rentry.co Open in urlscan Pro
51.158.178.115 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rentry.co/t74ai
Submission: On February 07 via manual (February 7th 2022, 12:23:34 am UTC) from PR — Scanned from FR

Summary HTTP 70 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 17 domains to perform 70 HTTP transactions. The main IP is 51.158.178.115, located in Paris, France and belongs to Online SAS, FR. The main domain is rentry.co. The Cisco Umbrella rank of the primary domain is 335179.
TLS certificate: Issued by R3 on January 30th 2022. Valid for: 3 months.

This is the only time rentry.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	51.158.178.115 51.158.178.115	12876 (Online SAS) (Online SAS)
1	13.32.118.209 13.32.118.209	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	141.95.3.10 141.95.3.10	16276 (OVH) (OVH)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.251.5.155 142.251.5.155	15169 (GOOGLE) (GOOGLE)
1	178.62.43.64 178.62.43.64	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2.18.232.99 2.18.232.99	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	209.197.3.19 209.197.3.19	20446 (HIGHWINDS3) (HIGHWINDS3)
1	18.132.186.86 18.132.186.86	16509 (AMAZON-02) (AMAZON-02)
1 3	213.254.244.24 213.254.244.24	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1 3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.195.86.178 54.195.86.178	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
70	32

4 51.158.178.115 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: rentry.co

rentry.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.118.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-209.fra60.r.cloudfront.net

dsh7ky7308k4b.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.10 (France)

ASN16276 (OVH, FR)
PTR: p31.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.43.64 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

vast.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.99 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-99.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.19 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.186.86 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-186-86.eu-west-2.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.24 (United States) 1 redirects

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.86.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-86-178.eu-west-1.compute.amazonaws.com

vtrk.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124 ade.googlesyndication.com — Cisco Umbrella Rank: 268	93 KB
11	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 bid.g.doubleclick.net — Cisco Umbrella Rank: 452 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	183 KB
6	doubleverify.com 2 redirects vast.doubleverify.com — Cisco Umbrella Rank: 2651 tps.doubleverify.com — Cisco Umbrella Rank: 433 cdn.doubleverify.com — Cisco Umbrella Rank: 464 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 581076 vtrk.doubleverify.com — Cisco Umbrella Rank: 1916	5 KB
6	gstatic.com csi.gstatic.com fonts.gstatic.com	32 KB
5	flashtalking.com 1 redirects cdn.flashtalking.com — Cisco Umbrella Rank: 863 servedby.flashtalking.com — Cisco Umbrella Rank: 652 ad-events.flashtalking.com — Cisco Umbrella Rank: 7220	2 MB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 369 mug.criteo.com — Cisco Umbrella Rank: 2864	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	41 KB
4	rentry.co rentry.co — Cisco Umbrella Rank: 335179	76 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com — Cisco Umbrella Rank: 418	128 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1872 id5-sync.com — Cisco Umbrella Rank: 596	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 578	163 B
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 27839	792 B
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 2705	17 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
1	cloudfront.net dsh7ky7308k4b.cloudfront.net	113 KB
70	17

	Domain	Requested by
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com imasdk.googleapis.com
5	securepubads.g.doubleclick.net	rentry.co securepubads.g.doubleclick.net 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	c.amazon-adsystem.com	rentry.co c.amazon-adsystem.com
4	rentry.co	rentry.co
3	googleads.g.doubleclick.net	1 redirects
3	ade.googlesyndication.com
2	tps.doubleverify.com	1 redirects
2	servedby.flashtalking.com	1 redirects
2	cdn.flashtalking.com
2	fonts.gstatic.com	fonts.googleapis.com
2	imasdk.googleapis.com	3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
2	3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	mug.criteo.com	rentry.co
2	gum.criteo.com	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	rtb-csync.smartadserver.com
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	vtrk.doubleverify.com
1	tpsc-frc.doubleverify.com
1	cdn.doubleverify.com	1 redirects
1	ad-events.flashtalking.com
1	vast.doubleverify.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	fonts.googleapis.com	3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	rentry.co
1	secure.cdn.fastclick.net	rentry.co
1	www.googletagmanager.com	rentry.co
1	dsh7ky7308k4b.cloudfront.net	rentry.co
70	35

This site contains links to these domains. Also see Links.

Domain
mega.nz
bit.ly
fakeword.org

Subject Issuer	Validity	Valid
rentry.co R3	`2022-01-30` - `2022-04-30`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
vast.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2021-06-11` - `2022-07-13`	a year	crt.sh
cdn.flashtalking.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-02`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-02-24`	a year	crt.sh
ad-events.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-24` - `2022-08-31`	a year	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2021-11-08` - `2022-12-09`	a year	crt.sh
vtrk.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2021-12-03` - `2023-01-04`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://rentry.co/t74ai
Frame ID: CCF481A69AB1FF04969743B06FFD315E
Requests: 25 HTTP requests in this frame

Frame: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F07507EC990F2E2EA78A1C9A34B541B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A0CBE130F7806CA0347C8B5AECCA3BC2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A9AB0B26888930058D0906437E39865
Requests: 2 HTTP requests in this frame

Frame: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F34B6B5E62CB94CCF2E7C0EE29EFDC31
Requests: 35 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 77C78286C9A2DC11BFCEA5AABC013100
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mega link : https://mega.nz/file/DC4jhQbB

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

94 %
HTTPS

42 %
IPv6

17
Domains

35
Subdomains

32
IPs

5
Countries

2485 kB
Transfer

3882 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://mega.nz/file/DC4jhQbB
Title: https://mega.nz/file/DC4jhQbB

Search URL Search Domain Scan URL

URL: https://bit.ly/3Dqbvr2
Title: https://bit.ly/3Dqbvr2

Search URL Search Domain Scan URL

URL: https://fakeword.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frentry.co%2F&domain=rentry.co&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xatt83xqbThwTFBjZVFIVlpxSHJ5NSt4cHJYRzlzVkZFUFVpY0E3TjF2aFNNTGJPMTFWRU9YWnBhb284cFovdmlUNlpsT2I0MWttTzRrekUzZHFRZU53bjF0cVBZN0tEMFE2R3NDQm83NEJFUS9abEV0OUhZaTR0Smdhamk1bDM3ZmpacFo4UW9BMlg5NXUxa1pid3pSWmJDVkluUmp3RjdGcGJDcmZhS2tFOVQ0aU1wRkZHdGwrcWdjT3dvUUFzOGtHRHVsNkw5ZHkya2dVR3YvNEFsM3Zmc0RtR2p4NW1BbExjSUNEQy9WdE5sZms0PXw&cppv=2

Request Chain 58

https://servedby.flashtalking.com/imp/8/115825;5522358;201;gifimpid;DV360;DV360FY20StockCTXCategoryVideoFRDSKVID1920x1080/?ft_impID=522E4A33-30CA-1E52-1076-F12A4F8F9845&ft_custom=&ft_section=&ft_c1=&ft_c2=&ft_partnerimpid=&ft_partnerid=&ft_creative=3514245&ft_configuration=0&gdpr=FT_GDPR&gdpr_consent=&us_privacy=!!US_PRIVACY!&cachebuster=1372638790 HTTP 302
https://cdn.flashtalking.com/xre/552/5522358/3514245/image/3514245.gif

Request Chain 59

https://tps.doubleverify.com/visit.jpg?vstevt=2&tagtype=video&ctx=1828362&cmp=115825&sid=18330&plc=5522358&adsrv=29&prr=1&turl=https%3A%2F%2Frentry.co%2Ft74ai&crt=5522358-3514245-0&dup=8e560d72-932c-4bfc-830e-16acda96d9a9&dvtagver=dvot_0.8.56_a79bf2d&DVP_PROG_REP=1&DVP_DV_TT=4&DVP_PP_ID=3&DVP_DV_CT=2&DVP_PP_IMP_ID=ABAjH0hhwapKNc7mqWaB8yT2XjMJ&DVP_DBM_1=3060631&DVP_DBM_2=11948251&DVP_DBM_3=48799070&DVP_DBM_4=343001668&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=637488055835&DVP_PP_BUNDLE_ID=&vad=15000&dvp_zjsver=0.21.11&dvp_psfts=1644193395788&dvp_psfst=ack&vstvr=2.0-i&dvp_blk=1&app=-1&essd=0 HTTP 302
https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=da177d25ddc3498294ad587d54cc38c9 HTTP 302
https://tpsc-frc.doubleverify.com/event.png?impid=da177d25ddc3498294ad587d54cc38c9&akipv6=2001:41d0:8:d154::14

