auesk.cfd/?aD1mNmM2OWMzYjBiZDJmNTIwZWM3MjZjMjNiZGY0Mjk3ZCZ1c2VyPTE3MyZzaWQ9NzImdHlwZT1jJmFkY29kZT0yJnRtcD01&file=Hyouge_Mono_v17.rar
172.67.187.144 1.0 kB URL auesk.cfd/?aD1mNmM2OWMzYjBiZDJmNTIwZWM3MjZjMjNiZGY0Mjk3ZCZ1c2VyPTE3MyZzaWQ9NzImdHlwZT1jJmFkY29kZT0yJnRtcD01&file=Hyouge_Mono_v17.rar
IP 172.67.187.144:0
File type HTML document, ASCII text, with CRLF, LF line terminators
Hash 6498703e0d1a777cd13aa3b94abf0069
517cc8116e23869f46d6ab704b1d6d00af8beb4b
124f81265c0060a73e5c5d54c9d417e5689cda86558a00a7fbb0b841109cf1c0
GET /?aD1mNmM2OWMzYjBiZDJmNTIwZWM3MjZjMjNiZGY0Mjk3ZCZ1c2VyPTE3MyZzaWQ9NzImdHlwZT1jJmFkY29kZT0yJnRtcD01&file=Hyouge_Mono_v17.rar HTTP/1.1
Host: auesk.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:04 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mh9Ct1hVMCAEUyDf8Mruo5%2B487c%2BRBNBvoaIysdv2ln157ezYp0hldnH7VstDXtrcpX8qhHEO9VgkQH%2B2phavTjYG1Vre%2FuVlX%2FAZg5rHlUxmLJ7La7i1s31jkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c52b39f35690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ey18yuot4.xyz/?32_1=dbcbfa5eeb33f05ff0c1c2c54802ca8d&s=Hyouge_Mono_v17rar&t=58
172.67.155.160 7.1 kB URL ey18yuot4.xyz/?32_1=dbcbfa5eeb33f05ff0c1c2c54802ca8d&s=Hyouge_Mono_v17rar&t=58
IP 172.67.155.160:0
File type JavaScript source, ASCII text, with very long lines (1125), with CRLF, LF line terminators
Hash 7f2f9b24822d711f37678a108f260e99
b3bd4efa8f6b854aa0db84ea4d1747da69345dfc
5df3494ac9928c15fdea02cfd284097ccb1b083325725f44c7d06d4cb6f41cfc
POST /?32_1=dbcbfa5eeb33f05ff0c1c2c54802ca8d&s=Hyouge_Mono_v17rar&t=58 HTTP/1.1
Host: ey18yuot4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Origin: https://auesk.cfd
DNT: 1
Connection: keep-alive
Referer: https://auesk.cfd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:05 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaJ9X9BeMgEgzlBWamICikwoBPkRix2Zod8tX1U2Cem7ddqzUjVb8KHax%2BeHtN46upvHX5Z66EN6OIpp6yJL0GHcwn%2ButtkEHBTN4rRChZDhliHCcC64R1mMp0vzpEsJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8773c5309c3556a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ey18yuot4.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
172.67.155.160 0 B URL ey18yuot4.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP 172.67.155.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: ey18yuot4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Sat, 20 Apr 2024 08:30:05 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWF2msx3c14itHqf%2Fx%2FnwYhnRco6Llud7gMJ2ma4bD7o%2F6Y2EF%2BcvOcWbhV%2BQUQUnzJ3ka%2BYSHGSHArYI%2Fgezi6zH3%2Fd2fT2bSzdct0k1cZfUgHTwVU7QebF3XwD0Z9h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c534e8bc56cb-OSL
alt-svc: h3=":443"; ma=86400
ey18yuot4.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8773c5309c3556a2
172.67.155.160 0 B URL ey18yuot4.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8773c5309c3556a2
IP 172.67.155.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8773c5309c3556a2 HTTP/1.1
Host: ey18yuot4.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12267
Origin: https://ey18yuot4.xyz
DNT: 1
Connection: keep-alive
Referer: https://ey18yuot4.xyz/?32_1=dbcbfa5eeb33f05ff0c1c2c54802ca8d&s=Hyouge_Mono_v17rar&t=58
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 08:30:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=WUm4pl4uyTDoqfvDtsDdWXHhXG1BKmDCMHJrNFvdZsI-1713601805-1.0.1.1-.icuu94RG_zqz0XrzrQC5WhY4221N2lqiOdiRJ6Q5HvQ.HJC2gUnFjmRihIEbauuiKE.scVnCvyJ3I2ElyBqfQ; path=/; expires=Sun, 20-Apr-25 08:30:05 GMT; domain=.ey18yuot4.xyz; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bITWlEPPNMYiNDc43lDiWJ%2FtIJ24B6fwAHfFN6ki3Jsu%2FRcwvNTvNeIz5ONL3LSNkQCYfIzXofcpeUcsnodmu%2FYVAsut0kYNTMGxFF8yDI78Rnwrv1OdKLlA7LX%2Bz2c1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8773c535d99356cb-OSL
