbyZodv-9HfgnyXNgMLtla3gto_17SbTIEwhNcX-nx2xAbsdCQ4KJPILMgY7kYufiDXBOfpkhBQBeudzLuKp_ocIuFi5M6PyoElZ6rErnXHGIrxlQRuOPMI44p9R54FuePuTouhS8HtfJnZtPJzUyh5LrUn7mM3HLvPhl0aTP8lhj5pebdACYzQ90WSDHf5NkWLBwX2dHz_RpgDhCWz1mdcBV2maoX8Jcrs7EOrAqv_EYmzQ1ZIh4VlZRHZK9hjRWFkLJCjb4pfC1xv9SXq7pInQm1q8s7t8ygJ6mYEyV_B1rHU9-eCbwheFfCSuDlyMQLYYAuq38RcOIzwvKtxfNYd0j5TyWjV-4aBxB3zsxDvfBlnFg4UcLZ8sidu7a0TZbQeJam-klwzNKD4a1R6IGY8o6_D7mwR2Rr03xwOMrOj9pTQjYsBtkuZCByswNsO1egov0EebM2VpDFVN7TPL570nTvK_Orefl3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame E0CC 35 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 15:24:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF9E 0
0 69ms
69ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=867847765400964&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame 8597 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 15:24:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 15:24:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3FDA 0
0 77ms
77ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3590131676622485&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 136B 43 B
215 B 591ms
331ms Image
image/gif 35.85.194.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=578207&asId=147eb70c-5cd1-1032-990f-676c82ff2291&tv=%7Bc:wSQdd8,time:390,type:e,im:%7Bimprf:%7Bttecl:880,ecd:28,tsecr:1%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:105,o:285,n:275,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:241,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1,0~0%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:o,t:275,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D,%7Bsl:i,t:285,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~100%5D,as:%5B105~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sRGeZFG+11%7C1211%7C1212%7C12131%7C13%7C141%7C142%7C143*.578207-53137881%7C1431%7C1432%7C14331,idMap:143*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.194.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-194-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4666 0
20 B 65ms
64ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=867847765400964&bg=!_f6l_rrNAAZKWFskSlg7ACkAdvg8WmhcFrlvXvVPWMg78Hye376IJSOKUu7lEGTC6ueMhOJYwqGFIQIAAABuUgAAAAloAQeZAsQGNvikqm5Mzuqy-woRIhYAqpffAmnPko0gtKTrOp8-ZUZGGLQjmEv1ZCHpp5ktxE79xLAMYMGpLHIpmdlDSObHmp3WpFSACvE89XiKSNEvGXdnq98mgYXKQ0lf6JaaI7p5zRCn7JotZV_SK-Zf5-84JkUQ365ad3Rh4Qt3oVahxNhQk1_WPgXXXlwQ3cWhPK5cHJ_FMohDsqEu950ZvVJwaepGfwzvsevYWrDy7dd6khD5-2F8Y5c6XoczX0OoQ__9u5YsxNcqzYOaSYCzSR5Ewv_u1Ax9xkB2yKuNl59uw3QqVJXhTO8jlhyvDVYPvbn-UsozhPpJ6wGNe3pduoM2v_f5NSSJyUw6ePZtJtJ1ffr1EOc-W0a0b0B5KFo_jBEuF9ML-CYSyuacW3YcBemiCE5mDxUrvK2tsu2IE5LtVkXZEiHAIUYQ8kVdrmSezR9_Sdd8GMK-EunFqqXY1tb6D70rJV3eG881fG2cDHwGwBIUM3i0d9gGZa_myuYQUCEVF6SlqLMNYNndkSWfrVqDhhwcbRTD7BINcJPzX466a37Q5zEItGnYGExp_-azCe5SpGEslZQLzTYR579fdKvXUT7TkK6gByMk4LBRJauPxWUG5dPRt_UbMb-z62BM_P9fvkWDd2Gm-BeSWUyQsWpuDyBkLJBYNjGPk0-G9wFGXIJ3NBJGwiRS4sq96_jUaBv48baB43J3ieUkTYi6hoPTXw6Rtzoz-R0eyweZz87y2FsAxAQw5QllJd9mCDNToTfyyml5fnu8sLYGU6HkHbSCC3gSY9CMAulNU-KO1U3QJCKn4Hp3KL0m0ube2eVSQPfun2IXnPpv-evUVNd08ktpKkysHu5syoAFGyLzudgEZMwYlXC3rLQn5JaYavGjV6UtcM7FnXd5BRCgFK296j9TJE-arN3DM2l8YIvBZY48vE2zC_k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA26 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3590131676622485&bg=!oaKloubNAAZKWFskSlg7ACkAdvg8Wqio5ug30I95gP2Buo7uq_jqwIAjCr5asisXVJRN8X24DMU11AIAAABeUgAAAApoAQeZAuYUzY0ivTqxW_4xwhTaQw3humziL0T0sca6s9E8ddqgJy8mRu98wi4NFMv3ciPxpkNSDtrXmenJ2tGiM2oV6O6NXLjWx0pqsmDXAZDCv9_nXK8A0tJMlKnegfZlr_a2z6V3O6a-XDs1iANwf-3iOANMaasM-7Nwkl40urlmfyHXk809JZo56pAwSS5Z-jMV0hq_eCnUOOoJCZsHj51DxqtFk4zC2b4h5NePXo_kKhoNiL5e6Xt19C3EQ5DJbzQ4DWv2BCAmKm2OYQNTvL0y9i8eUi6k697p-0a7iWWuWCYf4Kn0OnwOzSaFB5do8qSmvzBnUr40LNddmdIXIj9iFxtpSAgNtnLPaDCu7sKJIB8eI8hKokOVp8CMO94kTSAMhjvE806urMh0R5s8--wcHxHZjJ6JOguTiTWArshQeWr1a2aEgmFP5QvIEB8Y-LPRMWRnnaO55mcaoYBShw-QnI9DbuNjy2W0-vIUckXaJOrKx5rZrKQkJmO51xuOgpENsaHdAtaNEDvxcxEKt2WK_r-OicS_cbV5C6UeHRbu2GrjOIYoEGJ2AyEX0jm4-U_hnHw7a-syNppTnTaJBpiGt2xGQhGMjKHAIpv2I_aXvLSiTwSmyN-3LVqq_ZNn0CFHNv903EPJdwlNjwvq4hZdqeLacf6ci1pqPcQ22QAdQ_WqWID9b9hFcE0aH65VSAjA5SJIWfNe5M_Gzs2j0es22vBM4KHaBE2qVzP2M31HJiKE5FFVUZ5TG2B6ih4fraP1A6TOIP20fE8_1uzz7DNPnlkg-1HhAS-_J_5K-TQ1o8NFd2ytMqQPmg1Gs-7t-XzB3fMZYoGVL0bTyjBGC4iyIGcoRdZkLlKZOOoC0VkZnaFsDE3u-oXbNCacH5Yiujyi30H4X9Uarc0yKD--YXYOkiCH9tHrD3nYQaM4ncP0bVc_WL7HniviFbXu_-RPS3FADWeqxhkDbGphDNYDmlBpGBHL7fS4w3VM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 136B 43 B
215 B 249ms
190ms Image
