urlscan.io logo urlscan.io
SecurityTrails logo

risu.io Open in urlscan Pro
2606:4700:3108::ac42:2afe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://risu.io/REerL
Effective URL: https://risu.io/REerL
Submission: On August 20 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 9 countries across 31 domains to perform 189 HTTP transactions. The main IP is 2606:4700:3108::ac42:2afe, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.
This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
2 13 2606:4700:310... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 34.98.102.251 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 35.186.215.140 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 1 192.96.203.13 30633 (LEASEWEB-...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 87.248.100.136 34010 (YAHOO-IRD)
1 2a00:1288:110... 34010 (YAHOO-IRD)
7 14 35.190.36.98 15169 (GOOGLE)
7 10 172.104.64.149 63949 (AKAMAI-LI...)
1 5 162.210.196.208 30633 (LEASEWEB-...)
3 34.81.191.174 396982 (GOOGLE-CL...)
26 2600:9000:210... 16509 (AMAZON-02)
2 116.50.36.71 18046 (DONGFONG-...)
4 52.197.179.68 16509 (AMAZON-02)
2 18.180.23.89 16509 (AMAZON-02)
7 203.75.214.136 ()
2 4 35.201.76.93 396982 (GOOGLE-CL...)
8 35.72.193.203 16509 (AMAZON-02)
6 60.199.208.47 9924 (TFN-TW Ta...)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 1 23.56.202.187 16625 (AKAMAI-AS)
2 95.101.149.233 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a02:2638:d::2 44788 (ASN-CRITE...)
2 103.132.192.30 138552 (RTBHOUSE-...)
2 210.59.219.34 3462 (HINET Dat...)
2 4 2a02:2638:d::d 44788 (ASN-CRITE...)
4 2a02:2638:3::7 44788 (ASN-CRITE...)
1 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.250.7.13 44788 (ASN-CRITE...)
1 2606:4700::68... ()
3 130.211.28.216 ()
189 48
1    2606:4700:3108::ac42:2902 (United States)

ASN13335 (CLOUDFLARENET, US)
risu.io
13    2606:4700:3108::ac42:2afe (United States)

ASN13335 (CLOUDFLARENET, US)
risu.io
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    34.98.102.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.102.98.34.bc.googleusercontent.com
assets.risu.io
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
agent.aralego.com
5    2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
geo.yahoo.com
14    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
10    172.104.64.149 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1674-149.members.linode.com
gocm.c.appier.net
5    162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    34.81.191.174 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 174.191.81.34.bc.googleusercontent.com
pmp-beacon.apx.appier.net
26    2600:9000:2104:c200:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
4    52.197.179.68 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
2    18.180.23.89 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-23-89.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
7    203.75.214.136 (None, )

ASN- ()
t.ssp.hinet.net
4    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
8    35.72.193.203 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
adcdn.holmesmind.com
ad.holmesmind.com
6    60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)
ssl.sitemaji.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
6    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
2    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
4    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d978cde4281304a14c8d956cf30d644b.safeframe.googlesyndication.com
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2606:4700::6811:180e (None, )

ASN- ()
cdnjs.cloudflare.com
3    130.211.28.216 (None, )

ASN- ()
img.feebee.tw
Apex Domain
Subdomains		 Transfer
44 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 136868
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 129074
fcm.holmesmind.com Failed
fcm2.holmesmind.com — Cisco Umbrella Rank: 155847
c.holmesmind.com — Cisco Umbrella Rank: 111103
adcdn.holmesmind.com — Cisco Umbrella Rank: 136416
ad.holmesmind.com — Cisco Umbrella Rank: 109477
226 KB
27 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 48468
gocm.c.appier.net — Cisco Umbrella Rank: 2822
pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 323065
9 KB
22 risu.io
risu.io
assets.risu.io
1 MB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
d978cde4281304a14c8d956cf30d644b.safeframe.googlesyndication.com
310 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
bidder.criteo.com — Cisco Umbrella Rank: 885
mug.criteo.com — Cisco Umbrella Rank: 2338
15 KB
7 feebee.tw
img.feebee.tw
fsa-api.feebee.tw
50 KB
7 hinet.net
t.ssp.hinet.net
9 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
161 KB
6 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
84 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
271 KB
6 aralego.com
agent.aralego.com — Cisco Umbrella Rank: 266410
ads.aralego.com — Cisco Umbrella Rank: 39271
sync.aralego.com — Cisco Umbrella Rank: 3451
3 KB
5 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 14896
82 KB
4 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
eus.rubiconproject.com — Cisco Umbrella Rank: 737
token.rubiconproject.com — Cisco Umbrella Rank: 748
11 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 2706
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
region1.google-analytics.com — Cisco Umbrella Rank: 2102
21 KB
4 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 91231
ssl.sitemaji.com — Cisco Umbrella Rank: 221748
28 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1146
11 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
209 KB
2 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 80546
334 B
2 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17052
339 B
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 118645
940 B
2 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 15193
geo.yahoo.com — Cisco Umbrella Rank: 1505
989 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5345
515 B
2 gstatic.com
fonts.gstatic.com
45 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
2 KB
1 cloudflare.com
cdnjs.cloudflare.com
5 KB
1 feebee.com.tw
fsa-api.feebee.com.tw
5 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 666
30 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1244
599 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1212
7 KB
189 31
Domain Requested by
26 cdn.holmesmind.com risu.io
cdn.holmesmind.com
ad.holmesmind.com
14 ad2.apx.appier.net 7 redirects risu.io
14 risu.io 3 redirects risu.io
static.cloudflareinsights.com
13 pagead2.googlesyndication.com risu.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
10 gocm.c.appier.net 7 redirects risu.io
ad2.apx.appier.net
8 assets.risu.io risu.io
assets.risu.io
7 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
6 static.criteo.net cdn.holmesmind.com
risu.io
static.criteo.net
6 ad.holmesmind.com cdn.holmesmind.com
risu.io
6 connect.facebook.net fcm2.holmesmind.com
cdn.holmesmind.com
connect.facebook.net
6 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
5 cdn.aralego.net agent.aralego.com
risu.io
ads.aralego.com
4 fsa-api.feebee.tw
4 bidder.criteo.com static.criteo.net
4 gum.criteo.com 2 redirects static.criteo.net
4 c.holmesmind.com 2 redirects cdn.holmesmind.com
4 cm-dev-poc.holmesmind.com cdn.holmesmind.com
4 unpkg.com 2 redirects assets.risu.io
3 img.feebee.tw ad.sitemaji.com
3 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
3 pmp-beacon.apx.appier.net ad2.apx.appier.net
3 ads.aralego.com 1 redirects agent.aralego.com
ads.aralego.com
3 www.google.com tpc.googlesyndication.com
3 ad.sitemaji.com assets.risu.io
ads.aralego.com
ad.sitemaji.com
3 www.googletagmanager.com risu.io
www.googletagmanager.com
www.google-analytics.com
2 mug.criteo.com
2 prebid.scupio.com cdn.holmesmind.com
2 prebid-asia.creativecdn.com cdn.holmesmind.com
2 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
2 sync.aralego.com ads.aralego.com
2 adcdn.holmesmind.com cdn.holmesmind.com
2 fcm2.holmesmind.com cdn.holmesmind.com
2 cm.lndata.com cdn.holmesmind.com
2 www.google.de
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com risu.io
1 cdnjs.cloudflare.com ad.sitemaji.com
1 fsa-api.feebee.com.tw ad.sitemaji.com
1 d978cde4281304a14c8d956cf30d644b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 ssl.sitemaji.com ad.sitemaji.com
1 geo.yahoo.com
1 ads.yap.yahoo.com s.yimg.com
1 region1.analytics.google.com www.googletagmanager.com
1 s.yimg.com ad.sitemaji.com
1 agent.aralego.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net assets.risu.io
1 static.cloudflareinsights.com risu.io
0 fcm.holmesmind.com Failed cdn.holmesmind.com
189 55