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET
142.250.74.168200 OK 92 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET
IP 142.250.74.168:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File type JavaScript source, ASCII text, with very long lines (5955)
Hash 2610fdec9deaf55633c425681b84fe38
cf26c1a14ecd7fb80f9a2e0ee9e4f2f71d3082bf
e6a998441aa5e838cbf48b91a7702d7719152350ff4c75c54a618250e0404459
GET /gtag/js?id=G-LLFSDKZXET HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Apr 2024 08:30:09 GMT
expires: Sat, 20 Apr 2024 08:30:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.9.169200 OK 580 B URL GET HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1371)
Hash 00a8e13a83b2bbab51af8e55f52be363
57340eb5c07e50d96f4a04bd4c220f0f24cec649
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 20 Apr 2024 08:30:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Last-Modified: Thu, 18 Apr 2024 08:50:22 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 171193
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SLYX0Nezk11cqvyNho41m1jYgtZMZzkHsuJBlE0aQ9LhHp9c3L%2BGlYBpC%2BtGcLU%2BoOiMql%2BiHIVH12Czr8oEXgxMz6hmvHIWXgaDxixrZuqv5pBx5obAzKO%2Brv9O6Qg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8773c5511d0a1c0e-OSL
Content-Encoding: br
cdn4.buysellads.net/pub/rentryco.js?1713601800000
152.42.150.143200 OK 199 kB URL GET HTTP/2 cdn4.buysellads.net/pub/rentryco.js?1713601800000
IP 152.42.150.143:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerLet's Encrypt
Subjectcdn4.buysellads.net
FingerprintE1:60:C2:B9:99:59:13:6E:1F:80:00:C3:35:3D:38:E1:79:A1:20:09
ValidityThu, 04 Apr 2024 14:04:09 GMT - Wed, 03 Jul 2024 14:04:08 GMT
File type JavaScript source, ASCII text, with very long lines (61281)
Size 199 kB (199182 bytes)
Hash 5ae435a66c3837866ed18b28aef245e9
bf62408357cc9ea8b171f9c6b5f1bbba2ca784c2
500bc109e7c2be533da208f6b8b53606decfbf0bd64c7b7fc1aad31fbf0a7eae
GET /pub/rentryco.js?1713601800000 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: gzip
content-type: application/javascript
etag: ff48f20a56cd313ae997f5270318d544367c1497
server: srv-ams3-1
vary: Accept-Encoding
date: Sat, 20 Apr 2024 08:30:09 GMT
X-Firefox-Spdy: h2
hb.yellowblue.io/hb-multi
143.204.55.93200 OK 83 B URL POST HTTP/2 hb.yellowblue.io/hb-multi
IP 143.204.55.93:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerAmazon
Subject*.yellowblue.io
FingerprintF6:26:FE:49:4A:50:FB:11:34:86:E2:79:8F:43:68:A1:1E:B6:8D:6B
ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hash 6c8449367f9af61220fc8469f04027cf
16e5dfb9937ad2769540c7f70e8485f4638f0e2b
1a3ed1c720c136a334880d9a36b84d07257cfa854782093c575d56c3ec92910c
POST /hb-multi HTTP/1.1
Host: hb.yellowblue.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Content-Length: 1360
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 83
date: Sat, 20 Apr 2024 08:30:10 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://rentry.co
x-reason: do not track ifa
x-envoy-upstream-service-time: 1
server: istio-envoy
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lMMBf8XC4jTkjsEqdWQhZJMgzQ8srrfxemhvGL0N37Ah9cwlLgB6gA==
X-Firefox-Spdy: h2
script.4dex.io/a/latest/adagio.js
104.26.9.169200 OK 22 kB URL GET HTTP/1.1 script.4dex.io/a/latest/adagio.js
IP 104.26.9.169:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerCloudflare, Inc.