image/gif 35.85.194.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=578207&asId=147eb70c-5cd1-1032-990f-676c82ff2291&tv=%7Bc:wSQdgl,pingTime:-10,time:589,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ni4wLjQ2NjQuOTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639585816809%7C%7C51819cdb0b08fd5bb2f770f33cc15b97%7C%7Ca2fdad25d911a8a4b39828759d282361%7C%7Cb5060bce0e09f5e46652dfdb19ed55ea%7C%7C18e9cdebfb4d40c1a23bcf8959af5173%7C%7C9c7204da4f95d2bfa51ea02ef5465efb%7C%7C4de6c4683adc0a5d193735d2b11ef289%7C%7C2e1dd869438403a2460688846e361473%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.194.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-194-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 all
csm.eu.criteo.net/ Frame AB38 0
99 B 21ms
21ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://csm.eu.criteo.net/all?cppv=3&cpp=7DWKIQDcneiNEWqJthCsy2BAm7sc4T3O4bYb5aCrCWk-kRTzxNU--3FXL0mniRkFDxShTg1TySFF2TNKaUFAPZyEE-KFB-zvx0CXRXVt1NoOsToRb76IJP9qApA09ar0l2spfJz5g5qYyAx3ZLw9poLOf4ToD7BPwIPHTKoTAZuLSG4MpH7v4-qAb5kraOuN9ytSvpnZWsItdHuvsfPsTUcjy04eliV-r1TS4koIuIhAP6-IuFNdXXaGnefKGGkSrYZhNw&sds=2&rev=79757.1&sendBeacon=true
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YboYFwAD1EAKd7zHAAVRbn7kjz_ZJnxmKi1bIA&u=%7CgvmH7z1pGRsQTt8drnFrzJSUWQE892cWayjU4Amgf9E%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6WyyA4XzUeR_Ax2VYC7MH2dZ5skqZibqeV6qApiuFsLIP-jDCTUtsg1GoNkNy5pUkghPS0AXHLv1l-XLdVips4kOlxmRxUhhjeNlAWnMBI8rU9B0BhSmoGzAq2RnvsfEnZJ20ZMedEsTRyVaz-aMYqY8JnBjEEmfN3VgBTCi9EDQUQXCGgOKOjTmc-DTotr4TZuB3kinLHbKKHefcv6ArUE5LDy0HqMiwyLbVyiRghWpD5eIbNPrgcEa6BuHXEttuw_SuxpWAGoonuLQvLgAjURSbO4FpdPvBog0_DWf4Kzcj2yu3uAIr7D3K5bYf3legRRzTNLJ7deb_OIvWjav642RuYCWC8XycGZok43MQP2eUhR71FzDtjzb-XuE8d_ohZ7972COJj7UrBCdPhlgOX039NzQU9RSamk6wuF2jwdPmRhqxsghai_kn3PIhwa9Ys&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTslJFxi6YcCoD8f53gPuopWgA8me0rFc1Z2R93DAjbcBEAEgAGD7gYCAiAqCARdjYS1wdWItNzM4MzE3MTgzMDYxNDIxNqAB1bbS6gPIAQmpAgM-6TdP5rI-4AIAqAMBqgT4AU_QmEAJxiCTJsSy5jJ8alBBZ3WWIt2aTsM4nxiq5PKTH4g7MsEk5BuDVKife6NtGikb5xq5tjdrBcZcXnA0nf_nge_j9uw0SJkuKtf_Q6SbvX_Olh3Bc-lHrA88GHkNnMKvQtKdfPdf2IP83CnzRkDEcxCF8GAy-QG5ATipzSA65UHusvtBo4nQdPKNDHX1Ou_ZvrNUkA8uFpPH75yT0A3nv_5RPCxYPVyFVg2Xf8eyhqQX1hEsJVRLctOm9_ecUqDFd1pRUFNwhvX4u1JN8KVDX2REh9TSnTssI2DTl4fgc_dN7-v0pVgKyrN92VSgFPuswplBcOaO4AQBgAbHq8TO3f6_9p0BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2tylDKoW3DZ8gKHp0uV6BlGufmqw%26client%3Dca-pub-7383171830614216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 16:30:16 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 136B 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz3yC0406Mkaq3l9uVpx3yFeSMYO7WSfIZ8Fc2YDO-VH7EC1WTFE98ECb0OQ4EO3eevTTrDjzQzmmY7Q5KBBrsxp6_X4cQzrMx_Pf_jQVZF6VZD2UP4Q&sai=AMfl-YQ9XZ2wBQ9dPtR59P1xnhd3utU7gk4JeNAEwZKLNaZmCY4K7STk2SU1fanqK0kyfP2ccoNX01PebO3w9ZdRbNGKIyLEOC-nchBfDSAGeiPFE4lLNA_xZoitC4eukGw&sig=Cg0ArKJSzE9wCNwVrRknEAE&cid=CAASFeRoynSFlVn2gI8McttQZD1ALh3CRg&id=lidar2&mcvt=1000&p=4983,5,5077,733&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=730903818&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639585815489&rpt=890&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 136B 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7wctCWg_xj72rgcAmI-GLDgn8tD-yM3dF86AerWGqxRoqxl_Qh246hij2XeZYm0_2TOFJYRPNiVWfbnAeJJbrvIZjSzwPuTw&sig=Cg0ArKJSzA52bZJHERa8EAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3466583962&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639585815489&rpt=893&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 136B 43 B
215 B 178ms
177ms Image
image/gif 35.85.194.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=578207&asId=147eb70c-5cd1-1032-990f-676c82ff2291&tv=%7Bc:wSQdrA,pingTime:1,time:1286,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:241%7D,%7Bpiv:0,vs:o,r:l,t:275%7D,%7Bpiv:100,vs:i,r:,t:285%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:285,n:275,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:241,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1,0~0%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:o,t:275,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D,%7Bsl:i,t:285,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:593,fm:sRGeZFG+11%7C1211%7C1212%7C12131%7C13%7C141%7C142%7C143*.578207-53137881%7C1431%7C1432%7C14331,idMap:143*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.194.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-194-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:17 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 136B 43 B
215 B 179ms
178ms Image
image/gif 35.85.194.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=578207&asId=147eb70c-5cd1-1032-990f-676c82ff2291&tv=%7Bc:wSQdrA,pingTime:1,time:1286,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:241%7D,%7Bpiv:0,vs:o,r:l,t:275%7D,%7Bpiv:100,vs:i,r:,t:285%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:285,n:275,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:241,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B49~1,0~0%5D,as:%5B49~728.90%5D%7D%7D,%7Bsl:o,t:275,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D,%7Bsl:i,t:285,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:593,fm:sRGeZFG+11%7C1211%7C1212%7C12131%7C13%7C141%7C142%7C143*.578207-53137881%7C1431%7C1432%7C14331,idMap:143*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.85.194.216 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-85-194-216.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:17 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 204 csi
