Report - rentry.co/debloatguide/

Report Overview

Visited public
2024-10-14 22:01:53
Tags
Submit Tags
URL
rentry.co/debloatguide/
Finishing URL
rentry.co/debloatguide/
IP / ASN
104.26.2.16
#13335 CLOUDFLARENET
Title
So, you want to debloat Windows?

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
e5.o.lencr.org	unknown	unknown	No data	No data	326 B	728 B	23.36.76.226
rt.marphezis.com	unknown	unknown	No data	No data	458 B	437 B	188.166.203.175
ads.servenobid.com	1764	unknown	No data	No data	1.4 kB	1.5 kB	52.51.234.232
sync.cootlogix.com	unknown	unknown	No data	No data	609 B	506 B	159.223.143.204
prebid.a-mo.net	1148	unknown	No data	No data	527 B	297 B	163.5.194.30
btloader.com	169057	unknown	No data	No data	414 B	23 kB	172.67.41.60
c.4dex.io	6587	unknown	No data	No data	3.8 kB	2.0 kB	35.241.34.106
cs-server-s2s.yellowblue.io	15553	unknown	No data	No data	655 B	135 B	44.216.67.254
ad-delivery.net	1341	unknown	No data	No data	853 B	2.4 kB	172.67.69.19
r11.o.lencr.org	unknown	unknown	No data	No data	1.6 kB	4.4 kB	23.36.76.226
r10.o.lencr.org	unknown	unknown	No data	No data	1.3 kB	3.6 kB	23.36.77.32
cadmus.script.ac	unknown	unknown	No data	No data	408 B	400 B	104.18.22.145
ads.dxkulture.com	unknown	unknown	No data	No data	1.4 kB	1.2 kB	45.55.126.71
public.servenobid.com	3493	unknown	No data	No data	514 B	9.8 kB	143.204.55.90
www.googletagmanager.com	75	unknown	No data	No data	416 B	100 kB	142.250.74.168
o.pki.goog	unknown	unknown	No data	No data	2.0 kB	6.2 kB	142.250.74.67
onetag-sys.com	1840	unknown	No data	No data	1.6 kB	872 B	51.89.9.253
api.btloader.com	1320	unknown	No data	No data	1.0 kB	618 B	130.211.23.194
exchange.cootlogix.com	unknown	unknown	No data	No data	998 B	1.1 kB	198.211.114.214
ssp.disqus.com	7563	unknown	No data	No data	1.0 kB	270 B	54.145.172.243
rentry.co	152632	unknown	No data	No data	3.6 kB	205 kB	104.26.2.16
script.4dex.io	2135	unknown	No data	No data	820 B	21 kB	104.26.8.169
hb.yellowblue.io	10827	unknown	No data	No data	465 B	812 B	143.204.55.65
cdn4.buysellads.net	14158	unknown	No data	No data	419 B	722 kB	159.65.211.77
mp.4dex.io	2629	unknown	No data	No data	457 B	647 B	104.18.34.178
ib.adnxs.com	241	unknown	No data	No data	465 B	809 B	37.252.171.149
ocsp.e2m03.amazontrust.com	unknown	unknown	No data	No data	676 B	1.5 kB	54.230.218.11
cdn.dxkulture.com	unknown	unknown	No data	No data	524 B	3.4 kB	172.64.145.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-10-14 22:01:26	low	Client IP	104.26.2.16	ET INFO Observed Pastebin Service Domain (rentry .co in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	rentry.co/debloatguide/	ScriptElement	173 B	2023-10-14	2025-07-17
Pretty URL rentry.co/debloatguide/ IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-14 10:58 Last Seen2025-07-17 05:08 Times Seen428 Hash 469bb64c8f975ef313c63fc82a47849c f77a7fb434663acc643a31fc6646df0bdac02dba 13cdbe12e27208b08c7694a5ea20b699a46438a61ebb785b208ddc19b3c397c1 Loading...

	rentry.co/static/js/bootstrap.min.js?v=22	ScriptElement	58 kB	2023-03-07	2025-07-17
Pretty URL rentry.co/static/js/bootstrap.min.js?v=22 IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-17 05:08 Times Seen13514 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	cdn.dxkulture.com/x/sync.html	ScriptElement	0 B	0001-01-01	2025-07-17
Pretty URL cdn.dxkulture.com/x/sync.html IP 172.64.145.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-17 07:16 Times Seen5442931 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET	ScriptElement	286 kB	2024-10-14	2024-10-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-14 22:02 Last Seen2024-10-14 22:02 Times Seen1 Hash 1fcc335de86c01cef5bdc11f915d9dd3 88f7673df945a0823eeabbe98a28b7cf96c1b5e6 9e3875848d07a83477a4f69032e9eff27e490f882e8f4bfaf80c006a18d435fa Loading...

	rentry.co/debloatguide/sandbox%20eval%20code		148 B	2023-05-05	2025-07-17
Pretty URL rentry.co/debloatguide/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:57 Last Seen2025-07-17 05:22 Times Seen15946 Hash f019f144761e15f741f6ab1e4cf566a5 1c73bccb222e44ae4633750eda7c357460a81a03 4cacaf0fd3e370c4840c87c79f923f1ffb69ff7ce5d8172390783c8f83861d62 Loading...

	script.4dex.io/localstore.js	ScriptElement	1.4 kB	2024-04-16	2025-03-04
Pretty URL script.4dex.io/localstore.js IP 104.26.8.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:06 Last Seen2025-03-04 09:41 Times Seen3091 Hash 00a8e13a83b2bbab51af8e55f52be363 57340eb5c07e50d96f4a04bd4c220f0f24cec649 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7 Loading...

	btloader.com/tag?o=5102648370397184&upapi=true	ScriptElement	71 kB	2024-10-04	2024-10-15
Pretty URL btloader.com/tag?o=5102648370397184&upapi=true IP 172.67.41.60 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-04 10:11 Last Seen2024-10-15 17:52 Times Seen7 Hash 0a18cc78772a08b40766074e47c3ec48 453b8fea5ad5c49b4ede8efd413936beb50f4551 f2a82a44edb60b466f71de43966517bdfab8f23739328cce6d19b80a128142bd Loading...

	cadmus.script.ac/dahhc4ozyvjm6/script.js	ScriptElement	3 B	2023-03-07	2025-07-15
Pretty URL cadmus.script.ac/dahhc4ozyvjm6/script.js IP 104.18.22.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-07-15 16:16 Times Seen5897 Hash b519d08ef66fd54910edbedba6181ec2 8d06436c33a3086259f2f1ccaf03425707eeff17 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860 Loading...

	rentry.co/debloatguide/	ScriptElement	209 B	2023-03-29	2025-04-03
Pretty URL rentry.co/debloatguide/ IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 21:41 Last Seen2025-04-03 13:56 Times Seen96 Hash 92c05b6aef185a143da84f46c6c3f761 1ec8624936e1b194ca327fdd89bffbb090021bf7 01824b9744569df3c8d51147bfe4405c0446c7bebec55938d6f3aa8ce1de7ab8 Loading...

	rentry.co/debloatguide/	ScriptElement	241 B	2023-11-11	2025-07-17
Pretty URL rentry.co/debloatguide/ IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 06:33 Last Seen2025-07-17 05:08 Times Seen414 Hash 90bc7084c1e66f84896e4d9381f354dd 9ee0ed4d98181c637467ecfb26f569db784a5c46 741481fe766011c748f008b0f9903c05ce71d317b17e8db7cb0b4820be4eefb2 Loading...

	unknown	ScriptElement	236 B	2024-10-14	2024-10-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-14 22:02 Last Seen2024-10-14 22:02 Times Seen1 Hash 9ceff48e7e983cf052e4d3a311c30d53 deb45c94020873cf73d453a33d383c269d5327bf 98f1dd922370fdeb5cfaeb538b0475bd675a5e9eeec2901f6cddc336c0dab066 Loading...

	unknown	Function	63 kB	2024-08-28	2024-11-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-28 17:29 Last Seen2024-11-15 04:57 Times Seen570 Hash 8b751a3f50d88aebb8d27e1724b1c71a 7b77513d5605b061cff481180e240dd4e7deba23 4702de02ec8f60bc02564ae0f40a5eefcf45fda016580845bad2c4a2d7ca3f2c Loading...

	public.servenobid.com/sync.html	ScriptElement	9.1 kB	2024-08-11	2024-10-17
Pretty URL public.servenobid.com/sync.html IP 143.204.55.90 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-11 00:40 Last Seen2024-10-17 19:23 Times Seen112 Hash 5eada7208f953a587cc04506dbb9de31 1b6f21d679b342ab12820dc8aca3b0172ebbafa1 c1fcdcd1db33ad4caa7214f4674a237a706a50823e41fffd0b9fa5fe3466b0e1 Loading...

	rentry.co/debloatguide/	ScriptElement	485 B	2024-10-08	2025-06-11
Pretty URL rentry.co/debloatguide/ IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-08 15:06 Last Seen2025-06-11 09:46 Times Seen66 Hash 284f847614c290ff4042e68ef17d6fc3 b9f430b1407f8805762310ddd444e7ce0a4a8020 a333b69ad78ab627ef73927c2c93ca3e54607b54f7fce8ed8ac5cf81be403e62 Loading...