Subjectscript.4dex.io
FingerprintAB:9B:A2:70:ED:27:23:EF:84:14:22:FF:67:9F:5D:50:06:2D:04:28
ValidityMon, 23 Oct 2023 00:00:00 GMT - Tue, 22 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65354)
Hash 2cea63505a74309263526b320f034c82
130ca3583955d4785e871e9950c05775975d81e9
c3c9508e905060bb9518439718aef255b2e29968eb9a33422b28426d96ff5946
GET /a/latest/adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 20 Apr 2024 08:30:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"2cea63505a74309263526b320f034c82"
Last-Modified: Thu, 18 Apr 2024 08:50:17 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers:
CF-Cache-Status: HIT
Age: 171183
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FltkLP4cw5LSmmitwzgcMpq8PnvTnC2m%2F9LPS%2B9eV8LvbJrbmSOgfzHbKsCsCdhDUzRqJMyBwnhzcCD7QEK8O6ZUY%2Bcr2PtJE0VNLYWxTzhAIX5%2FKUNDlSzdIRdLI76"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8773c551c87ab4f3-OSL
Content-Encoding: br
cadmus.script.ac/dahhc4ozyvjm6/script.js
104.18.22.145200 OK 3 B URL GET HTTP/2 cadmus.script.ac/dahhc4ozyvjm6/script.js
IP 104.18.22.145:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerLet's Encrypt
Subjectscript.ac
Fingerprint4D:86:BC:C1:1E:A2:FC:60:16:78:68:84:45:63:AB:01:3C:D3:C4:7F
ValidityMon, 26 Feb 2024 17:39:21 GMT - Sun, 26 May 2024 17:39:20 GMT
Hash b519d08ef66fd54910edbedba6181ec2
8d06436c33a3086259f2f1ccaf03425707eeff17
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
GET /dahhc4ozyvjm6/script.js HTTP/1.1
Host: cadmus.script.ac
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: application/javascript
content-length: 3
age: 0
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c551de3a56a8-OSL
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.253200 OK 41 B URL POST HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.253:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Content-Length: 1885
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://rentry.co
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.46864356407527374
104.26.2.70200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.46864356407527374
IP 104.26.2.70:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectad-delivery.net
Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18
ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.46864356407527374 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 613118
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BeU8RQ0TjWzUi%2F4Ktdi4Qd0r9up3LAP5pqGwOotLPYH3zWNjjn%2BC%2BK6rspXavM5AuA8UKZVj2pEjUFbSTF6cKz7My3yZwH11ZCmHw5mRDZQzwucQTbh6A2WLjPgHoTEd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c552ff50568a-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=2
104.26.2.70200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.2.70:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectad-delivery.net
Fingerprint03:56:A5:CD:68:65:E1:00:BD:87:3E:45:0C:B1:3B:C2:2C:8C:4E:18
ValidityTue, 19 Mar 2024 04:48:01 GMT - Mon, 17 Jun 2024 04:48:00 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPoR4JXLqkfpf-u09lS0JRH4wHiZk5pp3DpGwPYXSZHMyeJV_4xQVHswRg5LBcY1bjGFi2uKubkW3g
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 13 Apr 2024 07:11:32 GMT
cache-control: public, max-age=86400
age: 613118
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yd0tb3dReqmuNccvBuTNgichGO3Yc4E9OuYdFqosTx9sfblxppgehU26jshPaXdrQvjzk8UMw2RIP%2BDgS9mlnQSondAtvht6kyf9ooF85CY83L%2Bkh2BNYv%2FPtWtAAcln7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c552ef4e568a-OSL
X-Firefox-Spdy: h2
c.4dex.io/pba.gif?v=1&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban
35.241.34.106200 OK 43 B URL GET HTTP/2 c.4dex.io/pba.gif?v=1&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban
IP 35.241.34.106:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectc.4dex.io
Fingerprint4B:88:1D:92:82:C6:1F:65:AB:6C:11:5F:5E:09:AF:4B:42:06:FC:8A
ValiditySun, 25 Feb 2024 00:57:21 GMT - Sat, 25 May 2024 01:51:35 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pba.gif?v=1&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban HTTP/1.1
Host: c.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: -1
cache-control: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rentry.co/static/css/bootstrap.min.css?v=85
188.114.96.1200 OK 32 kB URL GET HTTP/3 rentry.co/static/css/bootstrap.min.css?v=85
IP 188.114.96.1:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectrentry.co
Fingerprint84:20:CC:39:9B:56:36:76:23:C0:86:49:01:6F:14:C1:A6:B6:F1:52
ValidityWed, 21 Feb 2024 12:50:49 GMT - Tue, 21 May 2024 12:50:48 GMT
File type ASCII text, with very long lines (65324)
Hash b5c6b9fce1d231e04e9d13367d000374