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.facebook.com
m.me
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-26 -
2024-03-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
assets.risu.io
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
feebee.com.tw
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-02 -
2023-10-25		 6 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
pmp-beacon.apx.appier.net
GTS CA 1P5		 2023-06-23 -
2023-09-21		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.c.appier.net
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-29 -
2023-08-27		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2022-09-26 -
2023-10-27		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 31 frames:

Primary Page: https://risu.io/REerL
Frame ID: 67D15B1AE2B3810155E49194C79D2BBF
Requests: 55 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: D6637D2E0A9BB37F6B38DB00638B5169
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: B9105F3F5F05E90E7C2BF51B48B50757
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692524771&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frisu.io%2FREerL&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692531971422&bpp=2&bdt=527&idt=268&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5761113549599&frm=20&pv=2&ga_vid=462374568.1692531972&ga_sid=1692531972&ga_hid=66189446&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077090%2C31077148%2C31076994%2C31077199%2C44799580&oid=2&pvsid=2072166258750691&tmod=1056370676&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292
Frame ID: 51B8639F8CF200BFC445376179CF9000
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B942CF0E2E615F07E5787125B9B56BBF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68D18D954B75949CB4FA042202B33E66
Requests: 2 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=eXId5bDfAwWbNzOcBf3hZA&id=id0vcn5lbjos5z7xp
Frame ID: 0427A18FB33C4479A70E8BA9CDB88CE7
Requests: 2 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=-WLVeVP9DZiKOjjZBf3hZA&id=id0vcn5lbjos5z7xp
Frame ID: A9EEBE82787D1CCD40EDBC004B43AA01
Requests: 2 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TG-egsJxDEC5E1qSBf3hZA&id=ida4mlvgiastit93r
Frame ID: 9B89CA39BBE0B183754E89C3821EC4A3
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: E95E83503AB9A8B4DA7045453CD0A760
Requests: 2 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: E913AED68813CAAB185C474F171BB013
Requests: 2 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 556A77882F08C587F3BBBEB43F294165
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 994F62F948A2C611DD95D9A4236EE48A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: EA02B140EB9A2B52AE25D03D1ADEEF84
Requests: 23 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1C33A6DC5C2A123254493C02FF4720EB
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 93FA8455BE927D4BD5EE717D62F258BF
Requests: 24 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 4DC05A177CF69BFCDF5D9D79BDF7C92F
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 265C3A93180739658C16FAA85BE83CF0
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: AB46EF4987CD045EDAC66EB93E57ED66
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 152CA58EB9DE867FC46E0984B5D0DCE2
Requests: 1 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: C78944DBE4989FDF5E8754366A3714F8
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C6E907177403DFF16D181503B58CCF7D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 549D57627DEAF6B38B7DAF6DDAA4FE14
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: D034826950273F23B3E9019622FD691A
Requests: 2 HTTP requests in this frame

Frame: https://d978cde4281304a14c8d956cf30d644b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 4CA608A10263F1238A1DFDF7CBBEFE55
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 3E960322169A027E92BB1A77B01C7065
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 419BA50FFCF14DA2EDA3DE1DB6F0E222
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0818B7D64A78EB3DEC97A277C3F89B24
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/19875/93e9eb4006236b25349eb77a06669b15.jpg
Frame ID: 48BDFAB1B560640CEAD5A34414D23B0E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/19875/93e9eb4006236b25349eb77a06669b15.jpg
Frame ID: 157DB97AF3C0152CED83A21F1CD1D0B7
Requests: 5 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: ED1CC05CA67755446E8F8A1083DC8448
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

短網址。行銷。分析 - Risu.io

Page URL History Show full URLs

  1. http://risu.io/REerL HTTP 301
    https://risu.io/REerL Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

189
Requests

88 %
HTTPS

56 %
IPv6

31
Domains

55
Subdomains

48
IPs

9
Countries

2745 kB
Transfer

10483 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://risu.io/REerL HTTP 301
    https://risu.io/REerL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/video.js@7/dist/video-js.min.css HTTP 302
  • https://unpkg.com/video.js@7.21.5/dist/video-js.min.css
Request Chain 10
  • https://unpkg.com/@videojs/themes@1/dist/sea/index.css HTTP 302
  • https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
Request Chain 20
  • https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Request Chain 25
  • https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Request Chain 44
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 61
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp HTTP 307
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=eXId5bDfAwWbNzOcBf3hZA&id=id0vcn5lbjos5z7xp
Request Chain 62
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp HTTP 307
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=-WLVeVP9DZiKOjjZBf3hZA&id=id0vcn5lbjos5z7xp
Request Chain 66
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TG-egsJxDEC5E1qSBf3hZA&id=ida4mlvgiastit93r
Request Chain 75
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 86
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 89
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 103
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 122
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Request Chain 125
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Request Chain 126
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Request Chain 127
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Request Chain 138
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5sAsynw4R3JpTGhmdS9vYnJaakxFMW4zOHU5RVYxYTFUV2o2R04xbUN2ZmFCbWl1dVkrR0JVRUNoVDNnN3BtaVJIRklDamlxQzBxMmRNYWhMWDNRbUJHaUltOThtdVhNN3lwUTVPeXNYUkJURW9zVW5YcHIwSDFnQ2lMcGxQbUdnV2JDREdvZzI3OFRlY3dMV21EeFU1bmpRcGlhb0NoTkhhc2h4K2FBTHNoV2g4SktYMlNPYVJsS2FaOHljQmR0RSt1ZmZZN3M2ZXY1N1dqSGpHQWJxb2pqWi9vdUducUxZeWc2NEZXUmF4alNTTU5WYmk2ekdTNFAveWowS1NVdC8vL1kxTmtwZk9MbUNrdUkrWElCODJDYjlnQT09fA&cppv=2
Request Chain 150
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=EJdXBV9jZEFIWlAzJTJGJTJGSUI2Y3phWm00d3oxR0hia0hhRFpSN09qZk9yQXgzYUxxSnRKa2tyNWNybHFwMldsV1RJNW9CeUlFMEFLWUcxUEw5ME9NaDY1OFRNaHpYYmNkUiUyQkpDMGZxOCUyRjRrUEZNQ3k5dlE1YldGaVEwelp5SnElMkZ3V3d6ZTd1cVdZUndSM21IWFVOaE02dyUyRkl3S3clM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3bsx93xrT2t4b1hLUVFxRmdhbFI0dXlBbzZOT0hvSDVnSStNQ2M4SlhRREJGaVEwL0VhVlk2MXJtVnFWZEE1OTFsVm9OVncyZkJVTUFCRWhsMEgyd0k5TFhyZTNGZDlHTEpGeFJVZUM1MVhDK0EwWlFSQXBKUFJML09pRFNzREFEQ3N2VUd5YngyZXpWN3YxZ3J2aGhhUDJIdkcrcW9wRE5PVU56TCtLY1pKYXowYUh1bVJha2hwNk9XNTM4TGFDOTJBYlpDZkkxTUpDOGVlOHhJSDJ4UVJ1K2JVazgrNWZtU2ErVHczY25yRGtMZkxSaWs4dS9HWUh1Sjk0L0ZCUTVhZ3RYcDhRcVN3L0xwMnFmTzdpaDdIdE5lQT09fA&cppv=2