	rentry.co/static/js/jquery.min.js?v=22	ScriptElement	92 kB	2023-12-25	2024-10-17
Pretty URL rentry.co/static/js/jquery.min.js?v=22 IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-25 06:01 Last Seen2024-10-17 06:11 Times Seen286 Hash 0d9824e6289fa893434c354eadde4075 b9a1358f185c7239829712de6830333829e9bd33 4c1add9ba5d6cde3a03149a022b61163b35c4d5c738cf32470e7e7bd611e4ac6 Loading...

	cdn4.buysellads.net/pub/rentryco.js?1728943200000	ScriptElement	722 kB	2024-10-13	2024-10-14
Pretty URL cdn4.buysellads.net/pub/rentryco.js?1728943200000 IP 159.65.211.77 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-13 15:32 Last Seen2024-10-14 22:02 Times Seen2 Hash 2b214374a36d1d6a83bab331c023b5fc ae0ef5be2aa199a3ca11d9349d3108a07f3fb0cc 1d142186dc561ce41670f5472d230e8f7ef2badef7097b91f8f515729720a35c Loading...

	rentry.co/debloatguide/	ScriptElement	921 B	2024-10-14	2024-10-14
Pretty URL rentry.co/debloatguide/ IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-14 22:02 Last Seen2024-10-14 22:02 Times Seen1 Hash b6d3ddb5ea787f38e01f6392be9b1e76 f2f5f0204dc3e2eef59fcff1bf9be6aeb2a57756 b6c9c0f077f47bd275e07388ae828ebd1b71cb18bb81f5457238a6883e694874 Loading...

	rentry.co/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.0 kB	2024-10-14	2024-10-14
Pretty URL rentry.co/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.2.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-14 21:37 Last Seen2024-10-14 22:02 Times Seen3 Hash c7f40d06a486975b664d940140b4a717 2da2b72b0e938778d0880c6ae694a06576020d13 ab921df4ea7804169b17b7caf8335874bb7511b87c2d1be2543d8a27a31c230f Loading...

	c.amazon-adsystem.com/aax2/apstag.js	ScriptElement	1.6 kB	2023-05-05	2025-07-17
Pretty URL c.amazon-adsystem.com/aax2/apstag.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:57 Last Seen2025-07-17 05:22 Times Seen15678 Hash 7099d0c144c906961206e41b26b23c05 59a67da2d27d4e5fc0e183bb2baeebe39404f553 3f19f9cf504b435adb7e62aac1b420facfc0048d6a4950910fd6f126548cc69e Loading...

HTTP Transactions (62)

	URL	IP	Response	Size
	r10.o.lencr.org/	23.36.77.32	200 OK	504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 8c678121da7ea2edc90ea014cf3552af 3d76ebd2a3aba8dab56e3c15310551e9b226e249 1839e2eb73c24c27fda8e6bf4715b73ce52cc1c059bd1dfd9b739e71409cda3b HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "1839E2EB73C24C27FDA8E6BF4715B73CE52CC1C059BD1DFD9B739E71409CDA3B" Last-Modified: Mon, 14 Oct 2024 08:07:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12723 Expires: Tue, 15 Oct 2024 01:33:28 GMT Date: Mon, 14 Oct 2024 22:01:25 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32	200 OK	504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 4ef646b0e9b7327e4a942f9294833f80 292c5eafd5f9d4c35b11f0f3d456cdbe77e30c21 eb25c0ba5c8244185a6c004482f85ef91889d1f4f368d44bf009bb957e776f28 HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "EB25C0BA5C8244185A6C004482F85EF91889D1F4F368D44BF009BB957E776F28" Last-Modified: Sun, 13 Oct 2024 04:16:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12898 Expires: Tue, 15 Oct 2024 01:36:23 GMT Date: Mon, 14 Oct 2024 22:01:25 GMT Connection: keep-alive`

	r10.o.lencr.org/	23.36.77.32	200 OK	504 B
URL r10.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 56575c1ee1a13dc9b3b9cbbbeb550407 818d2c9ecafa6e391ce4f19a4bd601b3d5531ccd 10541b95854d95ab545073ed31ff3473355942b1bf0038b86eac59c77d4854eb HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "10541B95854D95AB545073ED31FF3473355942B1BF0038B86EAC59C77D4854EB" Last-Modified: Mon, 14 Oct 2024 14:21:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13146 Expires: Tue, 15 Oct 2024 01:40:32 GMT Date: Mon, 14 Oct 2024 22:01:26 GMT Connection: keep-alive`

	GET rentry.co/static/css/bootstrap.min.css?v=22	104.26.2.16	200 OK	32 kB
URL GET HTTP/2 rentry.co/static/css/bootstrap.min.css?v=22 IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type ASCII text, with very long lines (65324) Size 32 kB (32205 bytes) Hash 7e886f055c565347877eb8a59f9313fd 83cc0906cd406e37d27559104dccb2aa161436fa b9919f6ccf0b6890862b269838378a11c1b2ca5990b8a07ba93785427a7f2c02 HTTP Headers `GET /static/css/bootstrap.min.css?v=22 HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/debloatguide/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:26 GMT content-type: text/css last-modified: Tue, 17 Sep 2024 18:32:20 GMT etag: W/"66e9cb34-2dc2f" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, vary x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 2345277 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTETaoSx%2FlazcS7CVW%2FNjUk121hoQXb3RsHdlwIYFFEj0bd%2BAZNWJhR390rCIEFlSBSj%2FmRHu7Aruiqdxoy0Iu1aqjykN1NHMCCtv8J17cYypco0AoxK2Bh%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad916bcd87129-OSL content-encoding: br X-Firefox-Spdy: h2

	GET rentry.co/static/js/bootstrap.min.js?v=22	104.26.2.16	200 OK	16 kB
URL GET HTTP/2 rentry.co/static/js/bootstrap.min.js?v=22 IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type JavaScript source, ASCII text, with very long lines (57791) Size 16 kB (16382 bytes) Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b HTTP Headers `GET /static/js/bootstrap.min.js?v=22 HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/debloatguide/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:26 GMT content-type: application/javascript last-modified: Tue, 17 Sep 2024 18:32:20 GMT etag: W/"66e9cb34-e2d8" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, vary x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 2345277 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BrASbCzj8%2BM%2BYFvHU%2BOOzdxKZmDNEmUk9I6HggrBmd3OogMder7OjxDqF5U5Eev0viBskKN29WaImJ3%2Bw%2B9khc%2BgYWwB0iAbCXNVUGXIpNxBmku1qh4Nuom7Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad916cce07129-OSL content-encoding: br X-Firefox-Spdy: h2

	GET www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET	142.250.74.168	200 OK	99 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-LLFSDKZXET IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint67:C2:D2:52:FF:49:65:5C:79:F7:93:22:F8:32:AB:11:AA:AB:6B:F7 ValidityTue, 24 Sep 2024 02:46:00 GMT - Tue, 17 Dec 2024 02:45:59 GMT File type JavaScript source, ASCII text, with very long lines (5945) Size 99 kB (98792 bytes) Hash 1fcc335de86c01cef5bdc11f915d9dd3 88f7673df945a0823eeabbe98a28b7cf96c1b5e6 9e3875848d07a83477a4f69032e9eff27e490f882e8f4bfaf80c006a18d435fa HTTP Headers `GET /gtag/js?id=G-LLFSDKZXET HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 14 Oct 2024 22:01:27 GMT expires: Mon, 14 Oct 2024 22:01:27 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} server: Google Tag Manager content-length: 98792 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	GET rentry.co/cdn-cgi/challenge-platform/scripts/jsd/main.js	104.26.2.16	302 Found	0 B
URL GET HTTP/2 rentry.co/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 302 Found date: Mon, 14 Oct 2024 22:01:27 GMT content-length: 0 location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js? cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public access-control-allow-origin: * report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gao0juA8IadGT%2BkIMkSp9PZGVlMYUYFeorpdsH0EZjKvrcmXxHbAnbLx7p8SLnJDpQl2WMod16dplgxNliJYFJBCZfJDycsK3%2FKMlh1gIpeqf%2FjVgqqDB9mAsg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad9189f8e7129-OSL X-Firefox-Spdy: h2

	o.pki.goog/wr2	142.250.74.67	200 OK	472 B
URL o.pki.goog/wr2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6efafec3849eca2c8b089f6e76a90696 2c6cae040fe44e78a606fd21e2b59bb1b3f37063 1a56afb4f773022b71a02986f065a01580927fa3a45a56637f2933b349f9c907 HTTP Headers `POST /wr2 HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 14 Oct 2024 22:01:27 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	e5.o.lencr.org/	23.36.76.226	200 OK	344 B
URL e5.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 344 B (344 bytes) Hash 2fed993b883c763fea36b133103cc590 1d41182c8b35f2a713b77abf79e78cd93d572a2c ef7cf4986e69037141c948c32270c9340d07ff9177ad07ce3233568e6f6c3c7f HTTP Headers `POST / HTTP/1.1 Host: e5.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 344 ETag: "EF7CF4986E69037141C948C32270C9340D07FF9177AD07CE3233568E6F6C3C7F" Last-Modified: Sun, 13 Oct 2024 22:32:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17549 Expires: Tue, 15 Oct 2024 02:53:56 GMT Date: Mon, 14 Oct 2024 22:01:27 GMT Connection: keep-alive`