Request Chain 62

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjElMejASABMAE&v=APEucNVkovQw1GwCCN8yinlxdYOha7Gk5eJUAx2jBC_BLF_0ihOjWw3wSV0rEJnSQxFJI_1sfG096wIbqBATBTfJpPJA1hEu3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEH88RNY9zUuciIbFKXsJkaQ&google_cver=1

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request t74ai Show response
rentry.co/ 5 KB
2 KB 84ms
32ms Document
text/html 51.158.178.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/t74ai

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

rentry.co

Software

Resource Hash

ca04d5c5a5c10a9b0e792c7b703c8069cbd7ec4356448bc3362f23a18e6bbc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cache-control
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 rentryco.min.js Show response
dsh7ky7308k4b.cloudfront.net/publishers/ 294 KB
113 KB 91ms
29ms Script
application/javascript 13.32.118.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dsh7ky7308k4b.cloudfront.net/publishers/rentryco.min.js
Requested by: Host: rentry.co
URL: https://rentry.co/t74ai
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.118.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-118-209.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2e305217aedbb800239d44c960dbad8d94d9773e428a35141221d54e5bb9691

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 12:15:49 GMT
content-encoding: br
age: 5141260
x-cache: Hit from cloudfront
x-amz-meta-ctime: 1639052119
x-amz-meta-mode: 33188
last-modified: Thu, 09 Dec 2021 12:15:20 GMT
server: AmazonS3
etag: W/"29f197e15670235a11b4e45865c91b4b"
x-amz-meta-uid: 0
vary: Accept-Encoding
x-amz-meta-gid: 0
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-type: application/javascript
x-amz-cf-id: fuCaX82kP5Es4CeoQJWubZUb9M_3j1OB6iaeaXdiMFA5CuOT1gGRQQ==
x-amz-meta-mtime: 1639052119

GET
H2 200 bootstrap.min.css
rentry.co/static/css/ 172 KB
28 KB 53ms
53ms Stylesheet
text/css 51.158.178.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/static/css/bootstrap.min.css?v=67

Requested by

Host: rentry.co
URL: https://rentry.co/t74ai

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

rentry.co

Software

Resource Hash

0f1e31d197fbbf008b19ffaf62195cbc52f1cd661a5d944df0c21b4f50eaa171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/t74ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Oct 2021 22:50:23 GMT
etag: W/"616dfa2f-2b144"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 93ms
34ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102083007-1

Requested by

Host: rentry.co
URL: https://rentry.co/t74ai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10f9e2f3d6316b84f1d8c88f995eca4114a80abcff1cd31b12b70db156a9fe3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36007
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 00:23:29 GMT

GET
H2 200 jquery.min.js Show response
rentry.co/static/js/ 89 KB
31 KB 74ms
74ms Script
application/javascript 51.158.178.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/static/js/jquery.min.js?v=11

Requested by

Host: rentry.co
URL: https://rentry.co/t74ai

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

rentry.co

Software

Resource Hash

85f9b3868ce1bfaf386ed00ed4dcb4ef320c7a9a758025cd703f2e82bd616cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/t74ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Oct 2021 22:50:23 GMT
etag: W/"616dfa2f-16516"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
rentry.co/static/js/ 57 KB
15 KB 76ms
75ms Script
application/javascript 51.158.178.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://rentry.co/static/js/bootstrap.min.js?v=11

Requested by

Host: rentry.co
URL: https://rentry.co/t74ai

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.158.178.115 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

rentry.co

Software

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/t74ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Oct 2021 22:50:20 GMT
etag: W/"616dfa2c-e2d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 153ms
93ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rentry.co
URL: https://rentry.co/t74ai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

54f1f6e63f07a77ff6c9fcf5eebe71b8f5f39f6e354a92a1dec6b1c027a0c6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27225
x-xss-protection: 0
server: sffe
etag: "1124 / 59 of 1000 / last-modified: 1644015869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Feb 2022 00:23:29 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 76ms
27ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: rentry.co
URL: https://rentry.co/t74ai
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 657
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0138GPMSK4HJWCSRMSJA
date: Mon, 07 Feb 2022 00:13:10 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fLLXrl8OO8YOp6qnk89FrAw-PTrqWHvLQ8sKtrX3z2Hhc59cNG1pMA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102083007-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1117
date: Mon, 07 Feb 2022 00:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Feb 2022 02:04:52 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 619 B
972 B 24ms
24ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frentry.co&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 33685e0552d6dde5163a22558998f88807afbbac4df14efac987cdbcaff4144f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 19:38:59 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: Server
age: 17070
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://rentry.co
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 619
x-amz-cf-id: Ug83htxQ9WZ-5MKifKqkF489kQePetz4enLtegWH_HNaS72iMeNsOQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
488 B 55ms
54ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frentry.co%2Ft74ai&pid=OeFUlvV1pha24&cb=0&ws=1600x1200&v=7.72.0&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-rentryco39066%22%2C%22s%22%3A%5B%22728x90%22%2C%22750x300%22%2C%22750x200%22%2C%22750x100%22%2C%22930x180%22%2C%22970x250%22%2C%22970x66%22%2C%22970x120%22%2C%22970x90%22%2C%22980x250%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F8095840%2C22521492683%2F.2_A.39066.10_rentry.co_tier1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-rentryco39196%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8095840%2C22521492683%2F.2_A.39196.10_rentry.co_tier1%22%7D%5D&schain=1.0%2C1!pubgalaxy.com%2C13143%2C1%2C%2C%2C&pubid=6d0c7ea7-f036-437d-be93-21fc59c890c2&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A10000%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 6AKV2DEM9CJ483RD5BGS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://rentry.co
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: -hvvMgDVgUdBtXrVIZ9je6cfheguk28laPg6RlsRxFxFJ58SWL5Nhw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 72ms
24ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 71748
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Sun, 06 Feb 2022 04:27:41 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: m5FRt8HYzN18IvuaTTSEnhU3yH6pPGBXcCfWUwmpln57GrIGwKT6NQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 33ms
32ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1862425101&t=pageview&_s=1&dl=https%3A%2F%2Frentry.co%2Ft74ai&ul=en-us&de=UTF-8&dt=Mega%20link%20%3A%20https%3A%2F%2Fmega.nz%2Ffile%2FDC4jhQbB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1709546669&gjid=1362506679&cid=1057750278.1644193409&tid=UA-102083007-1&_gid=1457074413.1644193409&_r=1&gtm=2ou220&z=852467035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rentry.co/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rentry.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 83ms
31ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: rentry.co
URL: https://rentry.co/t74ai
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Mon, 07 Feb 2022 00:38:29 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 38 KB
11 KB 63ms
30ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: rentry.co
URL: https://rentry.co/t74ai

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
date: Mon, 07 Feb 2022 00:16:42 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: rbx1
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10638
x-request-id: 262308422

GET
H3 200 pubads_impl_2022020101.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 58ms
25ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 20:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121756
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:38:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Feb 2023 20:27:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 58 B
89 B 68ms
34ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rentry.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

21294e61d01277b6a544b022ac14733e2c921ca8dfd7cd6242c95a1247158151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-xss-protection: 0
expires: Mon, 07 Feb 2022 00:23:29 GMT

POST
H/1.1 200 341.json Show response
id5-sync.com/g/v2/ 213 B
527 B 99ms
27ms XHR
application/json 141.95.3.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/341.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.10 , France, ASN16276 (OVH, FR),

Reverse DNS

p31.id5-sync.com

Software

Resource Hash

1f5bb7c30a182fdcc143fbf31ed1376643177a8683322505a0a900b24ba23687

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://rentry.co/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://rentry.co
Date: Mon, 07 Feb 2022 00:23:29 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 65ms
22ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frentry.co%2F&domain=rentry.co&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://rentry.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://rentry.co
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1428
date: Mon, 07 Feb 2022 00:23:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frentry.co%2F&domain=rentry.co&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=xatt83xqbThwTFBjZVFIVlpxSHJ5NSt4cHJYRzlzVkZFUFVpY0E3TjF2aFNNTGJPMTFWRU9YWnBhb284cFovdmlUNlpsT2I0MWttTzRrekUzZHFRZU53bjF0cVBZN0tEMFE2R3NDQm83NEJFUS9abEV0OUhZaTR0Smdham...