189 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request REerL
risu.io/
Redirect Chain
  • http://risu.io/REerL
  • https://risu.io/REerL
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe1c7064c996278f086598dab595b3c50cc28cff6a05fc52afaa2993a42ddfe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f9a64ef3d114db1-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 20 Aug 2023 11:46:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
8673f958-8eea-45da-9f47-4589a16b2bc9
x-runtime
0.045215
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7f9a64ee9e839265-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 20 Aug 2023 11:46:10 GMT
Expires
Sun, 20 Aug 2023 12:46:10 GMT
Location
https://risu.io/REerL
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 20 Aug 2023 11:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 20 Aug 2023 11:28:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Aug 2023 11:46:10 GMT
css2
fonts.googleapis.com/ 		4 KB
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 20 Aug 2023 11:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 20 Aug 2023 11:38:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 20 Aug 2023 11:46:10 GMT
application-025be2bd.css
assets.risu.io/packs/css/layouts/ 		528 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:26:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
19172
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68120
header-419e5bb6.css
assets.risu.io/packs/css/commons/ 		226 B
364 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/css/commons/header-419e5bb6.css
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 19:12:07 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
59643
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
show-11000a9b.css
assets.risu.io/packs/css/pages/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/css/pages/show-11000a9b.css
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
28196ab389ed9e4958f82b3528cd13035d2bfd35df0d60cc126cfb73225e2493

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 22:36:42 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
47368
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3352
email-decode.min.js
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/REerL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 10:58:09 GMT
server
cloudflare
etag
W/"64ddfd41-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7f9a64f228694db1-FRA
expires
Tue, 22 Aug 2023 11:46:10 GMT
rocket-loader.min.js
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/REerL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 10:58:09 GMT
server
cloudflare
etag
W/"64ddfd41-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7f9a64f2286b4db1-FRA
expires
Tue, 22 Aug 2023 11:46:10 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:10 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7f9a64f278da90e6-FRA
index.css
cdn.jsdelivr.net/npm/simple-keyboard@latest/build/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/simple-keyboard@latest/build/css/index.css
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/pages/show-11000a9b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e93c1dd3d0b9ea150fd320dadea2e47d710a65ca3849cbe3e98a85e063028319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20280
x-jsd-version
3.6.42
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220072-FRA, cache-bma1657-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"ca1-FndGhNdjAPJrm3kxIFXbsaVmuMc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d17JvqVtp%2Bqav67JCPs9hR9SCKspXchTDg7%2Fj0m7XurfjZnXkQm7Rc6DsKZauZ1dCb%2BaGo54Mj1k7bQ95BihfnOsEngDMlYpBe%2B%2BLMApN26J4qc1%2B3gCC08HPk4%2FKO9u%2FmU5%2BN%2Fxg%2FxmriygMAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f9a64f33c3f4d64-FRA
video-js.min.css
unpkg.com/video.js@7.21.5/dist/
Redirect Chain
  • https://unpkg.com/video.js@7/dist/video-js.min.css
  • https://unpkg.com/video.js@7.21.5/dist/video-js.min.css
40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/video.js@7.21.5/dist/video-js.min.css
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/pages/show-11000a9b.css
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31020b3680c09d76da253d297d6d3faa98fd6b551c1c751829db8c12a9f4a1ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2564430
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H5WYME5N07D8GQVDJZW436VY-fra
server
cloudflare
etag
W/"a03b-sf5Rua+ucYc7QC6tPa5Nbd2dspc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f9a64f358299199-FRA

Redirect headers

date
Sun, 20 Aug 2023 11:46:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H89BRWT87GEQCDREYP0QWBWD-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
517
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/video.js@7.21.5/dist/video-js.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
7f9a64f31fed9199-FRA
index.css
unpkg.com/@videojs/themes@1.0.1/dist/sea/
Redirect Chain
  • https://unpkg.com/@videojs/themes@1/dist/sea/index.css
  • https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
1 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/pages/show-11000a9b.css
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b374d05231f031b755f2d522847efa8d0b2af827366c01b055216eda7fe1f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets.risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
16068557
last-modified
Wed, 28 Oct 2020 04:24:35 GMT
fly-request-id
01GSAG35AVKRZMEAG6ST90Y27Q-fra
server
cloudflare
etag
W/"4f6-vBgwTvo8UG+Hkhbt9c4vT9i+iMU"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7f9a64f358269199-FRA

Redirect headers

date
Sun, 20 Aug 2023 11:46:11 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H89BQMRFF2F8S5NXYFDVXSSH-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
558
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@videojs/themes@1.0.1/dist/sea/index.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
7f9a64f31ff29199-FRA
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 17:52:03 GMT
x-content-type-options
nosniff
age
64448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 17:52:03 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 09:58:02 GMT
x-content-type-options
nosniff
age
438489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Aug 2024 09:58:02 GMT
bootstrap-icons-dfd0ea12.woff2
assets.risu.io/packs/media/fonts/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer
https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 20:36:06 GMT
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
54605
content-type
application/font-woff2
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90528
show-87d3346059c201960fc3.js
assets.risu.io/packs/js/pages/ 		3 MB
799 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/js/pages/show-87d3346059c201960fc3.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2b8a34ffc8c4ee5b4a735e57c01a329e7d6e218b993b7d91ae38fe5a09662436