	POST rentry.co/cdn-cgi/challenge-platform/h/b/jsd/r/8d2ad913f85a7129	104.26.2.16	200 OK	0 B
URL POST HTTP/2 rentry.co/cdn-cgi/challenge-platform/h/b/jsd/r/8d2ad913f85a7129 IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /cdn-cgi/challenge-platform/h/b/jsd/r/8d2ad913f85a7129 HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Content-Length: 12134 Origin: https://rentry.co DNT: 1 Connection: keep-alive Referer: https://rentry.co/debloatguide/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:27 GMT content-type: text/plain; charset=UTF-8 content-length: 0 set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.rentry.co; Priority=High; HttpOnly; Secure; SameSite=None cf_clearance=82SpgSmuF_mABJzKlm9yK9_LdMyND8ILVKrKjcJr9KE-1728943287-1.2.1.1-COlt186.xj7GvvB89yT8c0o.3_Mv_oeXwQ_W1BgrFVXzCcTX1SQtnEeMs9_k8506J5B4.glhEDCr1nVDjm9wgzbL_d3eBgectOQja2ALCCFsEVpRZYCyDVL.qNskv9aiNVvzrzyChi.2xBlwO5Uc.3kov676pQOUrjUE5Qy30SkGO9cowZZj.jxCB50TLv98KxAVWaHfJ5Arcxy2RZT7ZYBaI7tKc5A7m2ac0kf1ZiYxnhqsTiXE.3g_CTBTRcOlRwCddVRzHSO_tsB27opJFAlQT.h.2l0x3lprSF5PvTSPV91D8uLho2l2EI1rrXxNMZmhCni8UcqgneeeGUsnow; Path=/; Expires=Tue, 14-Oct-25 22:01:27 GMT; Domain=.rentry.co; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfIQibh7AQYyycVKP9hFms%2F1FUAyPlZACap3JShWkYOGZQoGJdXsXL7ME8mEjU8GoYrRhhYLWjbCQpJ9S3QNE6XkW1ZEigXNiwW73HCUSE3%2F1QfshQFxZ6o5oA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8d2ad91a5a3f7129-OSL X-Firefox-Spdy: h2

	GET btloader.com/tag?o=5102648370397184&upapi=true	172.67.41.60	200 OK	23 kB
URL GET HTTP/2 btloader.com/tag?o=5102648370397184&upapi=true IP 172.67.41.60:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectbtloader.com FingerprintF7:C9:36:49:34:40:BA:B8:DE:36:F7:ED:6B:F1:54:AD:40:C8:A9:19 ValidityTue, 08 Oct 2024 07:25:21 GMT - Mon, 06 Jan 2025 07:25:20 GMT File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 23 kB (22552 bytes) Hash 0a18cc78772a08b40766074e47c3ec48 453b8fea5ad5c49b4ede8efd413936beb50f4551 f2a82a44edb60b466f71de43966517bdfab8f23739328cce6d19b80a128142bd HTTP Headers `GET /tag?o=5102648370397184&upapi=true HTTP/1.1 Host: btloader.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:27 GMT content-type: application/javascript content-length: 22552 cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300 content-encoding: gzip etag: "c9d50cfa7287a531c6d0b54630c01b92" last-modified: Mon, 14 Oct 2024 21:53:27 GMT vary: Origin, Accept-Encoding x-robots-tag: noindex, nofollow via: 1.1 google cf-cache-status: HIT age: 255 accept-ranges: bytes server: cloudflare cf-ray: 8d2ad91c1efd56b9-OSL X-Firefox-Spdy: h2

	GET script.4dex.io/localstore.js	104.26.8.169	200 OK	580 B
URL GET HTTP/1.1 script.4dex.io/localstore.js IP 104.26.8.169:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectscript.4dex.io Fingerprint47:B5:FE:D4:D2:33:E9:E3:16:14:FC:E8:38:56:A0:F7:D1:57:D7:D7 ValiditySat, 21 Sep 2024 23:41:56 GMT - Sat, 21 Dec 2024 00:41:53 GMT File type JavaScript source, ASCII text, with very long lines (1371) Size 580 B (580 bytes) Hash 00a8e13a83b2bbab51af8e55f52be363 57340eb5c07e50d96f4a04bd4c220f0f24cec649 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7 HTTP Headers `GET /localstore.js HTTP/1.1 Host: script.4dex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 22:01:27 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Cache-Control: public, max-age=1800 ETag: W/"00a8e13a83b2bbab51af8e55f52be363" Last-Modified: Wed, 28 Aug 2024 15:06:32 GMT Vary: Accept-Encoding CF-Cache-Status: HIT Age: 1407188 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kxxyInE%2B%2FeBJ7f2jgalY2fzcs42mGtv6zLP%2BXxOQ%2BkUGrwmUDx%2B3TZALxyl4t1oxrwx8GzyvkIxKWnEusId%2FeVdBMRt3Ld%2FTSPl3TAp9%2Fglqr8iUlYXms7GpqA0uOgn"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d2ad91c9b8856c1-OSL Content-Encoding: br

	POST hb.yellowblue.io/hb-multi	143.204.55.65	200 OK	108 B
URL POST HTTP/2 hb.yellowblue.io/hb-multi IP 143.204.55.65:443 ASN #16509 AMAZON-02 Requested by https://rentry.co/debloatguide/ Certificate IssuerAmazon Subject.yellowblue.io FingerprintF6:26:FE:49:4A:50:FB:11:34:86:E2:79:8F:43:68:A1:1E:B6:8D:6B ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type JSON text data Size 108 B (108 bytes) Hash 20de84a60aabcf06f5cb31755b5a60b6 449e27ea7d20f43e66d3f61555e851b8bc812d01 0dbdda4fd59108707daad321a1d4a1e3507a8d67cc7751aa99c1bebc4f7c8091 HTTP Headers `POST /hb-multi HTTP/1.1 Host: hb.yellowblue.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 1374 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/json content-length: 108 date: Mon, 14 Oct 2024 22:01:27 GMT access-control-allow-credentials: true access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With access-control-allow-methods: GET, OPTIONS access-control-allow-origin: https://rentry.co content-encoding: gzip x-reason: do not track ifa x-envoy-upstream-service-time: 2 server: istio-envoy x-cache: Miss from cloudfront via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: vctHtrvGnKErLD4kjH1xYSU4h2TjMcCTkF5A0rgyhJJnvbPAUiBnaw== X-Firefox-Spdy: h2

	GET cadmus.script.ac/dahhc4ozyvjm6/script.js	104.18.22.145	200 OK	3 B
URL GET HTTP/2 cadmus.script.ac/dahhc4ozyvjm6/script.js IP 104.18.22.145:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerLet's Encrypt Subjectscript.ac FingerprintE3:B2:70:06:64:54:E4:B4:25:FC:11:FF:E2:10:5E:1F:3B:A9:78:5B ValidityWed, 21 Aug 2024 15:35:30 GMT - Tue, 19 Nov 2024 15:35:29 GMT File type ASCII text Size 3 B (3 bytes) Hash b519d08ef66fd54910edbedba6181ec2 8d06436c33a3086259f2f1ccaf03425707eeff17 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860 HTTP Headers `GET /dahhc4ozyvjm6/script.js HTTP/1.1 Host: cadmus.script.ac User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:27 GMT content-type: application/javascript content-length: 3 age: 0 cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200 etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e" last-modified: Mon, 01 Jan 2018 00:00:00 GMT vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad91d889d56c4-OSL X-Firefox-Spdy: h2`

	GET script.4dex.io/a/latest/adagio.js	104.26.8.169	200 OK	19 kB
URL GET HTTP/1.1 script.4dex.io/a/latest/adagio.js IP 104.26.8.169:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectscript.4dex.io Fingerprint47:B5:FE:D4:D2:33:E9:E3:16:14:FC:E8:38:56:A0:F7:D1:57:D7:D7 ValiditySat, 21 Sep 2024 23:41:56 GMT - Sat, 21 Dec 2024 00:41:53 GMT File type JavaScript source, ASCII text, with very long lines (62425) Size 19 kB (18994 bytes) Hash 3bd20e5fbdd6d804d194856ed36c4ccb 8417d54e1621d36d687f7d983b051398856b0d1f c06f0ff3bff18094a91fb345b425c2d6cbac9fb8ea56f6db2e879cd49fa36510 HTTP Headers `GET /a/latest/adagio.js HTTP/1.1 Host: script.4dex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 22:01:27 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Origin: * Cache-Control: public, max-age=1800 ETag: W/"3bd20e5fbdd6d804d194856ed36c4ccb" Last-Modified: Wed, 28 Aug 2024 15:06:29 GMT Vary: Origin, Accept-Encoding Access-Control-Expose-Headers: CF-Cache-Status: HIT Age: 1407104 Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0Ck61W3Wfau7DtRwPn0%2B%2Fnq5oa1Es%2BVu5qpKLsYDc%2BwYzRBt2WPIkUHZ%2Bd6XJ92rRFAvaKvTWiQgPOBPhCAD6KQcNS3Fx%2FCXMj2i%2F6Y5SChgw6j%2BAcOOPzLVmrR2hUg"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8d2ad91d8d1456ab-OSL Content-Encoding: br

	POST rt.marphezis.com/hb	188.166.203.175	204 No Content	0 B
URL POST HTTP/2 rt.marphezis.com/hb IP 188.166.203.175:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://rentry.co/debloatguide/ Certificate IssuerSectigo Limited Subject.marphezis.com Fingerprint6F:63:01:32:09:D9:BE:4B:F8:91:E6:14:FB:7B:BA:10:B1:4F:93:F4 ValidityTue, 12 Dec 2023 00:00:00 GMT - Fri, 10 Jan 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /hb HTTP/1.1 Host: rt.marphezis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 678 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 204 No Content date: Mon, 14 Oct 2024 22:01:27 GMT access-control-allow-origin: https://rentry.co access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS access-control-allow-headers: Content-Type, Authorization, X-Requested-With access-control-allow-credentials: true access-control-expose-headers: Content-Length access-control-max-age: 86400 cache-control: no-store pragma: no-cache expires: 0 X-Firefox-Spdy: h2`