csi.gstatic.com/ Frame BA26 0
17 B 62ms
62ms Ping
image/gif 2a00:1450:401b:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kx7r27k9&c=3590131676622485&e=31063378%2C31061691%2C31061693&ctx=1&met.9=1.iu~2.pj~3_2.up~7_2.0~4_2.173~5_2.17c~6_2.1x8&met.3=831.pk~827.pl~5.pm~74.pm_1~43.pn~86.pn~86.pn~6.pn~91.pn~95.po_1~1.po~1.pp~573.pp~598.pp~54.pp~38.pp~2.pp~2.pp~51.pp~49.pp~49.pp~38.pp~573.pp~598.pp~54.pp~51.pp~51.pp~49.pp~49.pp~77.pm_4~894.pr~724.pr_1~86.rv~86.rv~86.rv~86.rv~86.rv~86.rv~76.rv~112.ta_2~246.td_2~86.u6~76.u6~38.u7~573.u7~598.u7~54.u7~51.u7~51.u7~573.u9~54.u9~598.u9~49.u9~54.u9~598.u9~49.u9~54.u9~598.u9~49.u9~54.u9~598.u9~49.u9~54.u9~598.u9~49.u9~54.u9~598.u9~49.u9~573.u9~54.u9~598.u9~598.u9~49.u9~598.u9~49.u9~598.u9~49.u9~598.u9~49.ua~598.ua~49.ua~598.ua~49.ua~1.ua~1.ua~11.ua_1~76.u6_5~725.uc~872.uc~907.uh_1~831.up~808.up~705.up~808.up~646.173_1~800.174~800.174~800.176~800.176~709.176~800.176~801.17h~825.17h~801.17h~355.17h~825.17h~708.17h~831.17h~825.17h~598.17h~708.17h_1~598.17j~54.17j~708.17j~647.17j~863.1lt~863.1we~863.1wg~415.1x8~844.1x9~710.1x9_2~844.1xb~710.1xb~94.1xc~573.1xq~598.1xq~113.1xp_3~783.1xu~598.1xu~716.1xu~863.1z6~680.1z7~824.1z7~824.1z7~680.20i~680.224~863.287~680.288~824.288~824.288~598.2pp~715.2pp&met.10=1_1.IKQHEAAIABiAmHUoAA~1_1.IMQIEAAIABgAKAA~1_2.INQIEAAIABiAmHUoAA~1_2.INITEIDiCQjA7gkYgJh1KAE&met.7=CBsQCiAFOOoDwAGszJT9DQ~CBsQCiAGOIsCwAGzloHbDw~CBsQCiCNBDiOAcABh9P1pQ0~CBsQCiCQBDinAcABztyHyAM~CBsQDSCUBDiMAcABr729_g0~CA0QChgBIJQEKJQEMJkFOIUBQJUESJUEUJUEWNoEYKcEaNwEcIAFeM7UAYABotIBiAGX8wSwAQG4AQPAAeHb5t0L~CBsQDSDOBDj3AcABjLCiqQk~CBsQDSDQBDipAsABvIf6VA~CBsQDSDSBDh7wAGijvrWDA~CBsQDSDTBDjwAcABp8uYrAo~CBsQDSDVBDj9AcAB4JjemgU~CBsQDSDWBDiFAcABgOGgyAs~CBsQDSDYBDhnwAHp_P2pDA~CBsQDSDaBDh7wAH0hsSTDA~CBsQDSDbBDhGwAHzx6Q3~CBsQDSDcBDj9AcAB6bWklwc~CBsQDSDdBDjIAcABrpWXgwY~CBsQBSCABTinAcABxO_xxQE~CA4QChgBIKYFKKYFMIgHOOIBQKcFSKcFUKcFWPEFYL8FaPEFcKUGeOCnB4ABtKUHiAHP3RWwAQG4AQPAAancj7kM~CBsQDSC_BTiIAcAB3Neh1Aw~CBsQDSDFBThOwAHooIexBA~CBsQDSDFBTh1wAGDwojKCw~CBsQDSCKBzh8wAHh653NBA~CCgQChgBIJ8HKJ8HMJsIOHxQnwdY1Qdgnwdo1QdwhQh4hrABgAHarQGIAebJA7ABAbgBA8ABm-H6cA~CBsQDSClBziAAcABl-6ZrQQ~CBsQDSDeBDjfA8AB5IOfqA0~CBsQBiDyCDhtwAH048_mCg~CC8QBxgBIMgIKMgIMOMJOJsBQMgISMgIUMgIWLsJYO4IaLsJcOMJeJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CC8QBxgBIMgIKMgIMKMKONwBQMgISOoIUOoIWN0JYJEJaN0JcKMKeJADgAFkiAFrsAEBuAEDwAHO1MaACw~CBsQBRgBINMIKNMIMK8KONwBQNQISPcIUPcIWOQJYKEJaOQJcK0KeNAagAGkGIgBzi-wAQG4AQPAAcuSgIMJ~CBsQARgBIKMIKKMIMMYKOKICwAGkoPylBw~CA8QDRgBINEIKNEIMI4MOL0DaNEIcI0MeKBPgAH0TIgB_5oBsAEBuAEDwAG_3prrBg~CBsQBRgBIJsMKJsMMLoNOJ8BUJwMWOwMYJwMaOwMcLkNeNAagAGkGIgBzi-wAQG4AQPAAcuSgIMJ~CBsQDSC-EzgrwAG5marZAQ~CCcQDRgBIMATKMATMPITODJowBNw8BN4r0SAAYNCiAHrVrABAbgBA8AB8_LLrgs~CBwQBhgBIM8TKM8TMI0UOD5o0BNwjRR4rAKwAQG4AQPAAZSE4rUO~CCcQChgBIIUUKIUUMKwUOCbAAeLBm9oF~CCcQBRgBILUUKLUUMNQUOB_AAZmVn6AL~CBsQBRgBILUUKLUUMOAUOCvAAc_G2uIB~CBwQBhgBIIUWKIUWMMgWOERohRZwyBZ4rAKwAQG4AQPAAZSE4rUO&met.1=1.kx7r26qu~14.4~15.0~16.4~17.4~18.4~19.4~20.4~21.4&met.2=19.5~17.gl~18.sm&qqid.1=CMWR2ZCd5vQCFX_Yuwgd28sAqQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:401b:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame BA26 83 KB
26 KB 30ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:17 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Dec 2021 16:30:17 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F620 11 KB
5 KB 37ms
37ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=playrento.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2242
date: Wed, 15 Dec 2021 16:30:17 GMT
content-length: 4683
strict-transport-security: max-age=86400; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame BA26 83 KB
26 KB 76ms
37ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:17 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Dec 2021 16:30:17 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 4666 83 KB
26 KB 25ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:17 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Dec 2021 16:30:17 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F620
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=playrento.com&sn=ChromeSyncframe&so=3&topUrl=playrento.com&bundle=e5t1hl8lMkY2WHltV2lvN1lGbkJvQ0FkWUcwMW9aUEE0MGpMVyUyQiUyQnVWUTFicm4xZXFB...
https://mug.criteo.com/sid?cpp=-yMYxXxWbUxQQ0wyd2RONlpOQlQ2QWJWRmxhSTAvdWZ5bmQ5OUJKQXB6amtCQWIwUzdZT3VlOFljNkEybS8vSWxHMDdGZklSbmhPTGJzM05pSDNnNGgrV2doK3dpQ2JuTFRQTHpIZWZmMmpkQkMxUjV2Y0Fqb0N4YkpIME...