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 14:28:15 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
76676
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
817402
zh-TW.js
assets.risu.io/javascripts/i18n/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/javascripts/i18n/zh-TW.js?b8928d7ddbc6bd8fd605402c4caed5ba
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:29:00 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sun, 20 Aug 2023 11:27:55 GMT
server
nginx
age
1031
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10051
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db7dc624f5439e358203f77bd5e3a1cf1b6e15d8221441977095904657dcfcf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50991
x-xss-protection
0
server
cafe
etag
3715662130610405904
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Aug 2023 11:46:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6c73c701168f47d3abf9422106074fd3ac845afe3b26debdc3503c005c5fbae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50938
x-xss-protection
0
server
cafe
etag
12370407627151861974
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 20 Aug 2023 11:46:11 GMT
header-284b48f4c520b20108dc.js
assets.risu.io/packs/js/commons/ 		470 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/js/commons/header-284b48f4c520b20108dc.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:26:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
19173
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146149
application-bc03df23d8f68313a035.js
assets.risu.io/packs/js/layouts/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/js/layouts/application-bc03df23d8f68313a035.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:26:38 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
19173
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17116
invisible.js
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame D663
Redirect Chain
  • https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf26e36b23826e16643dcb4735b654c74e1be640948d7b55f6fbbe58b5a6770
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f9a64f41c0c5b86-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 20 Aug 2023 11:46:11 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control
max-age=300, public
cf-ray
7f9a64f3ebee5b86-FRA
alt-svc
h3=":443"; ma=86400
7f9a64ef3d114db1
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D663 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7f9a64ef3d114db1
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
server
cloudflare
cf-ray
7f9a64f4fcb95b86-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		130 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
695c41368b7f73bed68179baf297ecd790c9c3c17658322b0116ea9d7e18640d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50975
x-xss-protection
0
last-modified
Sun, 20 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 20 Aug 2023 11:46:11 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=risu.io&bust=31077199
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15bc94c5ccb90e63849d895e4afb7ca35907776f601f3b2872d4256b5d3a771b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134820
x-xss-protection
0
server
cafe
etag
11109758366551572680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 20 Aug 2023 11:46:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame B910 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 09:34:56 GMT
etag
13776922816869014096
expires
Sun, 03 Sep 2023 09:34:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
invisible.js
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame D663
Redirect Chain
  • https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Protocol
H3
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b333918496aa4a7ef415f36b522a2b8c84eabca40b6e6ac1dadd845a6c29f75d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f9a64f6de575b86-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 20 Aug 2023 11:46:11 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control
max-age=300, public
cf-ray
7f9a64f68e0b5b86-FRA
alt-svc
h3=":443"; ma=86400
ysm_risu.js
ad.sitemaji.com/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_risu.js
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/js/pages/show-87d3346059c201960fc3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 20:09:05 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 27 Jul 2023 09:23:59 GMT
server
nginx/1.12.1 (Ubuntu)
age
56226
etag
W/"64c237af-b264"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13616
expires
Sun, 20 Aug 2023 20:09:05 GMT
facebook-icon-43072eec.svg
risu.io/packs/media/brands/ 		802 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/REerL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
age
35323
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7f9a64f6ce4a5b86-FRA
alt-svc
h3=":443"; ma=86400
google-icon-501a643d.svg
risu.io/packs/media/brands/ 		1 KB
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/REerL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
7f9a64f6ce4c5b86-FRA
alt-svc
h3=":443"; ma=86400
logo-1a0670e0.png
risu.io/packs/media/adult/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/adult/logo-1a0670e0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896fccdd4bf0aac29d2a1721a3d555a4884c48ebfc6f136dbcb1ccfcd69f2507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/REerL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
via
1.1 google
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=4434
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
content-disposition
inline; filename="logo-1a0670e0.webp"
accept-ranges
bytes
cf-ray
7f9a64f6ce4d5b86-FRA
alt-svc
h3=":443"; ma=86400
content-length
2888
323e66c2-4c09-4156-8245-0ba6356f2c81
https://risu.io/ 		1 MB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/323e66c2-4c09-4156-8245-0ba6356f2c81
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
1177087
Content-Type
application/javascript
81e408ff-d29e-41a3-b8fc-d5f223f042da
https://risu.io/ 		1 MB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/81e408ff-d29e-41a3-b8fc-d5f223f042da
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
1177087
Content-Type
application/javascript
8c315dbc-a649-48a4-8e4e-7d536037cb1d
https://risu.io/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/8c315dbc-a649-48a4-8e4e-7d536037cb1d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
rum
risu.io/cdn-cgi/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://risu.io/REerL
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type
application/json