	GET ad-delivery.net/px.gif?ch=2	172.67.69.19	200 OK	43 B
URL GET HTTP/2 ad-delivery.net/px.gif?ch=2 IP 172.67.69.19:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectad-delivery.net Fingerprint38:D1:FD:58:74:1F:51:30:B5:83:EF:C9:64:4C:D1:6E:B7:C7:14:B7 ValidityThu, 12 Sep 2024 11:17:38 GMT - Wed, 11 Dec 2024 11:17:37 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `GET /px.gif?ch=2 HTTP/1.1 Host: ad-delivery.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:28 GMT content-type: image/gif content-length: 43 x-goog-generation: 1620242732037093 x-goog-metageneration: 5 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 43 x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * access-control-expose-headers: * x-guploader-uploadid: ABPtcPqbKSdoxbAA410mrggZiKfDXsJhP9ixcj5r_g42RwC-BpGRQV1l4taKqygKMi5bdZIZlA expires: Sat, 14 Sep 2024 07:25:02 GMT cache-control: public, max-age=86400 age: 2644887 last-modified: Wed, 05 May 2021 19:25:32 GMT etag: "ad4b0f606e0f8465bc4c4c170b37e1a3" cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3O7z0XDn49RtMNT%2FMbPJMvrck6sjjqrjFAa9kjtgr%2FLhwHcsEYC2anPHOxojnRgGCMYPGXU8d0w9dTLl0EIIsmJZ5MaTQf3WcCPwBIO%2B4gY993Tcgf7KBZKXh6BbRDexTg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad91e3ea156c6-OSL X-Firefox-Spdy: h2

	POST onetag-sys.com/prebid-request	51.89.9.253	200 OK	41 B
URL POST HTTP/2 onetag-sys.com/prebid-request IP 51.89.9.253:443 ASN #16276 OVH SAS Requested by https://rentry.co/debloatguide/ Certificate IssuerDigiCert Inc Subject.onetag-sys.com Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90 ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type JSON text data Size 41 B (41 bytes) Hash c6a1847e6d7bb4295ecdae2664affb5d b332217021c4a707f950ebc9294cda83cb2eb77f 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 HTTP Headers `POST /prebid-request HTTP/1.1 Host: onetag-sys.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 1902 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK access-control-allow-origin: https://rentry.co access-control-allow-headers: content-type, origin, referer, user-agent access-control-allow-credentials: true p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control: no-transform, no-cache content-type: application/json content-encoding: gzip content-length: 41 strict-transport-security: max-age=15552000 alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900 X-Firefox-Spdy: h2`

	GET ad-delivery.net/px.gif?ch=1&e=0.5809699289507447	172.67.69.19	200 OK	43 B
URL GET HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.5809699289507447 IP 172.67.69.19:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectad-delivery.net Fingerprint38:D1:FD:58:74:1F:51:30:B5:83:EF:C9:64:4C:D1:6E:B7:C7:14:B7 ValidityThu, 12 Sep 2024 11:17:38 GMT - Wed, 11 Dec 2024 11:17:37 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers `GET /px.gif?ch=1&e=0.5809699289507447 HTTP/1.1 Host: ad-delivery.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:28 GMT content-type: image/gif content-length: 43 x-goog-generation: 1620242732037093 x-goog-metageneration: 5 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 43 x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow== x-goog-storage-class: MULTI_REGIONAL access-control-allow-origin: * access-control-expose-headers: * x-guploader-uploadid: ABPtcPqbKSdoxbAA410mrggZiKfDXsJhP9ixcj5r_g42RwC-BpGRQV1l4taKqygKMi5bdZIZlA expires: Sat, 14 Sep 2024 07:25:02 GMT cache-control: public, max-age=86400 age: 2644887 last-modified: Wed, 05 May 2021 19:25:32 GMT etag: "ad4b0f606e0f8465bc4c4c170b37e1a3" cf-cache-status: HIT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wT4GK53ndEexBc2wZI6koxZAeSQSKeJ6giiRPX618yOuBcY%2FzVlYky40Nn9W%2FWk1z0p8ykH61SYWrj42Ehyl0J6g7YnL0rb7BxnIvhqit2S1vUrNOES9cHL0tWu6USlAVg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad91e3ea956c6-OSL X-Firefox-Spdy: h2

	o.pki.goog/s/wr3/32w	142.250.74.67	200 OK	472 B
URL o.pki.goog/s/wr3/32w IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 65917e8664a3fbad3444cf2bc8cf7bd3 cefd2ed9757302cf74d61af7f90673e07c3015e1 40589d662c918d9d4bcdcdb9f4a04aa38b06942e0ed3012615071268be3abca6 HTTP Headers `POST /s/wr3/32w HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 14 Oct 2024 22:01:28 GMT Cache-Control: public, max-age=14400 Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/sytroprc:52:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/sytroprc:52:0"}],} Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN

	o.pki.goog/s/wr3/32w	142.250.74.67	200 OK	472 B
URL o.pki.goog/s/wr3/32w IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 65917e8664a3fbad3444cf2bc8cf7bd3 cefd2ed9757302cf74d61af7f90673e07c3015e1 40589d662c918d9d4bcdcdb9f4a04aa38b06942e0ed3012615071268be3abca6 HTTP Headers `POST /s/wr3/32w HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 14 Oct 2024 22:01:28 GMT Cache-Control: public, max-age=14400 Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/sytroprc:52:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/sytroprc:52:0"}],} Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN

	o.pki.goog/s/wr3/dlE	142.250.74.67	200 OK	471 B
URL o.pki.goog/s/wr3/dlE IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9b1b287b826ebf9bc56b06bca9a4ced5 9e0dc2aa14b00e2c35a7edafcba4355af7a0a3cf 9d5ed7794516b96e40c92e027aacd671a781c6a7878375c95f0795e443979add HTTP Headers `POST /s/wr3/dlE HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 14 Oct 2024 22:01:28 GMT Cache-Control: public, max-age=14400 Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/sytroprc:52:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/sytroprc:52:0"}],} Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN

	GET c.4dex.io/pba.gif?v=1&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban	35.241.34.106	200 OK	43 B
URL GET HTTP/2 c.4dex.io/pba.gif?v=1&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban IP 35.241.34.106:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectc.4dex.io FingerprintD4:0E:8D:DB:CC:EA:9F:EB:13:63:33:93:35:85:C0:ED:DE:1E:BF:2F ValiditySun, 18 Aug 2024 13:49:25 GMT - Sat, 16 Nov 2024 14:42:38 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers GET /pba.gif?v=1&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban HTTP/1.1 Host: c.4dex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 14 Oct 2024 22:01:28 GMT content-type: image/gif content-length: 43 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires: -1 cache-control: no-cache via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	POST mp.4dex.io/prebid	104.18.34.178	200 OK	124 B
URL POST HTTP/2 mp.4dex.io/prebid IP 104.18.34.178:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectmp.4dex.io Fingerprint56:F6:75:F5:D4:2C:0C:16:22:3A:0E:5D:4A:D5:00:BC:1D:33:CD:E2 ValidityThu, 29 Aug 2024 01:52:26 GMT - Wed, 27 Nov 2024 01:52:25 GMT File type gzip compressed data, from Unix Size 124 B (124 bytes) Hash 1b2fd5ef3dc6ffe341237ec9a821267b 0b2883608d0772dd4c00e60e18f6301bba4293a4 e80b98f06d6218aedc52aed02f5cc9ddbd43485e716b2066a77eac988a9b47f3 HTTP Headers `POST /prebid HTTP/1.1 Host: mp.4dex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 1812 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:27 GMT content-type: application/json; charset=utf-8 access-control-allow-credentials: true access-control-allow-origin: https://rentry.co cache-control: no-cache, no-store, must-revalidate expires: 0 pragma: no-cache vary: Origin, Accept-Encoding x-err: Shapings: no adunits with size and seat and mapping x-version: 3.0.0-gcp-ams via: 1.1 google cf-cache-status: DYNAMIC server: cloudflare cf-ray: 8d2ad91d0c8e568a-OSL content-encoding: gzip X-Firefox-Spdy: h2