9134aa3c495f930904644802bc32a62bab05233b
27b86cf042b9b4e90b8618499e4ebcaefb04d56d9a2cb18bf5b6a824e594f224
GET /static/css/bootstrap.min.css?v=85 HTTP/1.1
Host: rentry.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/tpv4u546
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 08:30:09 GMT
content-type: text/css
last-modified: Thu, 25 Jan 2024 10:57:01 GMT
etag: W/"65b23e7d-2dab4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, vary
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 5075952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CW0%2FE4TRIWNHYb6L%2FPcHp2FZAcEVWeI%2Bdb18BuAuWFkkZLVhNMvOZ%2FkzhxvCZMA6OHQMHGdB%2FebdpxTFjzAQeLKxq%2FuPTJR2SnjY9VtwCe8yEXYMZvJozCPgjYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c54ce840b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
c.4dex.io/pba.gif?v=1&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban
35.241.34.106200 OK 43 B URL GET HTTP/2 c.4dex.io/pba.gif?v=1&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban
IP 35.241.34.106:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectc.4dex.io
Fingerprint4B:88:1D:92:82:C6:1F:65:AB:6C:11:5F:5E:09:AF:4B:42:06:FC:8A
ValiditySun, 25 Feb 2024 00:57:21 GMT - Sat, 25 May 2024 01:51:35 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pba.gif?v=1&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban HTTP/1.1
Host: c.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: -1
cache-control: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 252 B URL POST HTTP/2 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint67:2D:49:EE:1E:AF:D8:2B:B2:85:1A:C5:39:29:91:05:8E:5E:6F:AA
ValidityWed, 14 Feb 2024 00:00:00 GMT - Sun, 16 Mar 2025 23:59:59 GMT
Hash 08f8413d53a87f32953fbabf643cb0be
e3fc794b2e9584a6381947776748d26124b70f0b
c6b85146bb0237ecb47d5657bc0d98702b10b3fe0bc8bbfaf57dbfa4d0f9b934
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Content-Length: 1149
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.4
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: application/json; charset=utf-8
content-length: 252
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://rentry.co
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 11fdc6af-191a-494f-95d7-5ae7408d0e12
x-proxy-origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-Firefox-Spdy: h2
api.btloader.com/country?o=5102648370397184
130.211.23.194200 OK 37 B URL GET HTTP/2 api.btloader.com/country?o=5102648370397184
IP 130.211.23.194:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F
ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hash bdfe458835550c34f45fc9fdfeebb12a
0f08aa02e7bcbf4c5e991a5defb2fdbd03a86f3d
ad26ec64cc613fbfbd47faaf39f9921c2b19769bde1d3c5c2857a671e7863cf9
GET /country?o=5102648370397184 HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Sat, 20 Apr 2024 08:30:10 GMT
content-length: 37
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.btloader.com/pv?tid=brcjoYGw8a&w=5123465689956352&o=5102648370397184&cv=2.1.41&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Frentry.co%2Ftpv4u546&sid=2Ejg7siXi&pm=true&upapi=true
130.211.23.194204 No Content 0 B URL GET HTTP/2 api.btloader.com/pv?tid=brcjoYGw8a&w=5123465689956352&o=5102648370397184&cv=2.1.41&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Frentry.co%2Ftpv4u546&sid=2Ejg7siXi&pm=true&upapi=true
IP 130.211.23.194:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F
ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=brcjoYGw8a&w=5123465689956352&o=5102648370397184&cv=2.1.41&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Frentry.co%2Ftpv4u546&sid=2Ejg7siXi&pm=true&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Sat, 20 Apr 2024 08:30:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.4dex.io/pba.gif?v=2&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
35.241.34.106200 OK 43 B URL GET HTTP/2 c.4dex.io/pba.gif?v=2&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
IP 35.241.34.106:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectc.4dex.io
Fingerprint4B:88:1D:92:82:C6:1F:65:AB:6C:11:5F:5E:09:AF:4B:42:06:FC:8A
ValiditySun, 25 Feb 2024 00:57:21 GMT - Sat, 25 May 2024 01:51:35 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pba.gif?v=2&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0 HTTP/1.1
Host: c.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: -1
cache-control: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c.4dex.io/pba.gif?v=2&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
35.241.34.106200 OK 43 B URL GET HTTP/2 c.4dex.io/pba.gif?v=2&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