360 B
621 B

76ms
26ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xatt83xqbThwTFBjZVFIVlpxSHJ5NSt4cHJYRzlzVkZFUFVpY0E3TjF2aFNNTGJPMTFWRU9YWnBhb284cFovdmlUNlpsT2I0MWttTzRrekUzZHFRZU53bjF0cVBZN0tEMFE2R3NDQm83NEJFUS9abEV0OUhZaTR0Smdhamk1bDM3ZmpacFo4UW9BMlg5NXUxa1pid3pSWmJDVkluUmp3RjdGcGJDcmZhS2tFOVQ0aU1wRkZHdGwrcWdjT3dvUUFzOGtHRHVsNkw5ZHkya2dVR3YvNEFsM3Zmc0RtR2p4NW1BbExjSUNEQy9WdE5sZms0PXw&cppv=2

Requested by

Host: rentry.co
URL: https://rentry.co/t74ai

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2320eeef93a73d273017d23c63606ad8802caf548cc76d54df43bcb8d0b1f4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2844
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:29 GMT
location: https://mug.criteo.com/sid?cpp=xatt83xqbThwTFBjZVFIVlpxSHJ5NSt4cHJYRzlzVkZFUFVpY0E3TjF2aFNNTGJPMTFWRU9YWnBhb284cFovdmlUNlpsT2I0MWttTzRrekUzZHFRZU53bjF0cVBZN0tEMFE2R3NDQm83NEJFUS9abEV0OUhZaTR0Smdhamk1bDM3ZmpacFo4UW9BMlg5NXUxa1pid3pSWmJDVkluUmp3RjdGcGJDcmZhS2tFOVQ0aU1wRkZHdGwrcWdjT3dvUUFzOGtHRHVsNkw5ZHkya2dVR3YvNEFsM3Zmc0RtR2p4NW1BbExjSUNEQy9WdE5sZms0PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://rentry.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1602
content-length: 482
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 127ms
37ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=rentry.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 102ms
41ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rentry.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
21 KB 480ms
480ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3167722543275695&correlator=3055845296009837&output=ldjh&impl=fifs&eid=31061814%2C31064660&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=8095840%3A22521492683%2C.2_A.39066.10_rentry.co_tier1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C750x200%7C750x100%7C930x180%7C970x250%7C970x66%7C970x120%7C970x90%7C980x250%7C980x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=pubcid%3Dca98cacb-2ef1-429c-ab72-1c7b2c770127&cookie_enabled=1&bc=31&abxe=1&dt=1644193409577&lmt=1644193409&dlt=1644193409031&idt=510&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=527&adks=3264216144&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frentry.co%2Ft74ai&vis=1&scr_x=0&scr_y=0&psz=1124x300&msz=728x0&ga_vid=1057750278.1644193409&ga_sid=1644193410&ga_hid=1862425101&ga_fc=true&fws=4&ohw=1124&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ba64f29e05cffb5609a03cd6b5f109dc3d5c10361abd7f652c38c91b28d0f76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rentry.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F07 6 KB
4 KB 149ms
58ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Feb 2022 00:23:29 GMT
expires: Tue, 07 Feb 2023 00:23:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
22ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1730
date: Mon, 07 Feb 2022 00:23:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 97ms
37ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e925ac27fd0b042b9df10e6f21609e40b6d940fe567af2ea901bc5890100c22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10139
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 136ms
78ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 00:23:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A0CB 13 KB
5 KB 62ms
27ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 00:04:24 GMT
expires: Tue, 07 Feb 2023 00:04:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A9A 783 B
1 KB 101ms
34ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14ff2c478f7515ec8cff44e667afe5e4196d34a72a7012ac1700e600ab266d67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AamV2C+snit7bL4Qan7hPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 07 Feb 2022 00:23:30 GMT
date: Mon, 07 Feb 2022 00:23:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AamV2C+snit7bL4Qan7hPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F34B 6 KB
3 KB 60ms
26ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Feb 2022 00:23:29 GMT
expires: Tue, 07 Feb 2023 00:23:29 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame A0CB 35 KB
13 KB 60ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 11:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 11:53:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A9A 0
0 80ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020101&jk=3167722543275695&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame F34B 19 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
URL: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 00:12:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F34B 8 KB
1 KB 109ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
URL: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 23:37:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 07 Feb 2022 00:23:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 07 Feb 2022 00:23:30 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame F34B 14 KB
3 KB 97ms
25ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
URL: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 02:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Feb 2023 02:23:28 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame F34B 355 KB
123 KB 105ms
33ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
URL: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 02:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Feb 2023 02:23:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame F34B 14 KB
6 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
URL: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 23:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Feb 2022 23:59:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A0CB 0
9 B 24ms
24ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3-k_Eg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020101&jk=3167722543275695&bg=!S0ilSAzNAAYZkRhwGZE7ACkAdvg8Wv_FFxKxksNkMVceXvkmQjTNRSzmKC4bB043E3tUsRg1y0ImwAIAAABnUgAAAAJoAQcKALCs-VszydbVm8yorvzq4BPTrvwG9vsd8Iax_SWAlFoABuYWYuxsT3lzXrPI3Chq3ue4jr99r4U_PI2883CktJ4ULFZ6ntr67gOMufhLCuca8n03DGdCX82Pt1km4WBK8pLA-gPooJyAHfIciaIpCU-I4ncxkizAWEe75GDJQNlS5lyI0RCmgIAOPXDOUwG3DPPXwOpG3X92BonZB5vwdaWHih91yXlZULZtbCuSyJj2U5kCwkgZxNIg3UL0-rY_iEFwPbzDuXpPI46nORGUd2EpExTk3_-4h-NTShEHcmpVQvS5fEGnILUXlz8zVM3R1d4e8NBbLp2PhhI1S_c0u8W5BFID49cKPmmXe8Bmax10DduFEi5iUq2psN649P61sg059AJaOvYEwYNi2dsv06GWZjALFb9Q6I0JOKu1zxTdkqIdOus7mgFc0xTc07AVbnnWHP8XiVkpEl3CJy3TywnRtLfGvD74Mr5asrKNLqu_9hEVJKsHnbrU0RtChWAnd5bpMY6tPaRm61iJflA1G2eq8Rc8O3icrmAOW7w9nQWsu0XIWKt7QJ7dJ5sGxF3SDhjulDwlxBYpDdOXrJZ_MCfEdybAoW8YGW_q9qpIkNeFIaMkwzcoTuiQmLreV8Eyr55Yw82RxJD0WDHcu8Z88SPHmtbZm82a0R5dwrrSOR8sldF_75ZnQ2LvqgegIcsEfeQBc683tMB2vZEqeb0Pmud4WMXuSy71v7jp1rkIHsld8TZlmba14Bx9Rb2FBwNVrsvf_bhCZrzIIbxELFq9dVYnqZAAoFcWS1qshoCwzOIwYqvGmN0dlznVdsSqxhRdaJhwF6C_RQ0WWpsYPzA7LKmh9Tzb9fQcdVmFniXaAcZK7GW2QLrrTWf1V8z2lKPA8aj6X-JnAkCL4yrw4l31xZexGQzB3DgaoIYDiHFOY5QW7ip0uu07o2DRDiXcPnjMZbMypJhWhgXjrbrXTTRKFFJXMyFrI5kh5rbTSl_RgDFYAfD7Jvd07pk4ECZj4k5aXvU0sZff21KbMVT3uQ4U_MiQSq-AUcahqUjclpTuWG1RPgorWFfQjIOcCjuxNC78-0mDzw86eJZ9o-xMvOdx9b7SWPiyQBeGqkGFsErJeYsmZ8rfzRbNHqHkI327Gi2PmxtukXwxLlSEfL_4hgnGPpusuFooT94