	GET api.btloader.com/country?o=5102648370397184	130.211.23.194	200 OK	37 B
URL GET HTTP/2 api.btloader.com/country?o=5102648370397184 IP 130.211.23.194:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectapi.btloader.com FingerprintE9:22:7F:19:59:05:BB:3B:A1:7C:02:8B:42:5B:86:2A:EF:A6:DD:4C ValidityTue, 01 Oct 2024 03:06:26 GMT - Mon, 30 Dec 2024 03:57:38 GMT File type JSON text data Size 37 B (37 bytes) Hash bdfe458835550c34f45fc9fdfeebb12a 0f08aa02e7bcbf4c5e991a5defb2fdbd03a86f3d ad26ec64cc613fbfbd47faaf39f9921c2b19769bde1d3c5c2857a671e7863cf9 HTTP Headers `GET /country?o=5102648370397184 HTTP/1.1 Host: api.btloader.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK access-control-allow-origin: * cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600 content-type: application/json vary: Origin date: Mon, 14 Oct 2024 22:01:28 GMT content-length: 37 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	GET api.btloader.com/pv?tid=ooLO8vmn&w=5123465689956352&o=5102648370397184&cv=2.1.59-1-g78ed83d&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Frentry.co%2Fdebloatguide%2F&sid=OUFalAOT3&pm=true&upapi=true	130.211.23.194	204 No Content	0 B
URL GET HTTP/2 api.btloader.com/pv?tid=ooLO8vmn&w=5123465689956352&o=5102648370397184&cv=2.1.59-1-g78ed83d&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Frentry.co%2Fdebloatguide%2F&sid=OUFalAOT3&pm=true&upapi=true IP 130.211.23.194:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectapi.btloader.com FingerprintE9:22:7F:19:59:05:BB:3B:A1:7C:02:8B:42:5B:86:2A:EF:A6:DD:4C ValidityTue, 01 Oct 2024 03:06:26 GMT - Mon, 30 Dec 2024 03:57:38 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /pv?tid=ooLO8vmn&w=5123465689956352&o=5102648370397184&cv=2.1.59-1-g78ed83d&widget=false&r=false&vr=1280x1024&pageURL=https%3A%2F%2Frentry.co%2Fdebloatguide%2F&sid=OUFalAOT3&pm=true&upapi=true HTTP/1.1 Host: api.btloader.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 204 No Content access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate vary: Origin date: Mon, 14 Oct 2024 22:01:28 GMT via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	o.pki.goog/s/wr3/32w	142.250.74.67	200 OK	472 B
URL o.pki.goog/s/wr3/32w IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 65917e8664a3fbad3444cf2bc8cf7bd3 cefd2ed9757302cf74d61af7f90673e07c3015e1 40589d662c918d9d4bcdcdb9f4a04aa38b06942e0ed3012615071268be3abca6 HTTP Headers `POST /s/wr3/32w HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 14 Oct 2024 22:01:28 GMT Cache-Control: public, max-age=14400 Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/sytroprc:52:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/sytroprc:52:0"}],} Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN

	o.pki.goog/s/wr3/dlE	142.250.74.67	200 OK	471 B
URL o.pki.goog/s/wr3/dlE IP 142.250.74.67:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 9b1b287b826ebf9bc56b06bca9a4ced5 9e0dc2aa14b00e2c35a7edafcba4355af7a0a3cf 9d5ed7794516b96e40c92e027aacd671a781c6a7878375c95f0795e443979add HTTP Headers `POST /s/wr3/dlE HTTP/1.1 Host: o.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 14 Oct 2024 22:01:28 GMT Cache-Control: public, max-age=14400 Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/sytroprc:52:0 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/sytroprc:52:0"}],} Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN

	POST exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc	198.211.114.214	204 No Content	0 B
URL POST HTTP/2 exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc IP 198.211.114.214:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://rentry.co/debloatguide/ Certificate IssuerSectigo Limited Subject.cootlogix.com Fingerprint42:4E:B5:0E:ED:B9:5B:73:77:57:21:E2:AA:3E:A0:B3:D5:3D:A9:D8 ValidityThu, 19 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /prebid/multi/65e9e879eab3382166f737dc HTTP/1.1 Host: exchange.cootlogix.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 885 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 204 No Content access-control-allow-origin: https://rentry.co cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control set-cookie: vdz_sync=748e90d2-4759-d2cb-d9e3-a49b1e0d2056; Domain=.cootlogix.com; Path=/; Expires=Wed, 13 Nov 2024 22:01:28 GMT; Secure; SameSite=None content-length: 0 date: Mon, 14 Oct 2024 22:01:28 GMT X-Firefox-Spdy: h2

	POST ib.adnxs.com/ut/v3/prebid	37.252.171.149	200 OK	19 B
URL POST HTTP/2 ib.adnxs.com/ut/v3/prebid IP 37.252.171.149:443 ASN #29990 ASN-APPNEX Requested by https://rentry.co/debloatguide/ Certificate IssuerDigiCert Inc Subject.adnxs.com Fingerprint67:2D:49:EE:1E:AF:D8:2B:B2:85:1A:C5:39:29:91:05:8E:5E:6F:AA ValidityWed, 14 Feb 2024 00:00:00 GMT - Sun, 16 Mar 2025 23:59:59 GMT File type JSON text data Size 19 B (19 bytes) Hash f333cec2aef5c287691c1670f8207232 6dafbe0bf001219999903a4ed5bd23af5b81e52d 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 HTTP Headers `POST /ut/v3/prebid HTTP/1.1 Host: ib.adnxs.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 1166 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx/1.23.4 date: Mon, 14 Oct 2024 22:01:28 GMT content-type: application/json; charset=utf-8 content-length: 19 cache-control: no-store, no-cache, private pragma: no-cache expires: Sat, 15 Nov 2008 16:00:00 GMT p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" x-xss-protection: 0 access-control-allow-credentials: true access-control-allow-origin: https://rentry.co accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness an-x-request-uuid: f8197c02-a96a-41ae-9230-770f1599c731 x-proxy-origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com X-Firefox-Spdy: h2

	r11.o.lencr.org/	23.36.76.226	200 OK	504 B
URL r11.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash df561bb5aeeed26ec80dd28ea6ab5558 8dac4b67fdf82b7930ebba64c35208d5ac84c861 8bad15fc800c4a5db18dd22633896b1443d4d691221d6f1662610e51ae6084b1 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "8BAD15FC800C4A5DB18DD22633896B1443D4D691221D6F1662610E51AE6084B1" Last-Modified: Sun, 13 Oct 2024 17:09:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14208 Expires: Tue, 15 Oct 2024 01:58:16 GMT Date: Mon, 14 Oct 2024 22:01:28 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.76.226	200 OK	504 B
URL r11.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash df561bb5aeeed26ec80dd28ea6ab5558 8dac4b67fdf82b7930ebba64c35208d5ac84c861 8bad15fc800c4a5db18dd22633896b1443d4d691221d6f1662610e51ae6084b1 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "8BAD15FC800C4A5DB18DD22633896B1443D4D691221D6F1662610E51AE6084B1" Last-Modified: Sun, 13 Oct 2024 17:09:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14208 Expires: Tue, 15 Oct 2024 01:58:16 GMT Date: Mon, 14 Oct 2024 22:01:28 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.76.226	200 OK	504 B
URL r11.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash df561bb5aeeed26ec80dd28ea6ab5558 8dac4b67fdf82b7930ebba64c35208d5ac84c861 8bad15fc800c4a5db18dd22633896b1443d4d691221d6f1662610e51ae6084b1 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "8BAD15FC800C4A5DB18DD22633896B1443D4D691221D6F1662610E51AE6084B1" Last-Modified: Sun, 13 Oct 2024 17:09:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14208 Expires: Tue, 15 Oct 2024 01:58:16 GMT Date: Mon, 14 Oct 2024 22:01:28 GMT Connection: keep-alive`

	r11.o.lencr.org/	23.36.76.226	200 OK	504 B
URL r11.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash df561bb5aeeed26ec80dd28ea6ab5558 8dac4b67fdf82b7930ebba64c35208d5ac84c861 8bad15fc800c4a5db18dd22633896b1443d4d691221d6f1662610e51ae6084b1 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "8BAD15FC800C4A5DB18DD22633896B1443D4D691221D6F1662610E51AE6084B1" Last-Modified: Sun, 13 Oct 2024 17:09:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14208 Expires: Tue, 15 Oct 2024 01:58:16 GMT Date: Mon, 14 Oct 2024 22:01:28 GMT Connection: keep-alive`

	POST exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc	198.211.114.214	204 No Content	0 B
URL POST HTTP/2 exchange.cootlogix.com/prebid/multi/65e9e879eab3382166f737dc IP 198.211.114.214:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://rentry.co/debloatguide/ Certificate IssuerSectigo Limited Subject.cootlogix.com Fingerprint42:4E:B5:0E:ED:B9:5B:73:77:57:21:E2:AA:3E:A0:B3:D5:3D:A9:D8 ValidityThu, 19 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /prebid/multi/65e9e879eab3382166f737dc HTTP/1.1 Host: exchange.cootlogix.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 907 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 204 No Content access-control-allow-origin: https://rentry.co cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate access-control-allow-credentials: true access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control set-cookie: vdz_sync=1a4575a7-0a39-0883-054c-3febce561ecb; Domain=.cootlogix.com; Path=/; Expires=Wed, 13 Nov 2024 22:01:28 GMT; Secure; SameSite=None content-length: 0 date: Mon, 14 Oct 2024 22:01:28 GMT X-Firefox-Spdy: h2