IP 35.241.34.106:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectc.4dex.io
Fingerprint4B:88:1D:92:82:C6:1F:65:AB:6C:11:5F:5E:09:AF:4B:42:06:FC:8A
ValiditySun, 25 Feb 2024 00:57:21 GMT - Sat, 25 May 2024 01:51:35 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pba.gif?v=2&pbjsv=8.41.0&org_id=1116&site=rentry-co&pv_id=d4c1f10b-27b5-49c5-b2de-107871aad3ee&auct_id=de1306f1-94f5-48f9-ade4-d8c9e7c3d1c0&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0 HTTP/1.1
Host: c.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: -1
cache-control: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1713601810328
51.89.9.253204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?cb=1713601810328
IP 51.89.9.253:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1713601810328 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
51.89.9.253204 No Content 0 B URL GET HTTP/2 onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
IP 51.89.9.253:443
Requested by https://public.servenobid.com/sync.html
Certificate IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90
ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
145.40.97.66302 Found 0 B URL GET HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
IP 145.40.97.66:443
Requested by https://public.servenobid.com/sync.html
Certificate IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA1:19:DD:ED:07:5D:68:74:9A:FE:2B:DF:66:5F:D6:E6:F5:B4:1E:6C
ValidityWed, 06 Mar 2024 11:52:06 GMT - Tue, 04 Jun 2024 11:52:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sat, 20 Apr 2024 08:30:13 GMT
location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
cdn.dxkulture.com/x/sync.html
172.64.145.29200 OK 1.0 kB URL GET HTTP/2 cdn.dxkulture.com/x/sync.html
IP 172.64.145.29:443
Requested by https://public.servenobid.com/sync.html
Certificate IssuerLet's Encrypt
Subjectcdn.dxkulture.com
Fingerprint08:8A:93:66:15:58:5B:EC:72:44:E6:F7:AD:5E:C0:DA:78:CE:F1:DB
ValidityThu, 28 Mar 2024 07:07:58 GMT - Wed, 26 Jun 2024 07:07:57 GMT
File type HTML document, ASCII text, with very long lines (1419)
Hash b7776e85a0ac06cc13e3979ecb8c702a
7563c4f12577bca360f1baa1529456bcb1a3bcc2
e45b16644d6093c4ee2081adaeee4cb4e4a82dbe795e16ba05651d7260bb4831
GET /x/sync.html HTTP/1.1
Host: cdn.dxkulture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:14 GMT
content-type: text/html
last-modified: Wed, 10 Apr 2024 13:45:25 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx00000bb692190f893b456-0066169893-8d8bb0c3-nyc3c
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 4cf2344c-b5f4-4372-87f8-a2f54204ed44
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: HIT
age: 1310
set-cookie: __cf_bm=igjQ5Eo7dVDI5_exgulikERrWkhMVqaiVKJDIHP3Jns-1713601814-1.0.1.1-IYfHh70P8KRdUYo5WiAUeI3tR7_neVIvUyqJpglhFCgbS7F.8p8sMS9YTWE7o3w5UYUuA9LSNUnLxnyqyhEnJQ; path=/; expires=Sat, 20-Apr-24 09:00:14 GMT; domain=.cdn.dxkulture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8773c5698c9256c5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
44.215.221.116204 No Content 0 B URL GET HTTP/2 cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
IP 44.215.221.116:443
Requested by https://public.servenobid.com/sync.html
Certificate IssuerAmazon
Subject*.yellowblue.io
Fingerprint3E:2F:02:15:24:62:BE:D4:BC:D1:64:8E:24:5F:A0:20:D8:CD:E1:DA
ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D HTTP/1.1
Host: cs-server-s2s.yellowblue.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 20 Apr 2024 08:30:14 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
35.173.121.173204 No Content 0 B URL GET HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
IP 35.173.121.173:443
Requested by https://public.servenobid.com/sync.html
Certificate IssuerAmazon
Subjectssp.disqus.com
Fingerprint96:FD:73:B5:E9:EF:6E:2E:4D:32:F8:DA:60:AD:74:67:56:BA:B7:89
ValiditySat, 21 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 20 Apr 2024 08:30:14 GMT
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ads.dxkulture.com/xuid
45.55.126.71200 OK 0 B IP 45.55.126.71:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://cdn.dxkulture.com/x/sync.html
Certificate IssuerLet's Encrypt
Subjectads.dxkulture.com
FingerprintAB:DB:C9:37:E1:B0:D9:3E:D1:11:FD:AF:BA:29:99:C9:C6:48:21:11
ValidityWed, 27 Mar 2024 07:55:48 GMT - Tue, 25 Jun 2024 07:55:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xuid HTTP/1.1
Host: ads.dxkulture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.dxkulture.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 20 Apr 2024 08:30:15 GMT
Content-Length: 0
Connection: close
Cache-Control: no-cache, no-store