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://rentry.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F34B 0
327 B 621ms
26ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kzbyayw5&c=7577529250257&slotId=3788764625128.5&qqid=CPH8_eCp7PUCFSDPuwgdk9IBLg&fb=outstream-lima&sei=44714743%2C44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318475489%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F34B 15 KB
16 KB 84ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 447335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F34B 15 KB
15 KB 87ms
34ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 451421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 18:59:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F34B 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ca9i1gWYAYrG4JqCe7_UPk6WH8ALwgNv5ZqOUpuLJDe-Ot7bmDBABIIiAvxRg-_n2gogKoAGx-v_qAsgBBagDAcgDmwSqBPgBT9B98iTsnRCyxjrabHT8oSsw9aecTzdD0Yw6293Q7JmfvHpZxTtmYZcwOrmwdCuUsEMhBokwTht3B3sHjqtTlPyfCuywNvwOACkYYxMB7f50PisJV1IeKcmvx0TbKUJX-NerQyz8mVEQxkKZoQZ1KAWx0-VRimrHjpvJOYGG7AlytA0Gz29VKiqN3TqX_8YIk86y6UQK_xjgVjXj-yub17AsbGTUB3LMa0MK1SIfEpeviv2ys1TNg5ybC_seM-R_IDH06-NA6l6P9N5wbrOhNBphzg3x7MNJiSYgGa0d2DZ_iZaVrWT3KUOsYefhGKPw0DYYQWqQsgPABPaauLO8A-AEA5AGAaAGeYAHt4WAlQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE8rQgg7QEwDYEw2IFAvYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1644193410347&ai=Ca9i1gWYAYrG4JqCe7_UPk6WH8ALwgNv5ZqOUpuLJDe-Ot7bmDBABIIiAvxRg-_n2gogKoAGx-v_qAsgBBagDAcgDmwSqBPgBT9B98iTsnRCyxjrabHT8oSsw9aecTzdD0Yw6293Q7JmfvHpZxTtmYZcwOrmwdCuUsEMhBokwTht3B3sHjqtTlPyfCuywNvwOACkYYxMB7f50PisJV1IeKcmvx0TbKUJX-NerQyz8mVEQxkKZoQZ1KAWx0-VRimrHjpvJOYGG7AlytA0Gz29VKiqN3TqX_8YIk86y6UQK_xjgVjXj-yub17AsbGTUB3LMa0MK1SIfEpeviv2ys1TNg5ybC_seM-R_IDH06-NA6l6P9N5wbrOhNBphzg3x7MNJiSYgGa0d2DZ_iZaVrWT3KUOsYefhGKPw0DYYQWqQsgPABPaauLO8A-AEA5AGAaAGeYAHt4WAlQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE8rQgg7QEwDYEw2IFAvYFAHQFQH4FgGAFwE

Requested by

Host: 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
URL: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame F34B 21 KB
14 KB 161ms
50ms XHR
text/xml 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BFmxR1XzCOi4SobR_b2Eki_uRJZYd0pJ2GaGWH67xxJsnuBoYuXODMmVLh4CJFx7lcpyUWBapJNAF1iMe8qgx35f-4ww&cry=1&dbm_d=AKAmf-AjzpFlATny3PijmU3lTO9zjNZEUTSiIGuf_rTXPf0Tz1dhr9TDl7Qa2okIzsu_Iet4dwXDEFVMOzIbh28pWKUiHyU6uUFZYKn8eqBQsCG4b8cUW5dv0tZNJnt1HLnjDyAB3GBf-mt4vkz_LqNOAs4P2Xq6Cz4Nxky3bLbh0dBl9aj7fOQOnw9R23Z77UvnN9vw1g2ZEEtJ2I_AG6XWzPDxOW6DBSUQcVh9DdcQ5kWi4QPCbES3cxpfLq8v-HcKRz5Wa0JkwenAhUySd7hc160WApPfDdcyszAppy8Zf-sEZPLkm4ElJwSseG0H1FzRoN9QgF6EdnKj6wdHKS3WaZFQV8OlnQbpCEB1782nQ21XPA9-NZ_LEgUJPWsUMugXZF0AjBeShCDGY4Mm8itrSICZQVwAqSBppBRyEk-yjCKwYXwk2eFTQH_jIb47St4mJhpl742aN9y5s4PRUJSJ7acqxwPhYnviE22-0l02KcB-5o4HsPHsgFct1KofNz8P3KUkwroOZg2-zpRZWUcqiRXP6XeJOu8UMr7orjX8SQ-o5WyjjV8knVakZ30eOkeJglrMbo6sA0EZmL2Y4vEzu0OJBnluVP3Fei1il8Uje7BI-lWZHcceBZuLvbzDYos3YAkZRKOMxyCh_z2UPA0YO1_NCsJ3HojsY4uCjHBsYzItHddQxv31609Q6pZhtQTn2RwGBp4_2tiy-G9BfZsLOd64Y8QYwvBY_ESgFCLAewf8g62JSaH42kD-4jNkABvEUnoHeBJb1U2FOhh66XhrfcBjdV_EjPS-xm6SeMHeWZL7sGGmBcFNzg96WvN51ZMqDy9rzkXfDcKlu1-60hqbOHae9Y5vTqa1HGTH7Tp-rI5Xn-hqR-NWjB4YCBVVV3dKKk8Uw5cxXoMVKSiRY4eN_9YEzD3MkPitygvDGcmDWA6w1PPzHi1ZGMc7YU5ae6jnKBNppWDkrmsZFofswZrgD1pdNtIiUMQgkjZRdcf2ccn5KcuPEB3XOkX-QC_-EL5i43URlVq0WDSvA0lTW0WG-C872EHUg7IFRicqWRBsHrc6zrVh23ZngIxnqBBzsHvSz0ZxitC3uQaRneFuXdPsKiXaW86jH2Db-cCZB3hyKs_NJsW8ThG7S2sQDE6g5E0nsSXk6KC9AumtKfN8GAtAsy_32fkGsShW64q-k1Kn9lbyIahtejg3ed1z9argV8zz4kdc0EaJ7RCx1cGZUtS1zONHbfBoFjoOScUsDVJivL08v9bEmGL5NM3WhEs0KrPwCtQQPJ7AwgNQy_dcZz5eTmIyyQOSZhKX4e0CcfSR3ilO0GPf_tQrJnhnTahQDU3c6-suf4hYWPaiA1x1uGwBwEhOfeUEUH6axnBR4X0y3hx2Ew3ZqiXcLjE4qtieUFYWdtKOi2PkAPdhMMDVxjoP386gd8xdcQga0OhXTEiJyWWAz4vj61BZEwmdEAl6ak9jf0wTHYSeDuT9gEnpqqAGl08xzwVXouwgBeNmySHPsWMdiPWpzYcYJh7aF0nmgfWC7dHYJ5ldhApAWhDSMh4SMzD6p4xTYTEgvxtkrRLrIy8UGanCZuyDnUh4ICxpUKUTCERTroMWEVcv79Bc8JXwnXSb8WqutAy1UGJcdFdjBrLWSAJEfQQ-nzG71reDm7OhE0Du_ZoBohTFGSnZOyG3i8Jh8z-3A3_paEbMCkXraQhpwgAP5KtpvNOULS1d0nBNxhb3oJYAmUHnRMEG6fnetEGXodNBrWSKIOiQ0WqAWGjY_xQuL1_AmbiiUuoD4QhZcU9Rc6i7IR_lHCI-ecFsNNDIR-5pVERk4wKem_7S-EiAgrBlo1JWfaWydywlC9KqwXBB3Hx_IEwosQyIymdQgU4_7cKXCZNKCfWBzIUTcPG2lUdBu2HQOpWfyzIkrdWjk2HrfZfIQ5Fj2OZ6kG9ZOP8thoHaSIeFgYaaOnc3Y1wVvi7QLUTCW5flsyScSqZDXs04jXxv9TlHUEPBJxIT61oT9JJZlrCxy5uuJ-s8-ZcOEgmekJHOvTHgrYKLhh5pvBzANfkXB8x-M5p_sdmPOZbdrGaF2ImSV4RqosMK02958WKYArg5VW6FZo9nbV_oWRZ3ecto5njmrBjjXfed6E5r4c9I6n_lCqllHuDwtF9dqWsTYSUUaLaf-ejYt9HdbTVhcuAOebjjLGxR79A6mZ4atikOC-KuKSsc_WJJxiFYrR9v_0DyED-hd5gAHbmrhHO64tOwYP-g8FGKU6iGe5WuWIa9FPPw1O85v34lT2Ah6ia8IxLiqP7azZLDdGNPLoZUGbH3pZYbhpKKJ69_f8S0rIIsecXovqBvndrsoQ158I8AFkd7fLC_ImGQmph-ab-6-MMIrFQBBrhhUQ7SUaPZVbys9MK95bNKMP7qXtA1G0Ag7mjNhYqlnXDF9D6HNUcj77hVNDlQ6rrlGrx86PaavYH6n1EpJq_2m2ReXbqclj3zYTSiuBR0cbQK2_gAVz9h244mOE5qxMo8N0eWz3fWEDUbzyXylBvRe4AT9rWlDWhWB59z8loFdxKT2oOeQOEGoEqQu8a6MOZ2REhhhJms8xNLtCcehO9W_QS-kJDXWyNpa1gC3hNXm7mR4mc4kCl38S6fn-z8mSTlphCkCEuAHodKEvnPTNY9TpRTatcYN2uW9Z5QTqcWI7o0rqjEVbh9wrMHOpJBRgb8fC_457oR3oA4kJ_LpI3moT8so0JKY85Y7bF7KPuuI3U29rcWBf9oKbkRWoP3X8cHveCFnExxuICiNKnNzMVJrRSecxxZTOwg_0SW0wNc4JAv24HNRPkrpHnNfbwIZY4GN11B2-zqJCa534eXKFca6X3BJRm8UyB7Ar4tZlMRQFdQz3Xcsb3n8dHtfLBGXhAKhzrzI0DXh8kV0eCN8takrjqsdWEu3FZCQq8zpacS3G7-OVXvlfYm4_HuUtWUr8-4blAi0hVcIvFMMzj8HDXJDU106Jd8pR6fUcBWEc_cuy8uS3iWmO5FnMzqn1ASwDyMsxPu9bC_r7C_KeaSKadb3u8t9VYzbn5xyeGw1V4G8CB3Fg6TvFe1XPLmZwfylOk9FO93f5cduEI-NYs5tjQ0D7-PWZZf-7GBpLvU-dLd5-9iZYVyRzQkTjUJjuL7gcTNgxGDshRSj_CuIWicNAxBOOn9NJlPPi3RMPo&cid=CAASFeRoH53qOEEOH9xTTgzZuF81AeUasg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