	GET c.4dex.io/pba.gif?v=2&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C	35.241.34.106	200 OK	43 B
URL GET HTTP/2 c.4dex.io/pba.gif?v=2&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C IP 35.241.34.106:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectc.4dex.io FingerprintD4:0E:8D:DB:CC:EA:9F:EB:13:63:33:93:35:85:C0:ED:DE:1E:BF:2F ValiditySun, 18 Aug 2024 13:49:25 GMT - Sat, 16 Nov 2024 14:42:38 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers GET /pba.gif?v=2&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C HTTP/1.1 Host: c.4dex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 14 Oct 2024 22:01:29 GMT content-type: image/gif content-length: 43 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires: -1 cache-control: no-cache via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	GET c.4dex.io/pba.gif?v=2&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C	35.241.34.106	200 OK	43 B
URL GET HTTP/2 c.4dex.io/pba.gif?v=2&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C IP 35.241.34.106:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectc.4dex.io FingerprintD4:0E:8D:DB:CC:EA:9F:EB:13:63:33:93:35:85:C0:ED:DE:1E:BF:2F ValiditySun, 18 Aug 2024 13:49:25 GMT - Sat, 16 Nov 2024 14:42:38 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers GET /pba.gif?v=2&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1699624989460-1_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_FixedFooter_ROS&mts=ban&ban_szs=728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C HTTP/1.1 Host: c.4dex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Mon, 14 Oct 2024 22:01:29 GMT content-type: image/gif content-length: 43 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires: -1 cache-control: no-cache via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	POST ads.servenobid.com/adreq?cb=972	52.51.234.232	200 OK	108 B
URL POST HTTP/2 ads.servenobid.com/adreq?cb=972 IP 52.51.234.232:443 ASN #16509 AMAZON-02 Requested by https://rentry.co/debloatguide/ Certificate IssuerAmazon Subjectads.servenobid.com FingerprintA5:AA:49:D0:11:97:9B:D6:A9:AE:1B:96:17:90:07:21:8A:CF:8E:C3 ValidityFri, 29 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT File type JSON text data Size 108 B (108 bytes) Hash 9130e987b4e1bc2e60ce050706ae7762 65b29fa67955ea5d6b935be74714e7debf05bebc f8d80bedea6aeedc7a7e6c9a8bc0c8983a3a1546fc1aa823218359789fb96c49 HTTP Headers `POST /adreq?cb=972 HTTP/1.1 Host: ads.servenobid.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Content-Length: 869 Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:28 GMT content-type: application/json access-control-allow-origin: https://rentry.co amp-access-control-allow-source-origin: * access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials: true cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 vary: accept-encoding content-encoding: gzip X-Firefox-Spdy: h2`

	GET onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D	51.89.9.253	204 No Content	0 B
URL GET HTTP/2 onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D IP 51.89.9.253:443 ASN #16276 OVH SAS Requested by https://public.servenobid.com/sync.html Certificate IssuerDigiCert Inc Subject.onetag-sys.com Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90 ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D HTTP/1.1 Host: onetag-sys.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://public.servenobid.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 204 No Content cache-control: no-store strict-transport-security: max-age=15552000 alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900 X-Firefox-Spdy: h2`

	r11.o.lencr.org/	23.36.76.226	200 OK	504 B
URL r11.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash 21b8215884dde5b99edbec087b510318 c2374de10fb24c17a89fbed18e75c638bf5ec0a3 6199ac181d06123a24a38bd0425f66fe1977043236fa7fd1f66d07f0d69994c3 HTTP Headers `POST / HTTP/1.1 Host: r11.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "6199AC181D06123A24A38BD0425F66FE1977043236FA7FD1F66D07F0D69994C3" Last-Modified: Sun, 13 Oct 2024 03:58:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14389 Expires: Tue, 15 Oct 2024 02:01:21 GMT Date: Mon, 14 Oct 2024 22:01:32 GMT Connection: keep-alive`

	GET prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D	163.5.194.30	302 Found	0 B
URL GET HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D IP 163.5.194.30:443 ASN #49981 WorldStream B.V. Requested by https://public.servenobid.com/sync.html Certificate IssuerLet's Encrypt Subject.a-mo.net Fingerprint1B:31:3F:62:25:3C:F9:F5:AA:37:45:E8:68:E5:41:C3:0E:70:C8:C1 ValidityMon, 02 Sep 2024 11:39:42 GMT - Sun, 01 Dec 2024 11:39:41 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP/1.1 Host: prebid.a-mo.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://public.servenobid.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found cache-control: max-age=0, private, must-revalidate content-length: 0 date: Mon, 14 Oct 2024 22:01:31 GMT location: https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0 server: envoy vary: accept-encoding x-envoy-upstream-service-time: 0 X-Firefox-Spdy: h2`

	GET ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0	52.51.234.232	200 OK	0 B
URL GET HTTP/2 ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0 IP 52.51.234.232:443 ASN #16509 AMAZON-02 Requested by https://public.servenobid.com/sync.html Certificate IssuerAmazon Subjectads.servenobid.com FingerprintA5:AA:49:D0:11:97:9B:D6:A9:AE:1B:96:17:90:07:21:8A:CF:8E:C3 ValidityFri, 29 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /sync?pid=327&uid=&us_privacy=1YN-&gdpr=0 HTTP/1.1 Host: ads.servenobid.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://public.servenobid.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:32 GMT content-type: image/avif;charset=ISO-8859-1 content-length: 0 access-control-allow-origin: * amp-access-control-allow-source-origin: * access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials: true cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 X-Firefox-Spdy: h2`

	r10.o.lencr.org/	23.36.76.226	200 OK	504 B
URL r10.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 504 B (504 bytes) Hash e3ad0cbd754800e13794baede2165194 463ae252e9cb21711fb3f2d07a5496d4e940bfc7 12a3d5682665b2391e8aec2264990a82f3cc360c7a2abe805fb66a5111618a0c HTTP Headers `POST / HTTP/1.1 Host: r10.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 504 ETag: "12A3D5682665B2391E8AEC2264990A82F3CC360C7A2ABE805FB66A5111618A0C" Last-Modified: Sun, 13 Oct 2024 04:16:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17543 Expires: Tue, 15 Oct 2024 02:53:55 GMT Date: Mon, 14 Oct 2024 22:01:32 GMT Connection: keep-alive`

	GET sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=	159.223.143.204	200 OK	109 B
URL GET HTTP/2 sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy= IP 159.223.143.204:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://rentry.co/debloatguide/ Certificate IssuerSectigo Limited Subject.cootlogix.com Fingerprint42:4E:B5:0E:ED:B9:5B:73:77:57:21:E2:AA:3E:A0:B3:D5:3D:A9:D8 ValidityThu, 19 Oct 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT File type HTML document, ASCII text Size 109 B (109 bytes) Hash 9b7355ecddaf0c12398a48659278a7e6 5181162df39733dda7a615293993d26df753d769 a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84 HTTP Headers GET /api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1 Host: sync.cootlogix.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Cookie: vdz_sync=1a4575a7-0a39-0883-054c-3febce561ecb Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK access-control-allow-origin: access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization access-control-allow-credentials: true p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa" access-control-allow-methods: GET, HEAD, OPTIONS, POST content-type: text/html content-length: 109 date: Mon, 14 Oct 2024 22:01:32 GMT X-Firefox-Spdy: h2`

	GET ads.dxkulture.com/xuid?pid=	45.55.126.71	200 OK	0 B
URL GET HTTP/1.1 ads.dxkulture.com/xuid?pid= IP 45.55.126.71:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://cdn.dxkulture.com/x/sync.html Certificate IssuerLet's Encrypt Subjectads.dxkulture.com FingerprintDB:A1:D3:32:39:D1:A1:54:00:65:69:0A:D5:B3:E9:42:97:EA:13:F5 ValidityThu, 25 Jul 2024 05:59:03 GMT - Wed, 23 Oct 2024 05:59:02 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /xuid?pid= HTTP/1.1 Host: ads.dxkulture.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdn.dxkulture.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Mon, 14 Oct 2024 22:01:32 GMT Content-Length: 0 Connection: close Cache-Control: no-cache, no-store Set-Cookie: mtuid=6a65389c-eadb-498f-aae6-493263c096b1; Path=/; Domain=dxkulture.com; Expires=Sat, 12 Apr 2025 22:01:32 GMT; Secure; SameSite=None Vary: Origin Strict-Transport-Security: max-age=31536000; includeSubDomains`

	ocsp.e2m03.amazontrust.com/	54.230.218.11	200 OK	279 B
URL ocsp.e2m03.amazontrust.com/ IP 54.230.218.11:0 ASN #16509 AMAZON-02 File type data Size 279 B (279 bytes) Hash 1efd0b2169a70ef31c55e360e2f98d05 0ab6f9a9fc524423fb88009a82cbc8148290b038 6bbd0669e144e61d4b4918bb63ce6dccb03bd30f54e2b227a829f006b109ee0f HTTP Headers `POST / HTTP/1.1 Host: ocsp.e2m03.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 279 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Mon, 14 Oct 2024 22:01:32 GMT Last-Modified: Mon, 14 Oct 2024 20:53:01 GMT Server: ECAcc (ska/F6A0) X-Cache: Miss from cloudfront Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: _Wn-g2Pz2gdQYPxNaBL-h8YdSwh76VlIUEdRZoUUFO6iolRoQ6wLWg== Age: 4111`

	ocsp.e2m03.amazontrust.com/	54.230.218.11	200 OK	279 B
URL ocsp.e2m03.amazontrust.com/ IP 54.230.218.11:0 ASN #16509 AMAZON-02 File type data Size 279 B (279 bytes) Hash 1efd0b2169a70ef31c55e360e2f98d05 0ab6f9a9fc524423fb88009a82cbc8148290b038 6bbd0669e144e61d4b4918bb63ce6dccb03bd30f54e2b227a829f006b109ee0f HTTP Headers `POST / HTTP/1.1 Host: ocsp.e2m03.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 279 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Mon, 14 Oct 2024 22:01:33 GMT Last-Modified: Mon, 14 Oct 2024 20:48:09 GMT Server: ECAcc (ska/F776) X-Cache: Miss from cloudfront Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: -HNXI5v2QjuJ2cWLKxenhtoUTv2IYFj7-YyNEQ1W4xBNURiD6F-saA== Age: 4404`