438 B
630 B

23ms
22ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-yMYxXxWbUxQQ0wyd2RONlpOQlQ2QWJWRmxhSTAvdWZ5bmQ5OUJKQXB6amtCQWIwUzdZT3VlOFljNkEybS8vSWxHMDdGZklSbmhPTGJzM05pSDNnNGgrV2doK3dpQ2JuTFRQTHpIZWZmMmpkQkMxUjV2Y0Fqb0N4YkpIMEdkbmZ0MzZ4Tys5NHNnb0o3b0xUUjNJaUNBbjBkelc0M0dXa2RhVTVxK09WZS8wenF6QzdRVTBmb1VsUUJWYnpQZWpkWHAyc0h0SUJWa1NTU0VGM1lZQVZWSC8vWDQzWEhua0VFMXVEUlYycmFLUGZYYlYxZERtRXR3ajFkQk9ieVMxVmhQcFh0RjFoK2FlOHM5NXhCMEQ1WWZ1cUhYOG5DanJjSTAvMXB1Y09kN3B1Vkp4cz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b23c4cd852b9d5cddcc3769c6d2f11e7b76c5acebc577c18ab543cb37c4a2adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:17 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2134
strict-transport-security: max-age=86400; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:16 GMT
strict-transport-security: max-age=86400; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=-yMYxXxWbUxQQ0wyd2RONlpOQlQ2QWJWRmxhSTAvdWZ5bmQ5OUJKQXB6amtCQWIwUzdZT3VlOFljNkEybS8vSWxHMDdGZklSbmhPTGJzM05pSDNnNGgrV2doK3dpQ2JuTFRQTHpIZWZmMmpkQkMxUjV2Y0Fqb0N4YkpIMEdkbmZ0MzZ4Tys5NHNnb0o3b0xUUjNJaUNBbjBkelc0M0dXa2RhVTVxK09WZS8wenF6QzdRVTBmb1VsUUJWYnpQZWpkWHAyc0h0SUJWa1NTU0VGM1lZQVZWSC8vWDQzWEhua0VFMXVEUlYycmFLUGZYYlYxZERtRXR3ajFkQk9ieVMxVmhQcFh0RjFoK2FlOHM5NXhCMEQ1WWZ1cUhYOG5DanJjSTAvMXB1Y09kN3B1Vkp4cz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1933
content-length: 567
expires: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 4666 83 KB
26 KB 29ms
29ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:17 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:11 GMT
server: nginx
etag: W/"618cb99f-14b33"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Dec 2021 16:30:17 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame A0C9 0
91 B 33ms
26ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Wed, 15 Dec 2021 16:30:18 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 5F2F 926 B
1 KB 104ms
36ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Date: Wed, 15 Dec 2021 16:30:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 64a2/mMiEAEcE6A0Bt+2Erlf5G8/Vr6F+aKm35SudGm/mhDDMsfdh3kdR47hqOgX9Nj5IT4Nh94=
x-amz-request-id: WMCZ1XWCTS57FSV5
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 6021
Expires: Wed, 15 Dec 2021 16:31:18 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6be10e431f6c0843-CDG
Content-Encoding: gzip

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5E96 2 KB
1 KB 118ms
41ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 15 Dec 2021 16:30:18 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9B16 52 KB
17 KB 67ms
19ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 15 Dec 2021 16:30:18 GMT
Age: 50311
X-Served-By: cache-lga21950-LGA, cache-cdg20777-CDG
X-Cache: HIT, HIT
X-Cache-Hits: 2, 402271
X-Timer: S1639585818.078528,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame 5062 658 B
750 B 102ms
102ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: a0a2f992df3df49f6a0515ed0afe7073f7206086c69fad44945b289f59625098

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9B16 0
733 B 51ms
51ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:18 GMT
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 14947bfb-0239-41d4-9bff-2039ecc719d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame BA26 0
17 B 61ms
60ms Ping
image/gif 2a00:1450:401b:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=3~kx7r29iq&c=3590131676622485&e=31063378%2C31061691%2C31061693&ctx=1&met.6=6.1_Cg4Y-CAggwQqBggGEgIQAQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:401b:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://playrento.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 9009 926 B
1 KB 32ms
32ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Date: Wed, 15 Dec 2021 16:30:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 64a2/mMiEAEcE6A0Bt+2Erlf5G8/Vr6F+aKm35SudGm/mhDDMsfdh3kdR47hqOgX9Nj5IT4Nh94=
x-amz-request-id: WMCZ1XWCTS57FSV5
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 6021
Expires: Wed, 15 Dec 2021 16:31:18 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6be10e46b9250843-CDG
Content-Encoding: gzip

GET
H2 200 sspmatch-iframe Show response
ads.betweendigital.com/ Frame B014 0
72 B 103ms
102ms Document
text/html 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 8EC8 0
35 B 51ms
27ms Document
text/html 35.244.159.8

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 -, , ASN (),
Reverse DNS
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Wed, 15 Dec 2021 16:30:18 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BA2E 52 KB
17 KB 19ms
19ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 15 Dec 2021 16:30:18 GMT
Age: 50311
X-Served-By: cache-lga21950-LGA, cache-cdg20777-CDG
X-Cache: HIT, HIT
X-Cache-Hits: 2, 402277
X-Timer: S1639585819.680083,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 019D 2 KB
1 KB 40ms
40ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://playrento.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 15 Dec 2021 16:30:18 GMT
Connection: keep-alive