cafe /

Resource Hash

be99da4881333e71e1cba0f936b20dd8c417e7ebac45b0a6c673230f5bdb6ff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13735
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F34B 0
0 61ms
60ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSoN3gWYAYrG4JqCe7_UPk6WH8ALwgNv5ZqOUpuLJDe-Ot7bmDBABIIiAvxRg-_n2gogKoAGx-v_qAsgBBagDAaoE9QFP0H3yJOydELLGOtpsdPyhKzD1p5xPN0PRjDrb3dDsmZ-8elnFO2ZhlzA6ubB0K5SwQyEGiTBOG3cHeweOq1OU_J8K7LA2_A4AKRhjEwHt_nQ-KwlXUh4pya_HRNspQlf416tDLPyZURDGQpmhBnUoBbHT5VGKaseOm8k5gYbsCXK0DQbPb1UqKo3dOpf_xgiTzrLpRAr_GOBWNeP7K5vXsCxsZNQHcsxrQwrVIh8Sl6-K_bKzVM2DnJsL-0Yyfoqzo7N5ePFgNh5-6avdl3SHYrZBXydLAn6hLwkBN9VPZKkkXoCDfDHk6Ii0dgMMj-hJs4op-8AE9pq4s7wD4AQDiAXWwcakL5IFBggbEAEYAZIFCggiEAIYAUiv6lCSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnmAB7eFgJUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ78dLGMSUx6MB0ggJCIjhgBAQARgdgAoDyAsBsBPK0IIOyBPakJQI0BMA2BMNiBQL2BQB0BUBgBcBshceChwIABIUcHViLTYxNjM4NTc5OTI5NTY5NjQYuM0M&sigh=A0epuKxo8ew&uach_m=[UACH]&cid=CAQSPgCNIrLMcjlXPBYPpL0MYzSxNNdQ9eduwMXTx8Ij2cKgKzy0FldPGAAszs6JSt3SL1qCbivEMhUIt4rQdsAo&vt=10
Requested by: Host: 3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
URL: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame F34B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffb3557748c4d35b52ac07a90d7dfbc38f2a2e8432039c94fd168cdf2b925d53

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame F34B 16 KB
4 KB 146ms
50ms XHR
text/xml 178.62.43.64
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=1828362&cmp=115825&sid=18330&plc=5522358&adsrv=29&blk=1&DVP_PROG_REP=1&DVP_DV_TT=4&DVP_PP_ID=3&prr=1&DVP_DV_CT=2&DVP_PP_IMP_ID=ABAjH0hhwapKNc7mqWaB8yT2XjMJ&DVP_DBM_1=3060631&DVP_DBM_2=11948251&DVP_DBM_3=48799070&DVP_DBM_4=343001668&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=637488055835&turl=https://rentry.co/t74ai&DVP_PP_BUNDLE_ID=&_vast=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F8%2F115825%3B5522358%3B208%3Bxml%3BDV360%3BDV360FY20StockCTXCategoryVideoFRDSKVID1920x1080%2F%3Fgdpr%3D%7Bs1%7D%26gdpr_consent%3D%7Bs2%7D%26us_privacy%3D%7Bs3%7D%26pbMethods%3D%7Bs4%7D%7C%7Bs5%7D%7C%7Bs6%7D%26cachebuster%3D%7Bs7%7D&_s1=&_s2=&_s3=${US_PRIVACY}&_s4=[PLAYBACKMETHODS]&_s5=[CONTINUOUSPLAY]&_s6=[TIMESINCEINTERACTION]&_s7=[CACHEBUSTER]&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=%7Bs1%7D&gdpr_consent=&gdpr_consent=[GDPRCONSENT]&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.62.43.64 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 77b923d7d68d7a23932556cdb7dbdd90c910eced95957b8d34d044b2155f18d0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:15 GMT
content-encoding: br
vary: origin, accept-encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: none
timing-allow-origin: https://vpaid.doubleverify.com
link: <//cdn.doubleverify.com>; rel=preconnect; pr=1.0, <//rtb0.doubleverify.com>; rel=preconnect; pr=1.0, <//tps.doubleverify.com>; rel=preconnect; pr=1.0, <https://vpaid.doubleverify.com>; rel=preconnect, <https://cdn.flashtalking.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
expires: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame F34B 41 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Feb 2023 16:38:19 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F34B 0
54 B 261ms
26ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kzbyaywd&c=7577529250257&slotId=3788764625128.5&qqid=CPH8_eCp7PUCFSDPuwgdk9IBLg&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vmfc=8&vhc=0&ccc=0&msm=1&aits=0&webm=0&vp9=0&vamt=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=true&vms=1&bit=0&umsem=0&ape=1&met.4=videopreviewvisible.vg
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content FY21Q3_CC_Stock_Stock_FR_FR_DiscoverWinter15s_VID_1920x1080_854_480_700_3000.mp4
cdn.flashtalking.com/137967/ Frame F34B 2 MB
2 MB 211ms
79ms Media
video/mp4 2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/137967/FY21Q3_CC_Stock_Stock_FR_FR_DiscoverWinter15s_VID_1920x1080_854_480_700_3000.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: e3f8c4889b48ff7a5c9c005e0f5b3303969d109cde7ce87e11fc98c64262b49d