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://risu.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7f9a64f6de5c5b86-FRA
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Aug 2023 11:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
108
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 20 Aug 2023 13:44:23 GMT
js
www.googletagmanager.com/gtag/ 		231 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30ecb4353cd1a190d9940c007c5fc276151a2592636ee73694d8168409bd0dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82293
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 20 Aug 2023 11:46:11 GMT
cookie.js
partner.googleadservices.com/gampad/ 		381 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=risu.io&callback=_gfp_s_&client=ca-pub-9208708170783140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=risu.io&bust=31077199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a01df832d69344e48fa76b5ee78d4103cbd6572826b77b4a8d69310ccfea845
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 51B8 		3 KB
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692524771&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frisu.io%2FREerL&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692531971422&bpp=2&bdt=527&idt=268&shv=r20230816&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5761113549599&frm=20&pv=2&ga_vid=462374568.1692531972&ga_sid=1692531972&ga_hid=66189446&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31077090%2C31077148%2C31076994%2C31077199%2C44799580&oid=2&pvsid=2072166258750691&tmod=1056370676&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=292
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=risu.io&bust=31077199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8896dd66f19a0a112caf1339ad1f89206150160d6f1ba9da4420b52c0086ff09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
565
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:46:11 GMT
expires
Sun, 20 Aug 2023 11:46:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sweet-modal-overlay%20theme-dark%20sweet-modal-clickable%20is-visible%20blocking&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=sweet-modal-overlay%20theme-dark%20sweet-modal-clickable%20is-visible%20blocking&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=risu.io&bust=31077199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abff00bf92a4fcad413fdbf309a2599a6e0ce6b2bf60f179dbc8c3a3322860c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11721
x-xss-protection
0
7f9a64ef3d114db1
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame D663 		0
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7f9a64ef3d114db1
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
br
server
cloudflare
cf-ray
7f9a64f82f915b86-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=risu.io&bust=31077199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Aug 2023 11:46:11 GMT
collect
region1.google-analytics.com/g/ 		0
239 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je38g0&_p=66189446&cid=462374568.1692531972&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692531971&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2FREerL&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6561
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9VnyzwitL9ICJq2EldtWhwnmPkBjXGWC7YYfRo1odgZ3V%2BH3CKgjiUPi8hcgM%2Ffy9GHowR1FA5H4GVp268zS%2BGEFT4QiU%2Bpyf2xHx6MtcYBnjBNFL7dftL6l7Fkw6zbSV3bt%2FYw%2F7H5qHahpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7f9a64fc1b3c9c07-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
collect
www.google-analytics.com/j/ 		16 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=66189446&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2FREerL&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1561522044&gjid=837422189&cid=462374568.1692531972&tid=UA-146086888-1&_gid=1589952683.1692531972&_r=1&_slc=1&gtm=45He38g0n81MR8WJDJ&z=1036157052
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
native.js
s.yimg.com/dy/ads/ 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_risu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:43:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
9EA7H4HETAQNHKNM
age
145
x-amz-server-side-encryption
AES256
x-amz-id-2
ElBycsNtVblT+4SsSraxUO8Ouv5qmGX0pTKDA2LhN2q6o/wNGeHhC4+ySIdr0Ax8Nw9+S5B7Sh7ZsVTsXwnFKG0OhPmZxqj0
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
collect
stats.g.doubleclick.net/j/ 		4 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146086888-1&cid=462374568.1692531972&jid=1561522044&gjid=837422189&_gid=1589952683.1692531972&_u=YADAAEAAAAAAACAAI~&z=33596638
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 20 Aug 2023 11:46:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7838384c729d79fffbd9df6b0ef50afaa752da5bcda4ab191dcce8f12483bab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80245
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 20 Aug 2023 11:46:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B942 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1098
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:27:54 GMT
expires
Mon, 19 Aug 2024 11:27:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 68D1 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
803b05e85419e4a2fbbcc472773c3d5c3066123037c96bc5838dbe17c25098f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HGlXV_VXwoFtsNHc044E8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-HGlXV_VXwoFtsNHc044E8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:46:12 GMT
expires
Sun, 20 Aug 2023 11:46:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
pagead2.googlesyndication.com/bg/ Frame B942 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 09:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
7401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14691
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 09:42:51 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=462374568.1692531972&jid=1561522044&_u=YADAAEAAAAAAACAAI~&z=1042428699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=462374568.1692531972&jid=1561522044&_u=YADAAEAAAAAAACAAI~&z=1042428699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je38g0&_p=66189446&_gaz=1&ul=en-us&sr=1600x1200&cid=462374568.1692531972&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2FREerL&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1692531972&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=462374568.1692531972&gtm=45je38g0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZH634PL121&cid=462374568.1692531972&gtm=45je38g0&aip=1&z=1126694881
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ 		302 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=b5858d12-f29d-4be7-a010-ffbefc2cbcf4&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2FREerL&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o1.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
40fb2972719900ba9483ad59a7c0806f0a1d05a997cb963621e89df30e8450b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Sun, 20 Aug 2023 11:46:12 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
15
x-xss-protection
1; mode=block
x-request-id
9ad89231-7a08-41ee-bf9b-f366761c1a9e
b
geo.yahoo.com/ 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:12 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ Frame 68D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=2072166258750691&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B942 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iLcLWQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
arjs.php
ad2.apx.appier.net/www/delivery/ Frame 0427
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=eXId5bDfAwWbNzOcBf3hZA&id=id0vcn5lbjos5z7xp
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=eXId5bDfAwWbNzOcBf3hZA&id=id0vcn5lbjos5z7xp
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
5494634ab4401257567bfed83706b80632f5ea41d3ad90cec229dce89bb255a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:13 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sun, 20 Aug 2023 11:46:13 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=eXId5bDfAwWbNzOcBf3hZA&id=id0vcn5lbjos5z7xp
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
arjs.php
ad2.apx.appier.net/www/delivery/ Frame A9EE
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
  • https://gocm.c.appier.net/aanet?id=id0vcn5lbjos5z7xp&url=ad2.apx.appier.net&zoneid=9201
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=-WLVeVP9DZiKOjjZBf3hZA&id=id0vcn5lbjos5z7xp
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=-WLVeVP9DZiKOjjZBf3hZA&id=id0vcn5lbjos5z7xp
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
308561eb59a6e1af374c15652df7ee599cb28b37f294c40b125be84731639db9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:13 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sun, 20 Aug 2023 11:46:13 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=9201&acid=-WLVeVP9DZiKOjjZBf3hZA&id=id0vcn5lbjos5z7xp
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1728
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17c0v%2Byjh8uw9A8dgkqPY7JxOsu2hN2d24XHqysAIBhz0j12KWHTuQccCi9mhI4x%2BTkZWp7WyoQ%2FDLmwh5YSyo%2FpRQmAddIQJfSJ0BRKpyIDEJHrpfE%2F0qGKo%2FsS2f7eHbevtBmQhrxV%2B%2FwCiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7f9a64fc5b879c07-FRA
ad_request
ads.aralego.com/ 		409 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FREerL&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.3456629405854703&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
4c34c89b92ba7a6222f549d56196466135bdbef47e2b1b06545b994b9f96cc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:13 GMT
x-width
728
x-height
90
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
409
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=2072166258750691&bg=!qaqlqv7NAAZGPLJIZjw7ADkAdvg8WkFMQelN5iFaZayziPCt4uv9ri2dQXWGftRSm-H7000dd-7KevSgcJrsMLXY9uPsrG6uFMUCAAAAf1IAAAAJaAEHCgCME1FAH6szJeiSKV578M0aQ2kICB-vd2i7iKDnWeC45JcVWKmmij5RfAZ8wziGiGzZEg-bqA48Ak9F_TEKWkQZ63VwU8iiz3TxqUq5C-YKp2J9XaIUkbpAywPHPmVMbHZfC61XxFD6g15Zp3B4JLOBhNMyMTbWuOjiSxcHe4efAX6ES2LRgoFxflZz50iZAtE_Nftq1RBLnBc8D6dVek3HWWWgknZJIoikWItZ84Y0dDzIg6q0NWlSA_-narg7kePOP9g2iO_leburF0rBJijXhyHuUyU4cdvr0bPZJtZEr_7oM2wlmC7837flGuGayA0oDEFwFJzfihaSJlLd-p1yHb30BjBIjfP_-JEFEm8lIHl41Y0skNLACf2BDy-zGNTlmnkMxdUWX-_Fh6j9xWa5OeqUuXMuMRBf1X0CS8usWm1ez_lP3KHwbJDLXKVUpapqAI4w9hrf3Sutdc7idZTZk6-D1pb8xYJUBXu-J0ordxMqetKgB-sJ9zWfjaMcOtiS5BVeVJEoWOQvds1TNvqR3-cglcStOhBlGndzAMmMnQsoEIpG5dkwbS12SVijR-Uq0yAflRPhyCBNPngzFADvmWUC8lTZ9SYBniyU0_Nz1jQeIJ-A9huIIv_TKa_TaPcsC6VhV5bQffpl5NWSgjvZygwb_daq1vblXZ6Kgy5rK3A_taB8w7PIF-UjgUXB73TU3oWNpLDdSGquarctn0dMbpK4XcP-e54sB88BoI6x1lQx-84VBLJcmO__VeFieqmy3XFviXVlPwJGy2j5QUx03KJLf-ONGvBzoLg7cR9uLQ99wDuOMew4F-I145HSR3PW9pYUnLitqZ3S43V6k6wRmYZz3Sm4Z8UUKQnTpFbt2A1-6rAs97BeP1iRIIqy8Y0yZHxzvExNE33letdIVuwAFGLj-NoLDYsJU5PtBLC2_h8gXw6vBVxFPU91HxY31weu-j3l5MIXGMCR5KyVztuzBvTl0pdbUeKzv75pNX8hm0WOO19KY-ovQvjouiybqRkySDeVV5Ve1tHbZJpmWnGgrHYoSgXuoNN1Q-3eTLhq0xotrUfuoDhl-LYDrKMqPGwrzadiQLaPheZmVjHIAXYbYgd9UMcorJo9VFXcnPfK8jz6Qt0ST0YyhUn3WRPNkHOB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