GET
H2

200

match
ads.betweendigital.com/ Frame 5062
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=ee56251a-8a2e-4a5a-9be0-b278a0f514c0
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=ee56251a-8a2e-4a5a-9be0-b278a0f514c0
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0

68 B
607 B

105ms
105ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0
Date: Wed, 15 Dec 2021 16:30:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 5062
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L2jF9IRygZ.AikABlF9vu4pGg

68 B
607 B

102ms
102ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L2jF9IRygZ.AikABlF9vu4pGg
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f11-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=L2jF9IRygZ.AikABlF9vu4pGg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 5062
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=0a265c90-7b87-535d-871a-e6e0e6a0fef6
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiasOiNBlIFvp7KygpiJDBhMjY1YzkwLTdiODctNTM1ZC04NzFhLWU2ZTBlNmEwZmVmNg**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiasOiNBlIFvp7KygpiJDBhMjY1YzkwLTdiODctNTM1ZC04NzFhLWU2ZTBlNmEwZmVmNqIBEErN2YpdxBHshuAAJZDAZHw*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiasOiNBmIkMGEyNjVjOTAtN2I4Ny01MzVkLTg3MWEtZTZlMGU2YTBmZWY2ogEQSs3Zil3EEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiasOiNBmIkMGEyNjVjOTAtN2I4Ny01MzVkLTg3MWEtZTZlMGU2YTBmZWY2ogEQSs3Zil3EEeyG4AAlkMBkfA**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4acdd98a-5dc4-11ec-86e0-002590c0647c

68 B
607 B

106ms
106ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4acdd98a-5dc4-11ec-86e0-002590c0647c
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 15 Dec 2021 16:30:19 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=4acdd98a-5dc4-11ec-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 5062
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=58c5bc9341393a63ed9f3798

68 B
607 B

102ms
102ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=58c5bc9341393a63ed9f3798
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 15 Dec 2021 16:30:18 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=58c5bc9341393a63ed9f3798
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame A647 4 KB
1 KB 200ms
29ms Document
text/html 151.236.71.19

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=0a265c90-7b87-535d-871a-e6e0e6a0fef6&CACHEBUSTER=666548
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://ads.betweendigital.com/

Response headers

server: nginx
date: Wed, 15 Dec 2021 16:30:18 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 81C7 1 KB
3 KB 160ms
83ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c9d031b81fe4d93e0dd5961c1daae5dd17b34abca096fe82fe7f647dbc7efa4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|73|5|188|47|152
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1476
Expires: Wed, 15 Dec 2021 16:30:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:18 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BA2E 0
733 B 30ms
30ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:18 GMT
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f67c5edb-d245-4163-adb9-31e0906b6e95
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame A9BA 2 KB
3 KB 122ms
46ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a2b3782f1ae9089b7e84e5412caa2ebe848175be1428f1e47e731568851e5547

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|73|191|40|190|81
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1578
Expires: Wed, 15 Dec 2021 16:30:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:18 GMT
Connection: keep-alive

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 81C7
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t

43 B
645 B

105ms
105ms

Image
image/gif

209.54.176.128

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.176.128 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JSP09CQ8PG6X7PJSNGZB
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YN8MMYB4RJT6B56HJ112
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 81C7 70 B
265 B 120ms
38ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 81C7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1

43 B
315 B

50ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:18 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 81C7 43 B
872 B 155ms
47ms Image
image/gif 2a05:d018:d29:3602:74fc:7750:9e36:ae36

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:74fc:7750:9e36:ae36 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 81C7 0
0 212ms
73ms Image
text/html 2606:4700:3039::6815:c034

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c034 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 81C7 0
88 B 417ms
101ms Image
text/plain 52.45.16.192

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.16.192 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 81C7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Cb4RzuWK1MXxay5&gdpr=1

43 B
1 KB

52ms
52ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Cb4RzuWK1MXxay5&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:19 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:18 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=Cb4RzuWK1MXxay5&gdpr=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 81C7
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7b47fc2f-4ebf-4bbf-9748-8ec0336cf5f0

43 B
1 KB

44ms
44ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7b47fc2f-4ebf-4bbf-9748-8ec0336cf5f0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:19 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7b47fc2f-4ebf-4bbf-9748-8ec0336cf5f0
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 81C7 43 B
425 B 42ms
41ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YboYFqDSqKC.IlHfNq2oKAAA%261143
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:18 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1676
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:58:14 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A9BA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t

43 B
645 B

106ms
106ms

Image
image/gif

209.54.176.128

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.176.128 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 76VTKVFCX33RMMACNBAK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: PC4S3KNBPQZG1ZS7JZVX
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame A9BA 70 B
264 B 121ms
41ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame A9BA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1

43 B
315 B

43ms
42ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:18 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:18 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEN5vApwIs45l9SrGPCMiMwo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A9BA 43 B
874 B 159ms
52ms Image
image/gif 2a05:d018:d29:3602:74fc:7750:9e36:ae36

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YboYFqDSqKC-IlHfNq2oKAAABHcAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:74fc:7750:9e36:ae36 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:30:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame A9BA 43 B
253 B 176ms
123ms Image
image/gif 35.241.40.233

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 -, , ASN (),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 16:30:18 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Wed, 15 Dec 2021 16:30:19 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame A9BA 0
0 38ms
37ms Image
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A9BA
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BTeTFAI-wBQeY8gTUT_cTVUylUMeMZMQBT-ii5e8

43 B
1 KB

61ms
61ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BTeTFAI-wBQeY8gTUT_cTVUylUMeMZMQBT-ii5e8
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:19 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=BTeTFAI-wBQeY8gTUT_cTVUylUMeMZMQBT-ii5e8
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame A9BA 43 B
425 B 77ms
36ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YboYFqDSqKC.IlHfNq2oKAAA%261143
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:18 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1676
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:58:14 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 927E
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

98ms
98ms

Document
text/html

18.213.10.151

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://playrento.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.10.151 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab1554641556676e9bf4107a9a55a8d2c44e159e335565a9e0084c6503edc8c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Wed, 15 Dec 2021 16:30:19 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Wed, 15 Dec 2021 16:30:19 GMT
pragma: no-cache

Redirect headers

date: Wed, 15 Dec 2021 16:30:19 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1

GET
H2

200

match
ads.betweendigital.com/ Frame A647
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
https://x.bidswitch.net/sync?dsp_id=59&user_id=71a944c8-0878-4dc9-80cb-e27657e0c657&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0