Set-Cookie: mtuid=33e217fc-b1fa-44ed-a4de-eb3d6643372f; Path=/; Domain=dxkulture.com; Expires=Thu, 17 Oct 2024 08:30:15 GMT; Secure; SameSite=None
Vary: Origin
Strict-Transport-Security: max-age=15724800; includeSubDomains
ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26uid%3D%24UID&partner=kulturemedia
35.173.121.173204 No Content 0 B URL GET HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26uid%3D%24UID&partner=kulturemedia
IP 35.173.121.173:443
Requested by https://cdn.dxkulture.com/x/sync.html
Certificate IssuerAmazon
Subjectssp.disqus.com
Fingerprint96:FD:73:B5:E9:EF:6E:2E:4D:32:F8:DA:60:AD:74:67:56:BA:B7:89
ValiditySat, 21 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26uid%3D%24UID&partner=kulturemedia HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.dxkulture.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 20 Apr 2024 08:30:15 GMT
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ads.dxkulture.com/usync/lr.gif
45.55.126.71302 Found 107 B URL GET HTTP/1.1 ads.dxkulture.com/usync/lr.gif
IP 45.55.126.71:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://cdn.dxkulture.com/x/sync.html
Certificate IssuerLet's Encrypt
Subjectads.dxkulture.com
FingerprintAB:DB:C9:37:E1:B0:D9:3E:D1:11:FD:AF:BA:29:99:C9:C6:48:21:11
ValidityWed, 27 Mar 2024 07:55:48 GMT - Tue, 25 Jun 2024 07:55:47 GMT
File type HTML document, ASCII text
Hash bebac8e4b1f2ce7e8cc124d375a2b617
3b3da7928526b54274e971334b7db932545a12bd
4fdef4aa0e3769d3cde64ee644c34c5972f893740ecd5a7e135ff3e6ec8f082d
GET /usync/lr.gif HTTP/1.1
Host: ads.dxkulture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.dxkulture.com/
Cookie: mtuid=33e217fc-b1fa-44ed-a4de-eb3d6643372f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sat, 20 Apr 2024 08:30:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 107
Connection: close
Location: https://idsync.rlcdn.com/712910.gif?partner_uid=33e217fc-b1fa-44ed-a4de-eb3d6643372f
Vary: Origin
Strict-Transport-Security: max-age=15724800; includeSubDomains
ads.dxkulture.com/usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID
45.55.126.71301 Moved Permanently 119 B URL GET HTTP/1.1 ads.dxkulture.com/usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID
IP 45.55.126.71:443
ASN #14061 DIGITALOCEAN-ASN
Requested by https://cdn.dxkulture.com/x/sync.html
Certificate IssuerLet's Encrypt
Subjectads.dxkulture.com
FingerprintAB:DB:C9:37:E1:B0:D9:3E:D1:11:FD:AF:BA:29:99:C9:C6:48:21:11
ValidityWed, 27 Mar 2024 07:55:48 GMT - Tue, 25 Jun 2024 07:55:47 GMT
File type HTML document, ASCII text
Hash 97b6b0662c7953cc0d9311e1e9879be8
dca001f59169eadbf2246dcf66d5b8c243f45884
dfb3e7662a64131a5d8b51c836e76c15e9bb9a6674f358d5b370f301c3ddb14b
GET /usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID HTTP/1.1
Host: ads.dxkulture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.dxkulture.com/
Cookie: mtuid=33e217fc-b1fa-44ed-a4de-eb3d6643372f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sat, 20 Apr 2024 08:30:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 119
Connection: close
Location: https://ads.servenobid.com/sync?pid=369&uid=33e217fc-b1fa-44ed-a4de-eb3d6643372f
Vary: Origin
Strict-Transport-Security: max-age=15724800; includeSubDomains
ads.servenobid.com/sync?pid=369&uid=33e217fc-b1fa-44ed-a4de-eb3d6643372f
34.254.79.166200 OK 0 B URL GET HTTP/2 ads.servenobid.com/sync?pid=369&uid=33e217fc-b1fa-44ed-a4de-eb3d6643372f
IP 34.254.79.166:443
Requested by https://cdn.dxkulture.com/x/sync.html
Certificate IssuerAmazon
Subjectads.servenobid.com
FingerprintA5:AA:49:D0:11:97:9B:D6:A9:AE:1B:96:17:90:07:21:8A:CF:8E:C3
ValidityFri, 29 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=369&uid=33e217fc-b1fa-44ed-a4de-eb3d6643372f HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdn.dxkulture.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:16 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_369=33e217fc-b1fa-44ed-a4de-eb3d6643372f; domain=servenobid.com; SameSite=None; Expires=Sat, 27 Apr 2024 08:30:16 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
btloader.com/tag?o=5102648370397184&upapi=true
104.22.75.216200 OK 67 kB URL GET HTTP/2 btloader.com/tag?o=5102648370397184&upapi=true
IP 104.22.75.216:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectbtloader.com
Fingerprint70:F7:F9:F7:42:5B:08:2E:94:58:BB:71:DF:F9:4D:8C:F5:09:57:DA
ValiditySun, 14 Apr 2024 06:05:01 GMT - Sat, 13 Jul 2024 06:05:00 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 2c90fb1dbe6cb0041538a4245218adb0
1e53c5c83bb80cb789fb710073df0b1db6cfc0a3
603995372c4227eaf4b26f09a9d081270ba1379dc13ccb85bb14db9c8c86e15e