arjs.php
ad2.apx.appier.net/www/delivery/ Frame 9B89
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TG-egsJxDEC5E1qSBf3hZA&id=ida4mlvgiastit93r
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TG-egsJxDEC5E1qSBf3hZA&id=ida4mlvgiastit93r
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
04185c9bdf0bc39a0e770c08e1c0dc007484a1ddd8fb50e81d33b1ab7bc5e676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:13 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sun, 20 Aug 2023 11:46:13 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TG-egsJxDEC5E1qSBf3hZA&id=ida4mlvgiastit93r
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
fpc
pmp-beacon.apx.appier.net/v1/ Frame 0427 		12 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
174.191.81.34.bc.googleusercontent.com
Software
/
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
content-length
12
content-type
application/json; charset=utf-8
init.js
cdn.holmesmind.com/js/ Frame E95E 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
HQWMcGU6N9KrfwUZpeJoaEhU8hyygoVL
date
Sun, 20 Aug 2023 11:45:44 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 00:37:14 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
50
x-amz-server-side-encryption
AES256
etag
"765bc7e6ddd2b07161d6312a6db8df41"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6175
x-amz-cf-id
e_d1XwZaBv0HLf7jjgDdjQIbh3ReKUv5YyZg4ZWQ10xuO_Ef5K4YRA==
gcm
gocm.c.appier.net/ Frame E95E 		42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.104.64.149 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1674-149.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 20 Aug 2023 11:46:14 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
fpc
pmp-beacon.apx.appier.net/v1/ Frame A9EE 		12 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
174.191.81.34.bc.googleusercontent.com
Software
/
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
content-length
12
content-type
application/json; charset=utf-8
gcm
gocm.c.appier.net/ Frame E913 		42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=9201&id=id0vcn5lbjos5z7xp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.104.64.149 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1674-149.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 20 Aug 2023 11:46:14 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
init.js
cdn.holmesmind.com/js/ Frame E913 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
HQWMcGU6N9KrfwUZpeJoaEhU8hyygoVL
date
Sun, 20 Aug 2023 11:45:44 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 18 Aug 2023 00:37:14 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
50
x-amz-server-side-encryption
AES256
etag
"765bc7e6ddd2b07161d6312a6db8df41"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6175
x-amz-cf-id
Cg9MInhcvtgBvGO_Tne-P-3rOK20c73IwIb9fgPqkkTcoYixjzaKCQ==
fpc
pmp-beacon.apx.appier.net/v1/ Frame 9B89 		12 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
174.191.81.34.bc.googleusercontent.com
Software
/
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:14 GMT
access-control-expose-headers
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
content-length
12
content-type
application/json; charset=utf-8
gcm
gocm.c.appier.net/ Frame 556A 		42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.104.64.149 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1674-149.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 20 Aug 2023 11:46:14 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 556A
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6563
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5slSyeurdG61eYson0DzhPDA8Tv40mSfjOtthTChrnYLe9YlE3%2Bql1zl0kJ%2BVacAIfPs2DrJRnf2gdxhQCiVKSNXX%2Bc9%2BzCrkFTqdrJ40EZLLwVcpFzX0OsQloOVAN2tbROfAv%2FW3BpNx19IxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7f9a6507ceb69b82-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 994F 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34
content-length
8743
content-type
text/html
date
Sun, 20 Aug 2023 11:45:44 GMT
etag
"13b071589ab65dddb11f1622d53b9385"
last-modified
Thu, 27 Jul 2023 03:11:36 GMT
server
AmazonS3
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
x-amz-cf-id
0G5dQI7VN6Yo6GkI9Sh-gxKxA-KzIfy-TBw-sppKZbsyMY3gEL6p1A==
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
vx257VoAWJaQJ9t62NgrKIzFJbLG_bgN
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame EA02 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Sun, 20 Aug 2023 11:45:44 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
33
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
-_HJ3o8uB_M3OzbvwkGc1DCTv-CAg6WJpT0nCzIKUxn53kbkILZWjA==
capmapping.htm
cdn.holmesmind.com/js/ Frame 1C33 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
34
content-length
8743
content-type
text/html
date
Sun, 20 Aug 2023 11:45:44 GMT
etag
"13b071589ab65dddb11f1622d53b9385"
last-modified
Thu, 27 Jul 2023 03:11:36 GMT
server
AmazonS3
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
x-amz-cf-id
9OMUSo_hM4v9-ikVKHdctdphzOK_COwGmZOJGBbOVNwBiB_lfbTpNw==
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
vx257VoAWJaQJ9t62NgrKIzFJbLG_bgN
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 93FA 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date
Sun, 20 Aug 2023 11:45:44 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Tue, 15 Aug 2023 02:43:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
33
x-amz-server-side-encryption
AES256
etag
"6cb998b36618c683768049fa1b914a4e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8036
x-amz-cf-id
WQ7eUj2oi2FmMWybjoG_k_zQZfFriPXwdrdawokeLdeZX7rKBdBsjg==
/
cm.lndata.com/ Frame 994F 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 20 Aug 2023 11:46:15 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 4DC0 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 20 Aug 2023 11:46:14 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 265C 		0
0
cm.js
fcm2.holmesmind.com/ Frame 994F 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.180.23.89 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-180-23-89.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Aug 2023 11:46:14 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 994F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 20 Aug 2023 11:56:16 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 994F 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 994F
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Sun, 20 Aug 2023 11:46:14 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
/
cm.lndata.com/ Frame 1C33 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 20 Aug 2023 11:46:15 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 1C33 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 1C33
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Sun, 20 Aug 2023 11:46:14 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame AB46 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 20 Aug 2023 11:46:14 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 152C 		0
0
cm.js
fcm2.holmesmind.com/ Frame 1C33 		409 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.180.23.89 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-180-23-89.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 20 Aug 2023 11:46:14 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame EA02 		2 KB
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=11260
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d78153ba647326478f318402e585119d3e412c656c9b408637d2f396ba230fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
Preset.js
adcdn.holmesmind.com/adserver/ Frame 93FA 		2 KB
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=11260
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d78153ba647326478f318402e585119d3e412c656c9b408637d2f396ba230fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 556A 		975 B
760 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1730
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Kdhc%2FMaUpf%2FCydCjgTwBVYF494FG01q5Y4GjJ6QJin2d2k0cDVASKHmB5DbgU4UYoROQ%2FIGuCAX755mn7jRrCaXf98CZmLWw2OLMjPEIyct7ZnVlipSJGJG0YEJ8eB3q0bloum0r3jOlUJfGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7f9a65084f4f9b82-FRA
idRequest
sync.aralego.com/ Frame 556A 		46 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
4d25ac5db6ad3cba42a94d2170bc8b81e1e14f564f9b85879c7518afb39d6500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame 556A 		512 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FREerL&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4081663272307068&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:14 GMT
x-width
728
x-height
90
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-sspid
c85dbfa2-58ec-32f7-849c-5107faf66fbd
x-adtype
html
connection
close
content-length
512
fsa-sdk.min.js
ad.sitemaji.com/fsa/ Frame C789 		108 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 08:27:43 GMT
content-encoding
br
via
1.1 google
last-modified
Wed, 16 Aug 2023 09:25:25 GMT
server
nginx/1.12.1 (Ubuntu)
age
11911
etag
W/"64dc9605-1af49"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11702
expires
Mon, 21 Aug 2023 08:27:43 GMT
/
ssl.sitemaji.com/geo/ Frame C789 		17 B
266 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
text/plain; charset=utf-8
Date
Sun, 20 Aug 2023 11:46:15 GMT
Cache-Control
max-age=86400, public
Server
nginx
Connection
keep-alive
Content-Length
17
Expires
Mon, 21 Aug 2023 11:46:15 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 994F 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 20 Aug 2023 11:46:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
sGp2gJbT1u6+sbrMXlQ25H5nZW1aVl+h9BY6D0S3d3sFJ4DJ0k8SSZcHmO8a5D32J0EuctRHMZhgsvCsclJWqg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 1C33 		173 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 20 Aug 2023 11:46:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47412
x-xss-protection
0
pragma
public
x-fb-debug
sGp2gJbT1u6+sbrMXlQ25H5nZW1aVl+h9BY6D0S3d3sFJ4DJ0k8SSZcHmO8a5D32J0EuctRHMZhgsvCsclJWqg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame C6E9 		714 B
746 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
268