68 B
607 B

106ms
105ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=ee56251a-8a2e-4a5a-9be0-b278a0f514c0
Date: Wed, 15 Dec 2021 16:30:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9B16 0
733 B 48ms
47ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5bab0259-544b-4247-9f0c-43d4e4d70d04
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame A647
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4acdd98a-5dc4-11ec-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=4acdd98a-5dc4-11ec-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=b5sg2clOqobzeHOvsuQ%2Bng&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=b5sg2clOqobzeHOvsuQ+ng&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=b5sg2clOqobzeHOvsuQ+ng&extra2=aidata&google_gid=CAESELWPI722CFEhht_DjREWTAs&google_cver=1

43 B
516 B

186ms
41ms

Image
image/gif

31.172.81.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=b5sg2clOqobzeHOvsuQ+ng&extra2=aidata&google_gid=CAESELWPI722CFEhht_DjREWTAs&google_cver=1
Protocol: HTTP/1.1
Server: 31.172.81.172 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:19 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 16:30:19 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=b5sg2clOqobzeHOvsuQ+ng&extra2=aidata&google_gid=CAESELWPI722CFEhht_DjREWTAs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame 927E 43 B
1 KB 78ms
45ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=ba989dba-f71d-44f4-80ee-ee87e9b49269&expiration=1647361819
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 15 Dec 2021 16:30:19 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BA2E 0
733 B 34ms
34ms Script
text/html 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 16:30:19 GMT
X-Proxy-Origin: 37.120.204.198; 37.120.204.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d5a462e0-7b1d-4c15-9951-42e3a2748391
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6773
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

29ms
29ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=0a265c90-7b87-535d-871a-e6e0e6a0fef6&CACHEBUSTER=666548
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 15 Dec 2021 16:30:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 15 Dec 2021 16:30:19 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6773 32 KB
10 KB 34ms
34ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fe65c69aebe71039902645cc96ed098f382cc6bfd4e5bb29e9f873a73fc2b2e6

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 16:30:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 01:01:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31029
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Thu, 16 Dec 2021 01:07:28 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6773 284 B
536 B 38ms
37ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET 666548
www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame A647 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tns-counter.ru
URL: https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/666548