GET /tag?o=5102648370397184&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: application/javascript
content-length: 21415
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "a26047aefdc668c8678be3c881b3442c"
last-modified: Sat, 20 Apr 2024 08:15:21 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 885
accept-ranges: bytes
server: cloudflare
cf-ray: 8773c5516ec6930c-CPH
X-Firefox-Spdy: h2
rentry.co/favicon.ico
188.114.96.1200 OK 15 kB IP 188.114.96.1:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectrentry.co
Fingerprint84:20:CC:39:9B:56:36:76:23:C0:86:49:01:6F:14:C1:A6:B6:F1:52
ValidityWed, 21 Feb 2024 12:50:49 GMT - Tue, 21 May 2024 12:50:48 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash b102d58bb28a83de9b59fedcd08d17ea
8b6edee7f5d96b69c6e4f0c4e8376c640a34aa63
93eab1e1c50b4ff5b4aa5eefa6e85ce7bae235b52886914529c8b8aa4319f26c
GET /favicon.ico HTTP/1.1
Host: rentry.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/tpv4u546
DNT: 1
Connection: keep-alive
Cookie: _ga_LLFSDKZXET=GS1.1.1713601809.1.0.1713601809.0.0.0; _ga=GA1.1.338198841.1713601810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 08:30:09 GMT
content-type: image/x-icon
last-modified: Mon, 25 Mar 2024 11:12:19 GMT
etag: W/"66015c13-3aee"
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400, vary
cf-cache-status: HIT
age: 5045
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8i6rmMmqHiCH1X4Lyx%2F3Gbzdukg%2BDIBrJfxQQULHRf1cqQc0kIVQaqFa1YWA0FBKm9OSYIA0UR%2BtlwruwZP9Duc5k5kblD1SqyQkcx9HRIpAEqrhtZd22hGbLyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c54e4932b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
rentry.co/static/js/bootstrap.min.js?v=21
188.114.96.1200 OK 58 kB URL GET HTTP/3 rentry.co/static/js/bootstrap.min.js?v=21
IP 188.114.96.1:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectrentry.co
Fingerprint84:20:CC:39:9B:56:36:76:23:C0:86:49:01:6F:14:C1:A6:B6:F1:52
ValidityWed, 21 Feb 2024 12:50:49 GMT - Tue, 21 May 2024 12:50:48 GMT
File type JavaScript source, ASCII text, with very long lines (57791)
Hash e1d98d47689e00f8ecbc5d9f61bdb42e
6778fed3cf095a318141a31f455c8f4663885bde
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
GET /static/js/bootstrap.min.js?v=21 HTTP/1.1
Host: rentry.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/tpv4u546
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 08:30:09 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 10:57:00 GMT
etag: W/"65b23e7c-e2d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, vary
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 5075952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=05P4MA1NOZsiyWNHLJOlQss%2BTPiqneXcTCG9YNyFSkV9N38G4u3aNM1gjgiGQia3QGqzZ5VKY%2FNmboIquLfFbc5nQ%2Byn3ACdXn83%2F%2BqlO7iZO9dcPio39D9r8zY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c54ce844b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
188.114.96.1200 OK 9.8 kB URL User Request GET HTTP/2 IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectrentry.co
Fingerprint84:20:CC:39:9B:56:36:76:23:C0:86:49:01:6F:14:C1:A6:B6:F1:52
ValidityWed, 21 Feb 2024 12:50:49 GMT - Tue, 21 May 2024 12:50:48 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (9996), with no line terminators
Hash bef57a5929609f85fd7c2e44720db4ff
2be35169e995d83736b5b89492f4db3c018d4ce8
0bbc160528d26551973aa612871a05c3f7330647e8adcca5d477308235cdcc5b
GET /tpv4u546 HTTP/1.1
Host: rentry.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:09 GMT
content-type: text/html; charset=utf-8
vary: Origin, Cookie
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: Vary
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tBe9HzW9RJka9JL56XpXfgh4XE5BegpOAvTPl3MBL%2BtI7BRyo6YEDTIXuZxoYH7aBZIhX2nSDHVEv6WFpILor3Z3y2EPQjm37mS1CD16bzcxbqfAobLeZZjP2DY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8773c54c1e87b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
34.254.79.166200 OK 0 B URL GET HTTP/2 ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
IP 34.254.79.166:443
Requested by https://public.servenobid.com/sync.html
Certificate IssuerAmazon
Subjectads.servenobid.com
FingerprintA5:AA:49:D0:11:97:9B:D6:A9:AE:1B:96:17:90:07:21:8A:CF:8E:C3
ValidityFri, 29 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=327&uid=&us_privacy=1YN-&gdpr=0 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:14 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.servenobid.com/adreq?cb=10887
34.254.79.166200 OK 92 B URL POST HTTP/2 ads.servenobid.com/adreq?cb=10887
IP 34.254.79.166:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerAmazon
Subjectads.servenobid.com
FingerprintA5:AA:49:D0:11:97:9B:D6:A9:AE:1B:96:17:90:07:21:8A:CF:8E:C3