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7f9a650b9b549b82-FRA
content-encoding
br
content-type
text/html
date
Sun, 20 Aug 2023 11:46:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aucr2Lso1zOGIjXinlnoJD%2BFbdtmj1weFdTNLwmA4UZUyXAAr%2BgrYWVqeJzZRQJdraNJliNEtiqCiyNJ26K1nv6P5YUaVR7fpgHmdtmthAKNAi4%2FkTq9T61pMnzFpDCBCn5HTNIRowFvEpFSzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 549D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 20 Aug 2023 11:46:15 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 20 Aug 2023 11:46:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ Frame 556A 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
connection
close
content-length
35
content-type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C6E9 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a99e93e1d1379de36cbd97bf6bca2350443bc14f54fb837877740d66b29128a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28522
x-xss-protection
0
server
cafe
etag
992 / 19589 / m202308150101 / config-hash: 4570674370816517536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 20 Aug 2023 11:46:15 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 93FA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FREerL&n=471&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8975-aXNasi8a2Z56TpC7xglu9w3ovPNbDahR&fp_uuid=8975-e122781faeb272aa237dc97cc2487d98a6328090e6c62ab3eda20b96941a3838&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f4309ea2c1a1e63b3beb3d38ef47f134683f18953d4c472c97680cf104e70385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 93FA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
0fG0jBlN_fjL2b_cGVorqgKefgxutKTo
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:14 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
54
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
xWttjaQJ0eCP4ECcLwXBmFtKzIt61RDfOXwVZNqzNanaNveHbtqJHw==
publishertag.js
static.criteo.net/js/ld/ Frame 93FA 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-1fe04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 21 Aug 2023 11:46:15 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 93FA 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
55
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
jtglm3u7yABayiaxnoo45nIjqsHf6-i6DLDW5eWBM4jhCesh76YaLQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 93FA 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
QDDkZ0Y9wB3QqsNSDoyIsF7zIuG1Itaj
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:24 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
48
x-amz-server-side-encryption
AES256
etag
"990b529c50a92c18cd5337f5f2a1d611"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4532
x-amz-cf-id
fve6zU3AfXwFNowTwBnD1QAsWSIhdPvfYDrl8DzWSWvhJ9_DQiHOxw==
appierV2.js
cdn.holmesmind.com/js/ Frame 93FA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
54
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
5f8Kcb2_ZNNS4XJPq9cXfzrEEXgizwSIr5_FHRa3UUbC1ULbbSKj2g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 93FA 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
u3L28Xt1KqU76H00EInRZdWnsemjGRZo
date
Sun, 20 Aug 2023 11:46:15 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
5
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
M48650WHE4NolNKBIkDdMSNKQNIx7cOqgznfT6-ftLiSqVEJ6kwYcw==
ads.js
ad.holmesmind.com/adserver/ Frame EA02 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FREerL&n=382&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8975-aXNasi8a2Z56TpC7xglu9w3ovPNbDahR&fp_uuid=8975-e122781faeb272aa237dc97cc2487d98a6328090e6c62ab3eda20b96941a3838&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3f71813349543fcd5c130d1f6ea842ba20d0f1ddf127ada278051485b4709edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame EA02 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
0fG0jBlN_fjL2b_cGVorqgKefgxutKTo
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:14 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
54
x-amz-server-side-encryption
AES256
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
2nbf_W8u8bxAOkDw8aUhcCkGbV7pMcsxfG2jy2P82s_evIV7Likx8Q==
publishertag.js
static.criteo.net/js/ld/ Frame EA02 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-1fe04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 21 Aug 2023 11:46:15 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame EA02 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
55
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
01IsnNnTXfJjoQH98J4f4x49hmhGYjFbdL_bsdA1xar1u2REwCPhpg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame EA02 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
QDDkZ0Y9wB3QqsNSDoyIsF7zIuG1Itaj
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:24 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
48
x-amz-server-side-encryption
AES256
etag
"990b529c50a92c18cd5337f5f2a1d611"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4532
x-amz-cf-id
76PdcvyNRZmHofziT4W0xEWEhy4EvJBMEN4JZYCB6F_JTPyYaSMTGw==
appierV2.js
cdn.holmesmind.com/js/ Frame EA02 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
DuL3NqcSAWlg9.9pH8H17Ba3odTimTvK
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
54
x-amz-server-side-encryption
AES256
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
8LRo4t9K7vNU9K6lDzYyT7DjkZmcYcngsLrUM_H3UKiWWcEx3G5t6g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame EA02 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
u3L28Xt1KqU76H00EInRZdWnsemjGRZo
date
Sun, 20 Aug 2023 11:46:15 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:28:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
5
x-amz-server-side-encryption
AES256
etag
"d653bf20e2f03cb602105cbd317c55ed"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6650
x-amz-cf-id
obzbgj0EQt-MHsRUwcB-My0dlXgA7IG4F3Phcpvskrl6-smePAR-iw==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 93FA 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:15 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 93FA 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4418524653970175
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://risu.io
Date
Sun, 20 Aug 2023 11:46:15 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame 93FA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 20 Aug 2023 11:46:15 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame EA02 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:15 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame EA02 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.4743972524476814
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://risu.io
Date
Sun, 20 Aug 2023 11:46:14 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
bid
ad2.apx.appier.net/v1/prebid/ Frame EA02
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 20 Aug 2023 11:46:15 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame EA02
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 20 Aug 2023 11:46:15 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 93FA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 20 Aug 2023 11:46:15 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=TG-egsJxDEC5E1qSBf3hZA
cache-control
no-store
access-control-allow-credentials
true
content-length
0
syncframe
gum.criteo.com/ Frame D034 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:46:14 GMT
server
Kestrel
server-processing-duration-in-ticks
242825
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 93FA 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=1919539290
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
utag.js
t.ssp.hinet.net/ Frame 93FA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 20 Aug 2023 11:56:16 GMT
utag.js
t.ssp.hinet.net/ Frame EA02 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 20 Aug 2023 11:56:16 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ Frame C6E9 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:18:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
1654
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129634
x-xss-protection
0
server
cafe
etag
8962464231799197432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 19 Aug 2024 11:18:41 GMT
cdb
bidder.criteo.com/ Frame EA02 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=6222413499
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
usync.js
eus.rubiconproject.com/ Frame 549D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e2ffa0996ab42fd93af0ee29ef3019acba41ccd90b469164e07d8b1dc5b2b09b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Sun, 20 Aug 2023 11:46:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 19 Aug 2023 15:40:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=14073
Connection
keep-alive
Content-Length
10116
Expires
Sun, 20 Aug 2023 15:40:48 GMT
khaos.jpg
token.rubiconproject.com/ Frame 549D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ads
securepubads.g.doubleclick.net/gampad/ Frame C6E9 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2141806399369076&correlator=3941383302477993&eid=31077189&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692531975340&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=gu03c1y1b1ux&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=882646758.1692531975&ga_sid=1692531975&ga_hid=1810028915&ga_fc=false&dlt=1692531975009&idt=309&adks=64515409&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d5c1c7adfe2e58637340cafb685788138bc6335cf1b97bcc47d3c8c18d47ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d978cde4281304a14c8d956cf30d644b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4CA6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d978cde4281304a14c8d956cf30d644b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:46:15 GMT
expires
Mon, 19 Aug 2024 11:46:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame D034
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=5sAsynw4R3JpTGhmdS9vYnJaakxFMW4zOHU5RVYxYTFUV2o2R04xbUN2ZmFCbWl1dVkrR0JVRUNoVDNnN3BtaVJIRklDamlxQzBxMmRNYWhMWDNRbUJHaUltOThtdVhNN3lwUTVPeXNYUkJURW9zVW5YcHIwSDFnQ2lMcG...
436 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5sAsynw4R3JpTGhmdS9vYnJaakxFMW4zOHU5RVYxYTFUV2o2R04xbUN2ZmFCbWl1dVkrR0JVRUNoVDNnN3BtaVJIRklDamlxQzBxMmRNYWhMWDNRbUJHaUltOThtdVhNN3lwUTVPeXNYUkJURW9zVW5YcHIwSDFnQ2lMcGxQbUdnV2JDREdvZzI3OFRlY3dMV21EeFU1bmpRcGlhb0NoTkhhc2h4K2FBTHNoV2g4SktYMlNPYVJsS2FaOHljQmR0RSt1ZmZZN3M2ZXY1N1dqSGpHQWJxb2pqWi9vdUducUxZeWc2NEZXUmF4alNTTU5WYmk2ekdTNFAveWowS1NVdC8vL1kxTmtwZk9MbUNrdUkrWElCODJDYjlnQT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4ae05184c2e61e8b85e94aaf991fea9f94250960b9d3dfcfdeef5fe4ed3bed0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1444138
expires
0