Request headers

Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 07 Feb 2022 00:23:30 GMT
Last-Modified: Mon, 19 Jul 2021 20:03:28 GMT
Server: Flashtalking (AKA)
ETag: "12f8888422e616c795922837d397c37f"
Content-Type: video/mp4
Content-Range: bytes 0-1768050/1768051
Cache-Control: max-age=30
X-Varnish: 656450951
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1768051
Expires: Mon, 07 Feb 2022 00:24:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F34B 0
54 B 253ms
26ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kzbyaz6e&c=7577529250257&slotId=3788764625128.5&qqid=CPH8_eCp7PUCFSDPuwgdk9IBLg&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fvast.doubleverify.com%252Fv3%252Fvast%253F_media%253D3%2526ctx%253D1828362%2526cmp%253D115825%2526sid%253D18330%2526plc%253D5522358%2526adsrv%253D29%2526blk%253D1%2526DVP_PROG_REP%253D1%2526DVP_DV_TT%253D4%2526DVP_PP_ID%253D3%2526prr%253D1%2526DVP_DV_CT%253D2%2526DVP_PP_IMP_ID%253DABAjH0hhwapKNc7mqWaB8yT2XjMJ%2526DVP_DBM_1%253D3060631%2526DVP_DBM_2%253D11948251%2526DVP_DBM_3%253D48799070%2526DVP_DBM_4%253D343001668%2526DVP_DBM_5%253D1%2526DVP_DBM_6%253D1%2526DVP_DBM_7%253D637488055835%2526turl%253Dhttps%253A%252F%252Frentry.co%252Ft74ai%2526DVP_PP_BUNDLE_ID%253D%2526_vast%253Dhttps%25253A%25252F%25252Fservedby.flashtalking.com%25252Fimp%25252F8%25252F115825%25253B5522358%25253B208%25253Bxml%25253BDV360%25253BDV360FY20StockCTXCategoryVideoFRDSKVID1920x1080%25252F%25253Fgdpr%25253D%25257Bs1%25257D%252526gdpr_consent%25253D%25257Bs2%25257D%252526us_privacy%25253D%25257Bs3%25257D%252526pbMethods%25253D%25257Bs4%25257D%25257C%25257Bs5%25257D%25257C%25257Bs6%25257D%252526cachebuster%25253D%25257Bs7%25257D%2526_s1%253D%2526_s2%253D%2526_s3%253D%2524%257BUS_PRIVACY%257D%2526_s4%253D%255BPLAYBACKMETHODS%255D%2526_s5%253D%255BCONTINUOUSPLAY%255D%2526_s6%253D%255BTIMESINCEINTERACTION%255D%2526_s7%253D%255BCACHEBUSTER%255D%2526_api%253D%255BAPIFRAMEWORKS%255D%2526_ssm%253D%255BSERVERSIDE%255D%2526_tsm%253D%255BTIMESTAMP%255D%2526gdpr%253D%25257Bs1%25257D%2526gdpr_consent%253D%2526gdpr_consent%253D%255BGDPRCONSENT%255D%2526_abm%253D%255BAPPBUNDLE%255D%2526_pum%253D%255BPAGEURL%255D&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 77C7 23 KB
9 KB 26ms
25ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Feb 2022 16:38:19 GMT
expires: Fri, 03 Feb 2023 16:38:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 287111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame 77C7 35 KB
13 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 11:53:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Feb 2023 11:53:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77C7 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BSeLUgmYAYqL1HuGnzAaJyp_ACAAAAAA4AeAEAg&bg=!29il2JzNAAYZkRhwGZE7ACkAdvg8Wv24hmSoUaifAUSxFxR3-p9f9sFxnHlm--0MS_PTlr7IZ0f7jgIAAAB0UgAAAAJoAQeZAv_zWg1Ssef1d1bCufZrpctzoTjBk1d8GBC87RdcR4eGHmtt0mAW066RFq2xhugAVfHUEAibhFJagSF0W-0M7zGiVBxZZ-Dq0sk_qnR0Scc6ABOWNW0mfYWG83DwuwsNqPDo2ShkURnLVdguzfCsGOA_8lOGIr2aRHOq-rIiqg1xQlbmE_r64X9iA_x1BF5wlbdna1wpbKBfRa_maFx97urJuH2Py_p52vP6NiVQG6-CfzL7S_p45n2CT55WpBAQHYC8AQtFvyjQlgqn3hPXLBfAwZRBR_6_A9H4JKOX85Q0fScYZf7cfqPc1RXFGoncAJpzsVQYzRGhkHI3IxSZIadPhAPvc3_BE1E_xrStAK40lOKTpRjYm4duyn6_zRyFJEikHhC3yWR7fnFSuWHW6Ahzb8NmbnCkKuyWP6Q9DY-LbvJ1sOLrCVCMmRnQe55JQ4T391TZ1CT7Jf7NbLhtYSb1wc62Gy8tv8JUWkL9rMF1Jsf1yrXJ7mVX4Z7E5tSL-1bGxXRCecP6GNOHwmC815EWrdoyw2HPiNpEtvEmCF3ntdNCvw2TFS79hQJE_uCs0A9o3t5pLDCTuN2K768hG9YOMyyXeykUhNgp7IyKqAMgiTGscwn-LEekZfRMjZUA1lfKbigVq2aseixPPmFYL2YfsB7uKmcPTI_l4FUm3bLLMOZSWNn-zVqTuxOGaIw7woxTu09338k7Xy0kr9eh_1HrtDqAdUHap5Q-P5gEKQdljGb4vaz5U06Ff_jKGb83y08f9CbzopzPgZKFkEzj73R_wi0AM6jQVJcj_Vkg0sLnl6G2d5mLNFxdVtev_0einn8ptjt3j6KNuvBgjiVMWVL0t8VAl88d7zdUrmmC3fTAwajl6vXRAoZ9-pDLatgHvo3zf6phE-t7OokA9sME8Xm74G9r2mht5FKnqtLu99UNPavEX0u3K5fz_k3N8AxxcWyyU1TWIo6Ss3ewngGbncx8wJ_tgooIGfc90M9hHKy6eMSBr3J0MNOe8VrfrAnPpQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/5522358;3514245;0;271;522E4A33-30CA-1E52-1076-F12A4F8F9845/ Frame F34B 42 B
420 B 173ms
92ms Image
image/gif 209.197.3.19
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/state/5522358;3514245;0;271;522E4A33-30CA-1E52-1076-F12A4F8F9845/?ft_data=[PLAYBACKMETHODS]|[CONTINUOUSPLAY]|[TIMESINCEINTERACTION]&cachebuster=1372638790
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app13.frk11 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 00:23:31 GMT
Server: prod-xre-app13.frk11
X-HW: 1644193411.dop006.pa1.t,1644193411.cds222.pa1.shn,1644193411.dop006.pa1.t,1644193411.cds203.pa1.sc,1644193411.cds203.pa1.p
Content-Type: image/gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ft.stat
ad-events.flashtalking.com/ Frame F34B 0
67 B 179ms
69ms Image
text/plain 18.132.186.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/ft.stat?13539;115825;5522358;3514245;0;13;522E4A33-30CA-1E52-1076-F12A4F8F9845;5151690DA606FD;1372638790
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.186.86 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-186-86.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:31 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 204
No Content event.png
tps.doubleverify.com/ Frame F34B 0
138 B 261ms
26ms Image
text/plain 213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/event.png?vstevt=0&dup=8e560d72-932c-4bfc-830e-16acda96d9a9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 00:22:37 GMT
Cache-Control: max-age=0
Expires: 02/06/2022 00:23:31

GET
H2 200 dc_oe=ChMIor6z4ans9QIV4RPTCh0J5QeIEAAYACCRpoJHQhMI8fz94Kns9QIVIM-7CB2T0gEu;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame F34B 42 B
269 B 98ms
88ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIor6z4ans9QIV4RPTCh0J5QeIEAAYACCRpoJHQhMI8fz94Kns9QIVIM-7CB2T0gEu;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15092%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D689926183%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644193410981;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F34B 42 B
536 B 162ms
87ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ca9i1gWYAYrG4JqCe7_UPk6WH8ALwgNv5ZqOUpuLJDe-Ot7bmDBABIIiAvxRg-_n2gogKoAGx-v_qAsgBBagDAcgDmwSqBPgBT9B98iTsnRCyxjrabHT8oSsw9aecTzdD0Yw6293Q7JmfvHpZxTtmYZcwOrmwdCuUsEMhBokwTht3B3sHjqtTlPyfCuywNvwOACkYYxMB7f50PisJV1IeKcmvx0TbKUJX-NerQyz8mVEQxkKZoQZ1KAWx0-VRimrHjpvJOYGG7AlytA0Gz29VKiqN3TqX_8YIk86y6UQK_xjgVjXj-yub17AsbGTUB3LMa0MK1SIfEpeviv2ys1TNg5ybC_seM-R_IDH06-NA6l6P9N5wbrOhNBphzg3x7MNJiSYgGa0d2DZ_iZaVrWT3KUOsYefhGKPw0DYYQWqQsgPABPaauLO8A-AEA5AGAaAGeYAHt4WAlQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE8rQgg7QEwDYEw2IFAvYFAHQFQH4FgGAFwE&sigh=Yw6opJ1OL_s&label=part2viewed&ad_mt=5&acvw=sv%3D20211103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15092%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D689926183%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644193410981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

3514245.gif
cdn.flashtalking.com/xre/552/5522358/3514245/image/ Frame F34B
Redirect Chain

https://servedby.flashtalking.com/imp/8/115825;5522358;201;gifimpid;DV360;DV360FY20StockCTXCategoryVideoFRDSKVID1920x1080/?ft_impID=522E4A33-30CA-1E52-1076-F12A4F8F9845&ft_custom=&ft_section=&ft_c1...
https://cdn.flashtalking.com/xre/552/5522358/3514245/image/3514245.gif