ValidityFri, 29 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e9b84c03062471ff6c7b91fe7efdb2aa
d6bfce017d4efe5cb4436c8319bf997d055105bd
e2dbba9994a7fe7f56194281a5b5386552140199beea9f175546d7d796e46434
POST /adreq?cb=10887 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Content-Length: 1036
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: application/json
access-control-allow-origin: https://rentry.co
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.34.178200 OK 66 B IP 104.18.34.178:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint02:E1:92:C5:72:6D:E0:64:4A:46:05:69:81:98:7C:43:13:E7:15:7A
ValidityTue, 01 Aug 2023 00:00:00 GMT - Wed, 31 Jul 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 11d1ae94e48460e0405bcc40b31de384
b149e18e71fde2a2a413017f2e077400fe8984f5
d747208190f9be45b2509596f8d09bba483af78f595147f1fa81defdcd9c49c0
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
content-type: text/plain
Content-Length: 1804
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 08:30:10 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://rentry.co
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
x-warn: Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1699624989460-1_123456, Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: bsa-zone_1700727262982-7_123456
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8773c5515f3d0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
api.btloader.com/mw/state?bt_env=prod
130.211.23.194204 No Content 0 B URL GET HTTP/2 api.btloader.com/mw/state?bt_env=prod
IP 130.211.23.194:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint91:D7:31:40:CA:23:84:1D:EC:B3:E5:18:FA:A1:67:B2:7E:BF:4D:3F
ValidityFri, 05 Apr 2024 16:07:23 GMT - Thu, 04 Jul 2024 17:00:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
Origin: https://rentry.co
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Sat, 20 Apr 2024 08:30:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rentry.co/static/js/jquery.min.js?v=21
188.114.96.1200 OK 92 kB URL GET HTTP/3 rentry.co/static/js/jquery.min.js?v=21
IP 188.114.96.1:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerGoogle Trust Services LLC
Subjectrentry.co
Fingerprint84:20:CC:39:9B:56:36:76:23:C0:86:49:01:6F:14:C1:A6:B6:F1:52
ValidityWed, 21 Feb 2024 12:50:49 GMT - Tue, 21 May 2024 12:50:48 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash 0d9824e6289fa893434c354eadde4075
b9a1358f185c7239829712de6830333829e9bd33
4c1add9ba5d6cde3a03149a022b61163b35c4d5c738cf32470e7e7bd611e4ac6
GET /static/js/jquery.min.js?v=21 HTTP/1.1
Host: rentry.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/tpv4u546
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 08:30:09 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 10:57:01 GMT
etag: W/"65b23e7d-166ee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, vary
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 5075952
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7U4L5mHxZoj8GKJh5vQ6lQkPGBztbW%2FhD5chtrr%2FnT2IRs10PxDnP7CK1R7okp0fI%2F3%2Fvzb2TsX2xeootsZRa%2BW7CR6%2FKfhVrA7d4ClIrxCEV4api5GK3E5GVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8773c54ce842b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
public.servenobid.com/sync.html
54.230.111.51200 OK 8.8 kB URL GET HTTP/2 public.servenobid.com/sync.html
IP 54.230.111.51:443
Requested by https://rentry.co/tpv4u546
Certificate IssuerAmazon
Subject*.servenobid.com
Fingerprint96:33:3B:11:8E:FE:89:CB:05:31:59:EF:8B:B5:EF:32:91:13:48:BB
ValidityFri, 08 Dec 2023 00:00:00 GMT - Sun, 05 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (9050), with no line terminators
Hash d67951daa3131c75fbfad1a09ec4b178
2d2a8e0c9cf93db5cfa9078610ecb308de963fe7
0cd88a27c3ff89128c7be5bef21ba5565b81b475e9fb5e0e1edd628edc5dbf0b
GET /sync.html HTTP/1.1
Host: public.servenobid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rentry.co/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 11 Apr 2024 21:40:36 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-content-sha256: 0046597e275c679c7baf4bc17a16f7541f9f38f204ecbef154219cfbfe8dbe01
x-amz-version-id: null
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:69374897-8ebf-443f-b8c0-1cc68fdce58a
x-amz-meta-codebuild-content-md5: 7222d9b5c21ee453bec6e6836a76e694
server: AmazonS3
content-encoding: gzip
date: Sat, 20 Apr 2024 02:08:36 GMT
cache-control: max-age=86400
etag: W/"ff07c8e3bd68ae557c7783f563f2e16b"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ifQ7jkiWKQpXzK4BIufm2eQPPTvA95rY-LOdxzvwPPs8YymerdGGnQ==
age: 22898
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2