	GET cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D	44.216.67.254	204 No Content	0 B
URL GET HTTP/2 cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D IP 44.216.67.254:443 ASN #14618 AMAZON-AES Requested by https://public.servenobid.com/sync.html Certificate IssuerAmazon Subject.yellowblue.io Fingerprint3E:2F:02:15:24:62:BE:D4:BC:D1:64:8E:24:5F:A0:20:D8:CD:E1:DA ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D HTTP/1.1 Host: cs-server-s2s.yellowblue.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://public.servenobid.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 204 No Content date: Mon, 14 Oct 2024 22:01:33 GMT x-envoy-upstream-service-time: 0 server: istio-envoy X-Firefox-Spdy: h2`

	GET ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID	54.145.172.243	204 No Content	0 B
URL GET HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID IP 54.145.172.243:443 ASN #14618 AMAZON-AES Requested by https://public.servenobid.com/sync.html Certificate IssuerAmazon Subjectssp.disqus.com FingerprintB7:96:BD:15:65:56:33:FE:02:3A:A7:8A:57:8F:70:4E:6A:F5:33:36 ValidityThu, 19 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP/1.1 Host: ssp.disqus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://public.servenobid.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 204 No Content date: Mon, 14 Oct 2024 22:01:33 GMT cache-control: no-store pragma: no-cache expires: 0 X-Firefox-Spdy: h2`

	GET ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26pid%3D%26uid%3D%24UID&partner=kulturemedia	54.145.172.243	204 No Content	0 B
URL GET HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26pid%3D%26uid%3D%24UID&partner=kulturemedia IP 54.145.172.243:443 ASN #14618 AMAZON-AES Requested by https://cdn.dxkulture.com/x/sync.html Certificate IssuerAmazon Subjectssp.disqus.com FingerprintB7:96:BD:15:65:56:33:FE:02:3A:A7:8A:57:8F:70:4E:6A:F5:33:36 ValidityThu, 19 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /redirectuser?r=https%3A%2F%2Fads.dxkulture.com%2Fsetuid%3Fbidder%3Dzeta%26pid%3D%26uid%3D%24UID&partner=kulturemedia HTTP/1.1 Host: ssp.disqus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdn.dxkulture.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 204 No Content date: Mon, 14 Oct 2024 22:01:34 GMT cache-control: no-store pragma: no-cache expires: 0 X-Firefox-Spdy: h2`

	GET ads.dxkulture.com/usync/lr.gif?pid=	45.55.126.71	302 Found	107 B
URL GET HTTP/1.1 ads.dxkulture.com/usync/lr.gif?pid= IP 45.55.126.71:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://cdn.dxkulture.com/x/sync.html Certificate IssuerLet's Encrypt Subjectads.dxkulture.com FingerprintDB:A1:D3:32:39:D1:A1:54:00:65:69:0A:D5:B3:E9:42:97:EA:13:F5 ValidityThu, 25 Jul 2024 05:59:03 GMT - Wed, 23 Oct 2024 05:59:02 GMT File type HTML document, ASCII text Size 107 B (107 bytes) Hash fb1bf01803319481515bf0aa0d388b6e b74ff08c82e8d1cd512436a0d5e41af18fad1119 d4afbeac7f425879395aa7910c5f92b8f3dc0b62b89d2c8cf445279393792890 HTTP Headers `GET /usync/lr.gif?pid= HTTP/1.1 Host: ads.dxkulture.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdn.dxkulture.com/ Cookie: mtuid=6a65389c-eadb-498f-aae6-493263c096b1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Date: Mon, 14 Oct 2024 22:01:35 GMT Content-Type: text/html; charset=utf-8 Content-Length: 107 Connection: close Location: https://idsync.rlcdn.com/712910.gif?partner_uid=6a65389c-eadb-498f-aae6-493263c096b1 Vary: Origin Strict-Transport-Security: max-age=31536000; includeSubDomains`

	GET ads.dxkulture.com/usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID	45.55.126.71	301 Moved Permanently	119 B
URL GET HTTP/1.1 ads.dxkulture.com/usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID IP 45.55.126.71:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://cdn.dxkulture.com/x/sync.html Certificate IssuerLet's Encrypt Subjectads.dxkulture.com FingerprintDB:A1:D3:32:39:D1:A1:54:00:65:69:0A:D5:B3:E9:42:97:EA:13:F5 ValidityThu, 25 Jul 2024 05:59:03 GMT - Wed, 23 Oct 2024 05:59:02 GMT File type HTML document, ASCII text Size 119 B (119 bytes) Hash 1acddf12199ea23564f690053932c348 1ad89634018ca7516c63b2193ec511e7b171521f 1ef42f8ca38c43a3414f61d19a833ba988c9efbea6e4aff97235f2231ff1a61e HTTP Headers GET /usync?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D369%26uid%3D%24UID HTTP/1.1 Host: ads.dxkulture.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdn.dxkulture.com/ Cookie: mtuid=6a65389c-eadb-498f-aae6-493263c096b1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 301 Moved Permanently Date: Mon, 14 Oct 2024 22:01:35 GMT Content-Type: text/html; charset=utf-8 Content-Length: 119 Connection: close Location: https://ads.servenobid.com/sync?pid=369&uid=6a65389c-eadb-498f-aae6-493263c096b1 Vary: Origin Strict-Transport-Security: max-age=31536000; includeSubDomains`

	GET ads.servenobid.com/sync?pid=369&uid=6a65389c-eadb-498f-aae6-493263c096b1	52.51.234.232	200 OK	0 B
URL GET HTTP/2 ads.servenobid.com/sync?pid=369&uid=6a65389c-eadb-498f-aae6-493263c096b1 IP 52.51.234.232:443 ASN #16509 AMAZON-02 Requested by https://cdn.dxkulture.com/x/sync.html Certificate IssuerAmazon Subjectads.servenobid.com FingerprintA5:AA:49:D0:11:97:9B:D6:A9:AE:1B:96:17:90:07:21:8A:CF:8E:C3 ValidityFri, 29 Mar 2024 00:00:00 GMT - Sun, 27 Apr 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /sync?pid=369&uid=6a65389c-eadb-498f-aae6-493263c096b1 HTTP/1.1 Host: ads.servenobid.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cdn.dxkulture.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:35 GMT content-type: image/avif;charset=ISO-8859-1 content-length: 0 set-cookie: pid_369=6a65389c-eadb-498f-aae6-493263c096b1; domain=servenobid.com; SameSite=None; Expires=Mon, 21 Oct 2024 22:01:35 GMT; secure access-control-allow-origin: * amp-access-control-allow-source-origin: * access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials: true cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 X-Firefox-Spdy: h2

	GET rentry.co/favicon.ico	104.26.2.16	200 OK	15 kB
URL GET HTTP/2 rentry.co/favicon.ico IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Size 15 kB (15086 bytes) Hash b102d58bb28a83de9b59fedcd08d17ea 8b6edee7f5d96b69c6e4f0c4e8376c640a34aa63 93eab1e1c50b4ff5b4aa5eefa6e85ce7bae235b52886914529c8b8aa4319f26c HTTP Headers `GET /favicon.ico HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/debloatguide/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:27 GMT content-type: image/x-icon last-modified: Tue, 17 Sep 2024 18:33:22 GMT etag: W/"66e9cb72-3aee" x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains cache-control: max-age=14400, vary cf-cache-status: HIT age: 5941 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKMwToTsxgpL9Qn2Vcs1fDR585WkDyVCsTkq0N9KU4sCh6FgPhOUli5pBd2qDZ6yg8JtpMdEHEtOo2Wr%2Fyp1y5QILu%2BiO8S7GxWw%2Btn962tF4hGScIgHiOQUBg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad919388a7129-OSL content-encoding: br X-Firefox-Spdy: h2

	GET rentry.co/debloatguide/	104.26.2.16	200 OK	35 kB
URL User Request GET HTTP/2 rentry.co/debloatguide/ IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type Size 35 kB (34952 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /debloatguide/ HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:26 GMT content-type: text/html; charset=utf-8 vary: Origin, Cookie x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains cache-control: Vary cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OjN4O7soduO3Jz3vZ%2BBwrDtacFkVxSlnBafvY9Bm%2F%2FQ4TsHX5fx1cF%2B4R2Wr%2B8QVSAsicT66WDOAEjWSjp9wnhUjL54JN3YHwGexaTUdscM6MWiHyunOA0Bl%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 8d2ad913f85a7129-OSL content-encoding: br X-Firefox-Spdy: h2