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
playrento.com/	1970-01-20 00:09:37	Name: PHPSESSID Value: gou3stq887u0enjvuvilnjtm21
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: nM85_NCIHBs
.youtube.com/	1970-01-20 03:45:37	Name: VISITOR_INFO1_LIVE Value: Mc3RXyPtILU
playrento.com/	1970-01-20 00:09:37	Name: _pbjs_userid_consent_data Value: 3524755945110770
.playrento.com/	1970-01-20 08:12:01	Name: _pubcid Value: d4d887f6-872c-4750-b98a-1b01f7e068c4
.betweendigital.com/	1970-01-20 08:12:01	Name: dc Value: was1
.betweendigital.com/	1970-01-20 08:12:01	Name: ss Value: 1
.betweendigital.com/	1970-01-20 08:12:01	Name: tuuid Value: 0a265c90-7b87-535d-871a-e6e0e6a0fef6
.betweendigital.com/	1970-01-20 08:12:01	Name: ut Value: YboYFgAMBiC-_ir8TAsAG2tbiQ7tJCgH86QxAQ==
playrento.com/	1970-01-20 08:48:01	Name: cto_bidid Value: MfLGdl92WGNRTzVFWmhjemRPJTJGa0ZKYSUyRmdMdDB4Qjdyb1lTVkw1bVMlMkZObkdJQlMlMkJaZHJ4aEwwYnJMa1BBcnpJRjhBaTRwUkZKcTZHcUZJWVQxTUE5b21iTkhBJTNEJTNE
playrento.com/	1970-01-20 08:48:01	Name: cto_bundle Value: e5t1hl8lMkY2WHltV2lvN1lGbkJvQ0FkWUcwMW9aUEE0MGpMVyUyQiUyQnVWUTFicm4xZXFBS2hhcVRvWTViVzd3VWE4RG8lMkZyZDdNYnVFa245VnhBZkI3TTclMkZzaWM2NHZiYlBWZzdDRHllejclMkZjeGZIM3lUN1h4dXZVR2ZleVdwMDBsN1ptZW9QcQ
.casalemedia.com/	1970-01-20 01:36:01	Name: CMPS Value: 1164
prebid.a-mo.net/	1970-01-20 08:12:01	Name: __amc Value: 1_1639585814_1639585814
.a-mo.net/	1970-01-20 08:12:01	Name: amuid2 Value: a1849c92-6306-42cc-964f-965b5dbd77be
.casalemedia.com/	1970-01-20 01:36:01	Name: CMPRO Value: 1143
.casalemedia.com/	1970-01-20 08:12:01	Name: CMID Value: YboYFqDSqKC.IlHfNq2oKAAA
.adnxs.com/	1970-01-20 01:36:01	Name: icu Value: ChgI3ct7EAoYASABKAEwl7DojQY4AUABSAEQl7DojQYYAA..
.adnxs.com/	1970-01-20 01:36:01	Name: uuid2 Value: 5602284444664338212
.playrento.com/	1970-01-20 08:48:01	Name: __gads Value: ID=f028af593bb8e694-22f46f4408cd00d6:T=1639585815:S=ALNI_MaO4z2pB595toKiXUbNBuBMj1S3_A
.doubleclick.net/	1970-01-20 08:48:01	Name: IDE Value: AHWqTUlr6ngusyQCnfoaNlIWzeo153MgjVqnXlmfzywL35_8-YIODcqssUyRrx0eDQU
.adnxs.com/	1970-01-20 01:36:01	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVHd4lU+!]tbPl1M>e)ZlrFUfJ+tGXvX+N$_p`X9oS(I4)PnN]<_'Yq1lP^NC+.3:+>xbpRzqF1`b_WR#I=f
.casalemedia.com/	1970-01-19 23:27:52	Name: CMST Value: YboYF2G6GBgA
.casalemedia.com/	1970-01-20 08:12:01	Name: CMRUM3 Value: 2d61ba18182760CAESEDzjhMBQfgvKfZ0mStEx6gg
.criteo.com/	1970-01-20 08:48:01	Name: uid Value: 6923b0b2-1d60-41bc-b350-ba0ff675d233
.playrento.com/	1970-01-20 08:48:01	Name: cto_bundle Value: hXFwNV8lMkY2WHltV2lvN1lGbkJvQ0FkWUcwMWklMkJVZkkyYjNJam1waDlQJTJGVDlwY3RVN2hDZVB4clJXNktDaDJCanpEUTZrOU9uOHVwb1dKaHFkYk5jSVQwZjlaRFQ5YTZJNFJ5eXhwWCUyRnA0N2p5TkdHSWlGVmcyR3ZYNkJXT2oxaXh3bllKQ3AlMkY0WThQcjYlMkZDZndKbHVjbVFsYXclM0QlM0Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oJwAA%261143 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=1&gdpr_consent=&uid=YboYFqDSqKC.IlHfNq2oKAAA%261143 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1220ed8fd8c09e8aaed993255f7d8dd2.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.fr
adx.adform.net
ap.lijit.com
bidder.criteo.com
biddr.brealtime.com
bidswitch-eu.splicky.com
c.amazon-adsystem.com
cache.betweendigital.com
cat.fr.eu.criteo.com
cm.g.doubleclick.net
cs.emxdgt.com
csi.gstatic.com
csm.eu.criteo.net
dmp.brand-display.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eus.rubiconproject.com
f5e1355f6052d1b7b138850289f6e6e6.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
js-sec.indexww.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
node.setupad.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.adsafeprotected.com
pixel.quantserve.com
playrento.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
pubads.g.doubleclick.net
px.adhigh.net
rtb.adentifi.com
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
stpd.cloud
sync.bumlam.com
sync.extend.tv
sync3.adsniper.ru
sync3.sniperlog.ru
tagan.adlightning.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um2.eqads.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
www.youtube.com
x.bidswitch.net
x01.aidata.io
yt3.ggpht.com
www.tns-counter.ru
104.17.119.107
13.32.29.201
142.250.184.230
142.250.185.162
142.250.185.66
142.250.186.66
147.75.38.124
151.101.1.108
151.236.71.19
159.89.25.223
168.119.168.202
178.250.0.139
178.250.0.157
178.250.0.160
178.250.0.162
178.250.0.165
18.185.171.80
18.195.155.181
18.213.10.151
185.184.8.65
185.33.220.244
185.86.138.122
194.190.76.41
195.154.106.178
2.18.234.21
209.54.176.128
23.37.38.181
23.37.42.132
2600:9000:211e:4a00:8:48e:53c0:93a1
2606:4700:20::681a:8b2
2606:4700:20::ac43:4bf1
2606:4700:3039::6815:c034
2606:4700:3108::ac42:28fd
2606:4700::6812:272
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2016
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2006
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:401b:800::2003
2a02:2638:1::13
2a02:2638:1::2
2a02:2638::18
2a02:2638::3
2a05:d018:d29:3602:74fc:7750:9e36:ae36
3.126.38.41
31.172.81.158
31.172.81.159
31.172.81.172
34.98.64.218
35.156.230.193
35.241.40.233
35.244.159.8
35.85.194.216
37.157.4.40
51.195.5.234
52.17.151.21
52.223.40.198
52.45.16.192
54.86.54.37
63.34.178.174
65.9.64.126
69.173.144.139
72.251.249.9
89.108.120.76
96.46.186.57
00b3b0b438a1a3e7f01112f487ffb01e64db47935eb0e1e2927bdb4811ee935f
01bd83f8aec34240bebf6811ef98f0fbdadb3f3f1b820373a72357e9cfac5b91
066ee0c3302143d4757cdb6acc6b94ed6652e1504ec9472eddfa4a245d21d80b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0774113f0ee1c6bd5a73c95bec59c8d536f21929be30b934865cf839ad2fd9c4
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac006355276cfffe792f65b2f350fbf79a443ae09982e7b4132140e11391d89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1442fff89f39fdcb58444fac8119d945c62b56c0827896094dd9635cdf64a794
1b43c50e78861648ef7d89435ba46dfb9a80f9b2dbde3a51e9053599e7e5f97f
1b9cce0e936048383711530d309ea901c046d91ecb72ec8629b84ea005c3dd2c
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23913d11e17d3dbb0f9678307e71452ca08620c3bc4989ce0105763397394bfd
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
24c11ee30699eb692260f80e31b87c841b1caf1736cc701004446f8efa9ad7f3
2581d53b17e4c12ac6843cd1b8e0b2a1669b45a23db307e959683e3653f7e219
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b75399afac771b69eea3a0afb7c2993339dc3c3c8bdaae7c7cf6a6bac906efd
2c71b0e12642af48a6731f7ae179c5cb4c20041e01f85094e329136eb5465f50
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
3086b0d7d8794f0eb35628ff777781e62dcfe8daa0b5347e9ab4232a8e814dc6
32f4fd99d45f996d836819b6b7e65ab5cf38d56950a230204c3bdaf8651e56a5
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
36f9e09aff3e804d6fb601fa5a322651490056c2ad9345a8d897592d8401b32a
3984580315105678e95b727ad819af2a9e5456c36726c5b720ee39b0c41a9fd8
3d1ed1affc8bef9859778b9821375af240dff09e4aa8411456d3168206ed6fe7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4242dd15359fa7bbd212ccd1d4573193bffe980ec2d87851215a94484fee4a18