42 B
397 B

91ms
82ms

Image
image/gif

2.18.232.99
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/552/5522358/3514245/image/3514245.gif
Protocol: HTTP/1.1
Server: 2.18.232.99 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-99.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 00:23:31 GMT
Last-Modified: Fri, 03 Dec 2021 05:17:32 GMT
Server: Flashtalking (AKA)
ETag: W/"d89746888da2d9510b64a9f031eaecd5"
X-Varnish: 38756002
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 42
Expires: Mon, 07 Feb 2022 00:43:31 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 00:23:31 GMT
Server: prod-xre-app28.frk11
Access-Control-Allow-Origin: *
X-HW: 1644193411.dop207.pa1.t,1644193411.cds028.pa1.shn,1644193411.dop207.pa1.t,1644193411.cds217.pa1.sc,1644193411.cds217.pa1.p
Location: https://cdn.flashtalking.com/xre/552/5522358/3514245/image/3514245.gif
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

event.png
tpsc-frc.doubleverify.com/ Frame F34B
Redirect Chain

https://tps.doubleverify.com/visit.jpg?vstevt=2&tagtype=video&ctx=1828362&cmp=115825&sid=18330&plc=5522358&adsrv=29&prr=1&turl=https%3A%2F%2Frentry.co%2Ft74ai&crt=5522358-3514245-0&dup=8e560d72-932...
https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=da177d25ddc3498294ad587d54cc38c9
https://tpsc-frc.doubleverify.com/event.png?impid=da177d25ddc3498294ad587d54cc38c9&akipv6=2001:41d0:8:d154::14

0
138 B

77ms
25ms

Image
text/plain

213.254.244.24
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=da177d25ddc3498294ad587d54cc38c9&akipv6=2001:41d0:8:d154::14
Protocol: HTTP/1.1
Server: 213.254.244.24 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 00:22:38 GMT
Cache-Control: max-age=0
Expires: 02/06/2022 00:23:31

Redirect headers

Location: https://tpsc-frc.doubleverify.com/event.png?impid=da177d25ddc3498294ad587d54cc38c9&akipv6=2001:41d0:8:d154::14
Date: Mon, 07 Feb 2022 00:23:31 GMT
X-N: S
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
vtrk.doubleverify.com/ Frame F34B 0
167 B 212ms
38ms Image
text/plain 54.195.86.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtrk.doubleverify.com/?v=1&t=event&tid=ZW-12000000&ec=vast&cid=8e560d72-932c-4bfc-830e-16acda96d9a9&el=https%3A%2F%2Fservedby.flashtalking.com%2Fimp%2F8%2F115825%3B5522358%3B208%3Bxml%3BDV360%3BDV360FY20StockCTXCategoryVideoFRDSKVID1920x1080%2F%3Fgdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%26us_privacy%3D%24%7BUS_PRIVACY%7D%26pbMethods%3D%5BPLAYBACKMETHODS%5D%7C%5BCONTINUOUSPLAY%5D%7C%5BTIMESINCEINTERACTION%5D%26cachebuster%3D%5BCACHEBUSTER%5D&ea=impression&cm114=1&cm115=20&cd101=vast&cd102=src&cd111=inline&cd112=unwrapped&cd117=2&cd170=29&cd182=vpaid-transformer%400.21.11&cd188=lon1&cd189=droplet&cd190=1828362&cd191=115825&cd192=18330&cd193=5522358&cd195=1&cd196=3&cd141=%5BAPIFRAMEWORKS%5D&cd142=2022-02-07T00%3A23%3A31.001Z&cd143=2022-02-07T00%3A23%3A31.001Z&z=08036227
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.86.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-86-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 07 Feb 2022 00:23:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F34B 0
571 B 192ms
66ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3EXMKosf0ZQXL_bDb_0Vh_x11xIp9dFsPi1ZoVCTNud4In34oDHBsQRe3uwOLhpqjEnOU5SBNPwfgClZkJG0-NFlxp7aBFDGEFkdo1anMbGm410qDIYJkZqhmLttQjSxfapbXK-Qp3GhMwVgmpBoUvLmuSwZ2QHVZKgyH5F9Q4Lun7EVl5B9zRRfMleWQe9qnZYp2zasGiatOVcZoba9AJj_7o2APv_RVjCm1UNot8QT_bNd1vOLLToshEw-8mQ4dpQu1lBCIJAc0ujp9KKozYClFrNkgsqypHFgUEDlYZdoPSQFcNxElS6VS-r34ey6FUPObxqz-qfNm8Np4RXxWiHJsR7w2KswYgUf4sMQVwOfcnDqSpXO1Lwy2M81U6ZcuTAtvpdQhL5xJzrHQXMn6_frs1R3K0351lSI4adUc_JYngFsjAGMNgJaRtdwXWPBfGD2EcLzjpLVxixuGONHIo-kCHFIdEFfQ2oIPr72NoLDQo6RxAiFlmpnyQCGrs41YwwJEaFv4vnjKg7ugFsJUYeLR5IGoogYa_KR8Kem9gTbLcaKrQZrEtu2TK2gHHCW27XId3sJuU_0YX08yYR4j3f9nqSVUVhOqPGWKhd52nbsSnZFVGxnwi5SvaVeJj8iu3plzd6aPkBMXCAjT2Ht1-HGTB85TFK7UTfwqXzBSr5KAcZzJT2t3f2zJnat1eR4HUf7jcs5LCyJnZSkj_Ot7eFh0EKJqFj7pUhiU-KXPp5NsCap_conUGo6OslBHaDBPWw0_dsbLHu4ygrKw3XV6jcjxZOxb4RYAIXkkasKuulrXU1JSbMJeiwNqov8DqPUnLhdbTCcKdqP3qqUNuonQcgW2lcc9-VwUguTbkFQ7Sue-lm3Zg-KH30PUg1lX8xl_k4SgekaDAuh56HRdtEsVTXb8EEhQSWhzgTIjQtZhQaDkN6foaRjHSfuR3WaJy2mifefcPW6bkJfCWO-cNPNaWoe899egP910jqSXMbT0PPq39E_p7lnq2yw5WRv1R4lwpgzMUBQiE4lBgzHYsWvmio3Zoog-y2JM2JF1FFFLFDRHOOS0BSoxSOUt3NiahaPy8NHO5i4-yIH8kybGthRUnP0fKDhdEpsRiRbbH0NIlFTmA9lyA7V7nQ&sai=AMfl-YReyMazWkTXLiQHFUy647p1smXT0NsRKWucKFd0uxOFbhTAcU3rZ6YiPd983n3NRyWUL0mg0QqLYcSW8UNzSqChOh2LON0qYOuJZTcXlMwItCXuoc2D0WIs6rIKfx94LdHZ8L8ikJm_oLjMPnam660KY_8Gijgj5YR4EN8&sig=Cg0ArKJSzJMvy1Lbjw_HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 07 Feb 2022 00:23:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame F34B
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjElMejASABMAE&v=APEucNVkovQw1GwCCN8yinlxdYOha7Gk5eJUAx2jBC_BLF_0ihOjWw3wSV0rEJnSQxFJI_1sfG096wIbqBATBTfJpPJA1hEu3g
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEH88RNY9zUuciIbFKXsJkaQ&google_cver=1