	GET c.4dex.io/pba.gif?v=1&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban	35.241.34.106	200 OK	43 B
URL GET HTTP/2 c.4dex.io/pba.gif?v=1&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban IP 35.241.34.106:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectc.4dex.io FingerprintD4:0E:8D:DB:CC:EA:9F:EB:13:63:33:93:35:85:C0:ED:DE:1E:BF:2F ValiditySun, 18 Aug 2024 13:49:25 GMT - Sat, 16 Nov 2024 14:42:38 GMT File type GIF image data, version 89a, 1 x 1 Size 43 B (43 bytes) Hash ad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda HTTP Headers GET /pba.gif?v=1&pbjsv=8.45.0&org_id=1116&site=rentry-co&pv_id=bca06298-5954-45ae-ac23-7d71af2c06d0&auct_id=8ca8594f-0ffa-40a0-9d88-8781afdb9ef3&adu_code=bsa-zone_1700727262982-7_123456&url_dmn=rentry.co&pgtyp=undefined&plcmt=Rentryco_S2S_TopLeaderboard_ROS&mts=ban&ban_szs=468x60%2C728x90%2C970x90%2C980x90%2C990x90&bdrs=adagio%2Cadyoulike%2Cappnexus%2Cbcmssp%2Ccriteo%2Ceplanning%2Cnobid%2Conetag%2Copenx%2Cpubmatic%2Crise%2Crubicon%2Csmartadserver%2Cvidazoo&adg_mts=ban HTTP/1.1 Host: c.4dex.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ content-type: text/plain Origin: https://rentry.co DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Mon, 14 Oct 2024 22:01:28 GMT content-type: image/gif content-length: 43 access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type expires: -1 cache-control: no-cache via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	GET onetag-sys.com/usync/?cb=1728943288145	51.89.9.253	204 No Content	0 B
URL GET HTTP/2 onetag-sys.com/usync/?cb=1728943288145 IP 51.89.9.253:443 ASN #16276 OVH SAS Requested by https://rentry.co/debloatguide/ Certificate IssuerDigiCert Inc Subject.onetag-sys.com Fingerprint9D:25:F4:C3:B5:6A:40:DB:23:4A:02:98:48:44:09:DB:7C:07:BF:90 ValidityTue, 23 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /usync/?cb=1728943288145 HTTP/1.1 Host: onetag-sys.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 204 No Content cache-control: no-store strict-transport-security: max-age=15552000 alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900 X-Firefox-Spdy: h2`

	GET public.servenobid.com/sync.html	143.204.55.90	200 OK	8.9 kB
URL GET HTTP/2 public.servenobid.com/sync.html IP 143.204.55.90:443 ASN #16509 AMAZON-02 Requested by https://rentry.co/debloatguide/ Certificate IssuerAmazon Subject.servenobid.com Fingerprint96:33:3B:11:8E:FE:89:CB:05:31:59:EF:8B:B5:EF:32:91:13:48:BB ValidityFri, 08 Dec 2023 00:00:00 GMT - Sun, 05 Jan 2025 23:59:59 GMT File type HTML document, ASCII text, with very long lines (9200), with no line terminators Size 8.9 kB (8923 bytes) Hash 30fb194cc8e3eaba60cd4fcb624e59cc 0be3898cce41351d82e0f1406ad7c1864fb1479f fe51b46260313fdde0ed38ab486ae2fb8b78e14a8b697a82985e75eece439b44 HTTP Headers `GET /sync.html HTTP/1.1 Host: public.servenobid.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/html last-modified: Fri, 09 Aug 2024 18:03:42 GMT x-amz-server-side-encryption: AES256 x-amz-meta-codebuild-content-sha256: 0c862cfbec86cf35da41ccff65cebb329952af81fbec4518f938686b910c80ab x-amz-version-id: null x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:f39297af-ab1b-4fa1-9c17-e707d9442122 x-amz-meta-codebuild-content-md5: c019d5c9f38b298a15d2331367789657 server: AmazonS3 content-encoding: gzip date: Mon, 14 Oct 2024 04:15:23 GMT cache-control: max-age=86400 etag: W/"a421cafd19c21284be567b12002cf378" x-cache: Hit from cloudfront via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: VAA4mTXXEMIHFMYkGw4SySgh9w-qmOK81ZNAvM9wsBXIsaKGJekuzg== age: 64831 vary: Accept-Encoding, Origin X-Firefox-Spdy: h2

	GET cdn4.buysellads.net/pub/rentryco.js?1728943200000	159.65.211.77	200 OK	722 kB
URL GET HTTP/2 cdn4.buysellads.net/pub/rentryco.js?1728943200000 IP 159.65.211.77:443 ASN #14061 DIGITALOCEAN-ASN Requested by https://rentry.co/debloatguide/ Certificate IssuerLet's Encrypt Subject.cdn4.buysellads.net FingerprintEC:D7:99:F5:7B:3C:3A:48:4E:82:F3:23:0C:F1:7D:FB:0B:0A:44:CB ValidityThu, 19 Sep 2024 17:42:35 GMT - Wed, 18 Dec 2024 17:42:34 GMT File type Size 722 kB (721545 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /pub/rentryco.js?1728943200000 HTTP/1.1 Host: cdn4.buysellads.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK cache-control: public, max-age=3600, stale-while-revalidate content-encoding: gzip content-type: application/javascript etag: ae0ef5be2aa199a3ca11d9349d3108a07f3fb0cc server: srv-lon1-0 vary: Accept-Encoding date: Mon, 14 Oct 2024 22:01:27 GMT X-Firefox-Spdy: h2`

	GET cdn.dxkulture.com/x/sync.html	172.64.145.29	200 OK	2.5 kB
URL GET HTTP/2 cdn.dxkulture.com/x/sync.html IP 172.64.145.29:443 ASN #13335 CLOUDFLARENET Requested by https://public.servenobid.com/sync.html Certificate IssuerLet's Encrypt Subjectcdn.dxkulture.com FingerprintDE:88:F3:26:B4:A0:0D:FB:82:23:5C:4F:A2:91:C8:75:84:0E:4B:7A ValidityFri, 26 Jul 2024 05:11:26 GMT - Thu, 24 Oct 2024 05:11:25 GMT File type JavaScript source, ASCII text, with very long lines (2625), with no line terminators Size 2.5 kB (2502 bytes) Hash 9f410e45389e6b3d1ddbb7f2f86aebfc 159c277e101d68d1ef45468818175544c12e173e 37cd627518d5765b8dc7bd0c71ed86dcc336a3b16392edaf7d4920c13f8f611a HTTP Headers GET /x/sync.html HTTP/1.1 Host: cdn.dxkulture.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://public.servenobid.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:32 GMT content-type: text/html last-modified: Wed, 31 Jul 2024 11:10:14 GMT x-rgw-object-type: Normal x-amz-request-id: tx00000dc0e0999cafc06b9-0066e43401-bc599245-nyc3c vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding strict-transport-security: max-age=15552000; includeSubDomains; preload x-do-cdn-uuid: 4cf2344c-b5f4-4372-87f8-a2f54204ed44 cache-control: max-age=3600 x-envoy-upstream-healthchecked-cluster: cf-cache-status: HIT age: 361 set-cookie: __cf_bm=T_sDkaOQr.XWu8MubOA5PFJaK0PnHNoEkS.xLCY0MfQ-1728943292-1.0.1.1-XwpnqbUDqVjQrIBUFycuFtKykKXqK63EB9skSUkV8Gm5UPtIDrxnGmEXtpLxOmQoZlJiZw6ynN716iYbcSDgSg; path=/; expires=Mon, 14-Oct-24 22:31:32 GMT; domain=.cdn.dxkulture.com; HttpOnly; Secure; SameSite=None server: cloudflare cf-ray: 8d2ad93a3bc4b4ed-OSL content-encoding: gzip X-Firefox-Spdy: h2

	GET rentry.co/static/js/jquery.min.js?v=22	104.26.2.16	200 OK	92 kB
URL GET HTTP/2 rentry.co/static/js/jquery.min.js?v=22 IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type JavaScript source, ASCII text, with very long lines (65451) Size 92 kB (91886 bytes) Hash 0d9824e6289fa893434c354eadde4075 b9a1358f185c7239829712de6830333829e9bd33 4c1add9ba5d6cde3a03149a022b61163b35c4d5c738cf32470e7e7bd611e4ac6 HTTP Headers `GET /static/js/jquery.min.js?v=22 HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rentry.co/debloatguide/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:26 GMT content-type: application/javascript last-modified: Tue, 17 Sep 2024 18:32:20 GMT etag: W/"66e9cb34-166ee" expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, vary x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains cf-cache-status: HIT age: 2345277 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmhRmeXMnJV1z8ZH%2Fjd0gmUwm9k2hZ7M7lzjdO8EKI0qUCxSedqc7T2n7zyECXMbZEuN90FmFkajd4XbRxUxj6gM5U2NpH9swoiJHo1S7kAlRHrQD3GKG8tbGA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad916ccd97129-OSL content-encoding: br X-Firefox-Spdy: h2

	GET rentry.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?	104.26.2.16	200 OK	8.0 kB
URL GET HTTP/2 rentry.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js? IP 104.26.2.16:443 ASN #13335 CLOUDFLARENET Requested by https://rentry.co/debloatguide/ Certificate IssuerGoogle Trust Services Subjectrentry.co Fingerprint0E:D2:55:73:5A:E5:74:1E:21:00:4C:3C:2C:EF:69:9F:0B:BB:42:98 ValidityFri, 16 Aug 2024 19:49:55 GMT - Thu, 14 Nov 2024 19:49:54 GMT File type JavaScript source, ASCII text, with very long lines (8037), with no line terminators Size 8.0 kB (8037 bytes) Hash c7f40d06a486975b664d940140b4a717 2da2b72b0e938778d0880c6ae694a06576020d13 ab921df4ea7804169b17b7caf8335874bb7511b87c2d1be2543d8a27a31c230f HTTP Headers `GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js? HTTP/1.1 Host: rentry.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Mon, 14 Oct 2024 22:01:27 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public x-content-type-options: nosniff report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4o7LGO%2FWMVG0MCRzIzyMwoXk4CqWq%2F4iq8sjtvGgZ2zbtuCoAFxekbdtfKJfW96ldDrJI2Z0OOrIg2Sy%2FEysnTgtQBfp%2F2S54tTBdYkBK6MMKUTFwQqHpTg6Q%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 8d2ad918e80a7129-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by