440f145199d6f9407944b8d42fccab58c72c29f76c44e481c4dfaca1de52d9f2
46598da199ff89f48a8d794aa9547c9e729b60b6ac0a0fcc925c56702d55d460
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4832bacf3ca0142fe8c8eac6f8a590ad60bc2d006fd7001f1cf35e56d0570e60
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49914e063d94eedc1743bda6457e495c709c68dba811defd438cef6be64bff42
4a9cf9fe55d2740f89e2bbbd96b47d2793948cb9480aae05f7db428b41e9d8dd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0f32a00e2e5123efc567d501376d2cd929e6f80b0970d88e455364047accce
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
534838b0bb1d51d565835b272ed07219ff0494dc5770ccff08a9babb8a46ceb1
543a1236baadb53fae40e38560acfddba4e71140aab04389a961ae52046f550e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
592c0dd39c50fbb09f0fe8cc3d42df7ffdedb41fd30f8ba1cf6664eac1c1e196
5d2955922e5eb8cf40fd048aa24ccec33000c051d2bd995238003fe1c264d7ca
5ded03731dc38d96f11a50bc816923dc0a85eb7851d8b8596b56ff083172b16e
5e625ded30650495a36cb054f684d86704948e3da506ca752be9c6343c9980df
5ef430c44b025364043f339aa48b06e2225652ac8282a6277a3c31914242c6e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6203a724c916a02c7315c11aa93673f31c94b8b8923c0b1c24498316bf99bca5
62e61332d226845672d7c3596a6e6e7a50a18917e1678a5f6c62acd3e11d0d17
66673d0b4c8c341378a025ddaac4287c285ba15046485b1782cebfb676010e7b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68967dd22a741f256cb480e1f984d0153c3b480c082335a6afde23aaaff9974e
6b77e6042e69c1bfe1735bed3e3f048ac6c735a3975d5bfae61af5f2019b70e8
6bb7e1ef531075ce136925099e18dd1c7f9e8946ed2d60e7fc0e7feda5127178
73669406aad21c38cac20fe22592e8910314dc8b5dd9ab00e42fb8024f485e55
741ef1e1c358aa43b0f8e210c6caf68bd4aec51b329f2cd7970eb7773b81b4b2
74394cb0ec75278d9b71616ae6413b038456f8763c678ecde751fec3ee4a0327
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7794a35404083a71c400c71d689820e8cfde6e57a74190b9ef1937302d1d1f68
7c492d9c251ed43d3354b6530510ecc02eb3a845d32acdce146c3d6666960712
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fbecc0664365b7a928b0530106c327ecaa9ddf838cccd596fe3a48bdc7250ac
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
80fd176b393ae6856b8e87e2140f1e4d7e1c01de429cdcfa1a7cb7a1188e491c
82469f22589dafc42f48eca0fe6109c7c9e639f19e054b41313f19d1b2ca130c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e6d468e9bd9cd239342d611a7a87b4a79539e132332014496e7930284ca724
84af9a91a0ff9d42fe6abc848bc852f91bdd780eedf263d7c93f86c8af90997d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88a9ae6f4226f2a69171713a1a08bf670297ae4b2517d8df0d707a206b0bb5b2
8af382f2bf1c515d529103bedb916a3cb1472446b60bf0673e150621311b733c
8bc40f263d0a1fbb8421a5fe91ccb4ab7eb23b9b4c12a16e09703cd336d7cbb5
8c2d5f1af3ecb9736b338c75f00a4e0429ac9f91eff20a5f374f7657c0d3d5a8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e22cc7c0776cc9fc2d482bf258e54b52de9f6d1f92f435a0626f81371d19d8b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
903e384132753c595dcdb7c734c4727528595f29d50462c259505fb93ca503ca
926e9eca2a85ad55a07431d65bb75d68898491b9f019b8233476f39a87f3ac91
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98ccdd74d201275a5e6d90fc9769ca682a8edf381bf95c6cce465ed5dc5ec11c
9956231f3db0daee705727c64da7566b4f1eddd4d5d5e548e9c4c3f8a9851fb3
99d1df7d3a6fef406a91222c673eb9b88a2ace7f6db53a1f2db6a5d7c651f3fb
9ab1a8e8b2f0c0e2bcb0e9da0854517f270c35988fbc522682f0e95bcba8dfac
9ba0396d1001f2f2c4bc32aed4a2fcd96032353f276f10a41e5baf22d0959665
9c0cb94cbe878ea5d5da995c383be11303881ec9362c7e4712de94b984b398b6
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dff37121507808136616142c6f29f066a4a8fb32094c1a71c34f6f74af38dc9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a2f992df3df49f6a0515ed0afe7073f7206086c69fad44945b289f59625098
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a2b3782f1ae9089b7e84e5412caa2ebe848175be1428f1e47e731568851e5547
a40c79b003931f11136c98d5981e4ee5f7fcb7d7562b71c5f957b33b4c72add0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f5f0a68b10d96a9c69a8d5cc638387d5e1b1f7f7f38b57a11f8923af19b1dc
a8c2c35304233f4cc6f2d88f319bbd70858d62e749ab6e2ad79325ee4b3240c4
ab1554641556676e9bf4107a9a55a8d2c44e159e335565a9e0084c6503edc8c7
af5e025585bead2f3a5cb34cfd09a8f3008915614aa4092e8b9248b772dec462
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23c4cd852b9d5cddcc3769c6d2f11e7b76c5acebc577c18ab543cb37c4a2adb
b2af092bbbe2865602beef247486d2c405dff79c6826ae3e389e9db5fba57062
b3c47ff6cad912569c0f7d3b2643baf72adc4273da241dfca13c22fdecb4674d
b44e693ac9a4edb423ec7e932a45a0b0f45ffe6898713484cc24741ea6a397c8
ba5923c17ddb466ea1ad69503c74086bae45ab0128bbf33fdb8d4e7f82cb1629
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfe38b7787ab34a6bbca380e565613060f3c5df4b83d23443a24e6409633c175
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c41c7e5c097d1924fe97fc7992586fb9a10700728fa6b664057c75ddc14209d2
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
c461d22109349aae16b48708ecd4fddc9c3c5bbc2cff5b3f66b2c93ac054fd9c
c4be6bb57b520fdc7db538f112cc1d7b7652a9b7bf636b68a23aa424a5e3fc06
c6814b6c4baa029c03d29d0b4cf4b71353db056078fb25d3fcd09973b8622645
c86f6d89cd95e9adfeb3c89cb1d4a10546107bc5b06a19e105a9adf01229c215
c8c1157a2da223023210cb81985597b26cf53da1efc43a51f10f9ff473304303
c9d031b81fe4d93e0dd5961c1daae5dd17b34abca096fe82fe7f647dbc7efa4c
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd6e14944b8bb220a27f603d79ead255a9c456884befb6b5649c988449ce7a7c
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e99ec6869bd15bea953359c16a0b3882d94df869633ad24a23642315a143a445
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb4865eeae0fb07d9459750e6b5b1d14e74c1801a2237b8218ba197d302994c1
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f095944788db7ca720cd8e4431d851d7363508bcd86e3e328bb08b0cdd9be77d
f16f694a20673558fde799a231608be61bb4cc99b4223252bb6aa512a33fddfe
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f8bdc315a554303bd7f4ca9bb658aac03b413943dfbf91dcc2dca14efed6feb9
fa9b7ae892db64ba3621aaa58a0cbe993d32c191e2acdc8d3e0ef7649c1b1923
fc8d5d0572f55ec1e6f93dcfd1fff777fe8fe588b36c705245cd668b9cc8643f
fe65c69aebe71039902645cc96ed098f382cc6bfd4e5bb29e9f873a73fc2b2e6
fe8c502c47649e2fa3ce346ec4a04c79b33b82da161d6f59ce57e62707189b79
ff15f34fbf9ff4a73f4247cc739a43e39ffa4a8721eae4fb59e9f07786a1d73f
ff8503107014f509fa8b4b0ce1f4307bf2068308db1b8cd847d6c26cafc48ff9
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

playrento.com Open in urlscan Pro 195.154.106.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

271 Requests

90 %HTTPS

36 %IPv6

54 Domains

86 Subdomains

67 IPs

6 Countries

3521 kBTransfer

8555 kBSize

25 Cookies

16 Outgoing links

Redirected requests

271 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

playrento.com Open in urlscan Pro
195.154.106.178 Public Scan

Screenshot
Live screenshot

Full Image

271
Requests

90 %
HTTPS

36 %
IPv6

54
Domains

86
Subdomains

67
IPs

6
Countries

3521 kB
Transfer

8555 kB
Size

25
Cookies

271 HTTP transactions
3 data transactions