43 B
163 B

81ms
23ms

Image
image/gif

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEH88RNY9zUuciIbFKXsJkaQ&google_cver=1
Protocol: HTTP/1.1
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 00:23:30 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEH88RNY9zUuciIbFKXsJkaQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F34B 0
20 B 78ms
75ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIor6z4ans9QIV4RPTCh0J5QeIEAAYACCRpoJHQhMI8fz94Kns9QIVIM-7CB2T0gEu;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame F34B 42 B
63 B 85ms
84ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIor6z4ans9QIV4RPTCh0J5QeIEAAYACCRpoJHQhMI8fz94Kns9QIVIM-7CB2T0gEu;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15092%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D689926183%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644193410981;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F34B 42 B
64 B 84ms
81ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlj1JgICAoZitEWAKv2itp2CgYrM0UNFR3Q42xy9N1KqL_a5FFF4LcdjGPSMa0xTRz24GNjH7twS03dN8DDPc151BMBq8Ocesx5nlqEvHKrvgq_s_-HQ&sai=AMfl-YRFdVHssLu5ypEmbzsx6BcPemZI0s70nVaxvnAWoWPDuOw0pV2B2sO7kqMkyj52K-mcmBoMTqKdOPU1fuQFRK0KS5V7pN3KU833f7RFhM310AsNmd2UhkwwE2Y44uE&sig=Cg0ArKJSzJ8Wn1XTtGR9EAE&cid=CAASFeRoH53qOEEOH9xTTgzZuF81AeUasg&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15092%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D689926183%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1644193410981&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F34B 42 B
108 B 80ms
79ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ca9i1gWYAYrG4JqCe7_UPk6WH8ALwgNv5ZqOUpuLJDe-Ot7bmDBABIIiAvxRg-_n2gogKoAGx-v_qAsgBBagDAcgDmwSqBPgBT9B98iTsnRCyxjrabHT8oSsw9aecTzdD0Yw6293Q7JmfvHpZxTtmYZcwOrmwdCuUsEMhBokwTht3B3sHjqtTlPyfCuywNvwOACkYYxMB7f50PisJV1IeKcmvx0TbKUJX-NerQyz8mVEQxkKZoQZ1KAWx0-VRimrHjpvJOYGG7AlytA0Gz29VKiqN3TqX_8YIk86y6UQK_xjgVjXj-yub17AsbGTUB3LMa0MK1SIfEpeviv2ys1TNg5ybC_seM-R_IDH06-NA6l6P9N5wbrOhNBphzg3x7MNJiSYgGa0d2DZ_iZaVrWT3KUOsYefhGKPw0DYYQWqQsgPABPaauLO8A-AEA5AGAaAGeYAHt4WAlQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgPICwHgCwGADAGwE8rQgg7QEwDYEw2IFAvYFAHQFQH4FgGAFwE&sigh=Yw6opJ1OL_s&label=vast_creativeview&ad_mt=5&acvw=sv%3D20211103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D15092%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D689926183%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1644193410981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F34B 0
54 B 324ms
23ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kzbyaz6l&c=7577529250257&slotId=3788764625128.5&qqid=CPH8_eCp7PUCFSDPuwgdk9IBLg&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=700&mt=video%2Fmp4&vs=854x480&dm=15000&event_name=first_play&asset_bytes=191071&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.13k~videopreviewstarted.13o
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIor6z4ans9QIV4RPTCh0J5QeIEAAYACCRpoJHQhMI8fz94Kns9QIVIM-7CB2T0gEu;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,237,293,744%26tos%3D2007,0,0,0,0%26mtos%3...
ade.googlesyndication.com/ddm/activity/ Frame F34B 42 B
63 B 62ms
61ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIor6z4ans9QIV4RPTCh0J5QeIEAAYACCRpoJHQhMI8fz94Kns9QIVIM-7CB2T0gEu;met=1;acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,237,293,744%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2169%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D0%26dur%3D15092%26vmtime%3D2173%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2169%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D689926183%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1644193410981;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F34B 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlj1JgICAoZitEWAKv2itp2CgYrM0UNFR3Q42xy9N1KqL_a5FFF4LcdjGPSMa0xTRz24GNjH7twS03dN8DDPc151BMBq8Ocesx5nlqEvHKrvgq_s_-HQ&sai=AMfl-YRFdVHssLu5ypEmbzsx6BcPemZI0s70nVaxvnAWoWPDuOw0pV2B2sO7kqMkyj52K-mcmBoMTqKdOPU1fuQFRK0KS5V7pN3KU833f7RFhM310AsNmd2UhkwwE2Y44uE&sig=Cg0ArKJSzJ8Wn1XTtGR9EAE&cid=CAASFeRoH53qOEEOH9xTTgzZuF81AeUasg&id=lidarv&acvw=sv%3D20211103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,237,293,744%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2169%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D0%26dur%3D15092%26vmtime%3D2173%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2169%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D689926183%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1644193410981

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 00:23:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rentry.co/	1970-01-20 18:14:25	Name: _ga Value: GA1.2.1057750278.1644193409
.rentry.co/	1970-01-20 00:44:39	Name: _gid Value: GA1.2.1457074413.1644193409
.rentry.co/	1970-01-20 00:43:13	Name: _gat_gtag_UA_102083007_1 Value: 1
rentry.co/	1970-01-20 01:26:25	Name: _pbjs_userid_consent_data Value: 3524755945110770
.rentry.co/	1970-01-20 09:28:49	Name: _pubcid Value: ca98cacb-2ef1-429c-ab72-1c7b2c770127
rentry.co/	1970-01-20 10:04:49	Name: cto_bidid Value: wCtaZF93eUZBZnYxY2xZJTJCZldHb2VsZm9ZbUs0TThXRHd1dnJmT00lMkJRbEl3bVNDU0w1dEVGdUdlTWdQUlNEJTJCWEZFYlVHUFFpWDRqWGNZTnlXdyUyQjBJWEJ6MTRnJTNEJTNE
rentry.co/	1970-01-20 10:04:49	Name: cto_bundle Value: 95JKqV9kSGNudnloNzFab0duMEpHWWN4MCUyQnhiMDNFTU9QaGdpcTJldDlNc3A2Zkh6RmNWYWFGaFlXNVlhVExpNXglMkJnYVUwR0tucUlZMW81cUdMJTJCUW9YJTJGNHYlMkZwbmpBQjclMkZrMzQ3Y01kY3BEZXZnJTJCZWNkZUpsV1M4aWxOdW9rOEI2Zk5o
.rentry.co/	1970-01-20 10:04:49	Name: __gads Value: ID=60d92149325bb4ec-22307a8535cd00fe:T=1644193409:S=ALNI_MbBe_ejYEAopaJQJ0KBDk0F1S2Dgw
.doubleclick.net/	1970-01-20 10:04:49	Name: IDE Value: AHWqTUlKLT06BQJNHKknO7gydRkcLviy0IoIqx4og4V6oaPyeCH4EFOwX-YnWErq-Os

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3ed813f636e7ee636d8f7f2d8a060733.safeframe.googlesyndication.com
ad-events.flashtalking.com
ade.googlesyndication.com
adservice.google.com
adservice.google.fr
bid.g.doubleclick.net
c.amazon-adsystem.com
cdn.doubleverify.com
cdn.flashtalking.com
cdn.id5-sync.com
cm.g.doubleclick.net
csi.gstatic.com
dsh7ky7308k4b.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
id5-sync.com
imasdk.googleapis.com
mug.criteo.com
pagead2.googlesyndication.com
rentry.co
rtb-csync.smartadserver.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
servedby.flashtalking.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
vast.doubleverify.com
vtrk.doubleverify.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.111.219.144
13.32.118.209
141.95.3.10
142.250.184.226
142.250.185.194
142.250.185.98
142.251.5.155
178.250.2.146
178.62.43.64
18.132.186.86
18.66.109.174
185.86.137.132
2.18.232.99
209.197.3.19
213.254.244.24
216.239.32.3
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a02:2638:1::13
2a02:26f0:6c00:2b2::4469
46.105.202.126
51.158.178.115
54.195.86.178
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f1e31d197fbbf008b19ffaf62195cbc52f1cd661a5d944df0c21b4f50eaa171
10f9e2f3d6316b84f1d8c88f995eca4114a80abcff1cd31b12b70db156a9fe3b
14ff2c478f7515ec8cff44e667afe5e4196d34a72a7012ac1700e600ab266d67
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f5bb7c30a182fdcc143fbf31ed1376643177a8683322505a0a900b24ba23687
21294e61d01277b6a544b022ac14733e2c921ca8dfd7cd6242c95a1247158151
2320eeef93a73d273017d23c63606ad8802caf548cc76d54df43bcb8d0b1f4b5
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
33685e0552d6dde5163a22558998f88807afbbac4df14efac987cdbcaff4144f
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
54f1f6e63f07a77ff6c9fcf5eebe71b8f5f39f6e354a92a1dec6b1c027a0c6f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60d76e5d3d47c3f67063f6ad8c4c19906031164734d901e60a8842d0a292a1cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
77b923d7d68d7a23932556cdb7dbdd90c910eced95957b8d34d044b2155f18d0
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
85f9b3868ce1bfaf386ed00ed4dcb4ef320c7a9a758025cd703f2e82bd616cd4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
ba64f29e05cffb5609a03cd6b5f109dc3d5c10361abd7f652c38c91b28d0f76f
be99da4881333e71e1cba0f936b20dd8c417e7ebac45b0a6c673230f5bdb6ff1
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
ca04d5c5a5c10a9b0e792c7b703c8069cbd7ec4356448bc3362f23a18e6bbc4e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8c4889b48ff7a5c9c005e0f5b3303969d109cde7ce87e11fc98c64262b49d
e925ac27fd0b042b9df10e6f21609e40b6d940fe567af2ea901bc5890100c22b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e305217aedbb800239d44c960dbad8d94d9773e428a35141221d54e5bb9691
ffb3557748c4d35b52ac07a90d7dfbc38f2a2e8432039c94fd168cdf2b925d53

rentry.co Open in urlscan Pro 51.158.178.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

94 %HTTPS

42 %IPv6

17 Domains

35 Subdomains

32 IPs

5 Countries

2485 kBTransfer

3882 kBSize

9 Cookies

3 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rentry.co Open in urlscan Pro
51.158.178.115 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

94 %
HTTPS

42 %
IPv6

17
Domains

35
Subdomains

32
IPs

5
Countries

2485 kB
Transfer

3882 kB
Size

9
Cookies

70 HTTP transactions
1 data transactions