Redirect headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=5sAsynw4R3JpTGhmdS9vYnJaakxFMW4zOHU5RVYxYTFUV2o2R04xbUN2ZmFCbWl1dVkrR0JVRUNoVDNnN3BtaVJIRklDamlxQzBxMmRNYWhMWDNRbUJHaUltOThtdVhNN3lwUTVPeXNYUkJURW9zVW5YcHIwSDFnQ2lMcGxQbUdnV2JDREdvZzI3OFRlY3dMV21EeFU1bmpRcGlhb0NoTkhhc2h4K2FBTHNoV2g4SktYMlNPYVJsS2FaOHljQmR0RSt1ZmZZN3M2ZXY1N1dqSGpHQWJxb2pqWi9vdUducUxZeWc2NEZXUmF4alNTTU5WYmk2ekdTNFAveWowS1NVdC8vL1kxTmtwZk9MbUNrdUkrWElCODJDYjlnQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
247842
content-length
0
expires
0
drawV2.js
cdn.holmesmind.com/js/ Frame 93FA 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FREerL&n=471&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8975-aXNasi8a2Z56TpC7xglu9w3ovPNbDahR&fp_uuid=8975-e122781faeb272aa237dc97cc2487d98a6328090e6c62ab3eda20b96941a3838&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
O7sZGT0knnzygQhuPzTFxlRFCbP1u_sa
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
48
x-amz-server-side-encryption
AES256
etag
"5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8980
x-amz-cf-id
b-U6OznmIyT5-qSXnFjnFaC_kiJOaYOeNsafn0gSTR5HZz2i4cHasA==
drawV2.js
cdn.holmesmind.com/js/ Frame EA02 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=11260&rf=https%3A%2F%2Frisu.io%2FREerL&n=382&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=8975-aXNasi8a2Z56TpC7xglu9w3ovPNbDahR&fp_uuid=8975-e122781faeb272aa237dc97cc2487d98a6328090e6c62ab3eda20b96941a3838&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
O7sZGT0knnzygQhuPzTFxlRFCbP1u_sa
date
Sun, 20 Aug 2023 11:45:46 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
48
x-amz-server-side-encryption
AES256
etag
"5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
8980
x-amz-cf-id
YmPxuX3KSGQLuVABxLMt1sWJ2aiVNsFFKxoonuqbi9JFR-xUmNIzFg==
events
bidder.criteo.com/csm/ Frame 93FA 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:14 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 93FA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 14 Aug 2024 11:46:15 GMT
pixel.gif
static.criteo.net/images/ Frame 93FA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 14 Aug 2024 11:46:15 GMT
pixel.gif
static.criteo.net/images/ Frame EA02 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 14 Aug 2024 11:46:15 GMT
pixel.gif
static.criteo.net/images/ Frame EA02 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 14 Aug 2024 11:46:15 GMT
events
bidder.criteo.com/csm/ Frame EA02 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sodar
pagead2.googlesyndication.com/getconfig/ Frame C6E9 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86bbc096ec2330c2610ff6c3eea1e94409500e53065ec539f62849938aef4d31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11706
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 3E96 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:46:14 GMT
server
Kestrel
server-processing-duration-in-ticks
1013395
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C6E9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 20 Aug 2023 11:46:15 GMT
sid
mug.criteo.com/ Frame 3E96
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=EJdXBV9jZEFIWlAzJTJGJTJGSUI2Y3phWm00d3oxR0hia0hhRFpSN09qZk9yQXgzYUxxSnRKa2tyNWNybHFw...
  • https://mug.criteo.com/sid?cpp=3bsx93xrT2t4b1hLUVFxRmdhbFI0dXlBbzZOT0hvSDVnSStNQ2M4SlhRREJGaVEwL0VhVlk2MXJtVnFWZEE1OTFsVm9OVncyZkJVTUFCRWhsMEgyd0k5TFhyZTNGZDlHTEpGeFJVZUM1MVhDK0EwWlFSQXBKUFJML09pRF...
447 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3bsx93xrT2t4b1hLUVFxRmdhbFI0dXlBbzZOT0hvSDVnSStNQ2M4SlhRREJGaVEwL0VhVlk2MXJtVnFWZEE1OTFsVm9OVncyZkJVTUFCRWhsMEgyd0k5TFhyZTNGZDlHTEpGeFJVZUM1MVhDK0EwWlFSQXBKUFJML09pRFNzREFEQ3N2VUd5YngyZXpWN3YxZ3J2aGhhUDJIdkcrcW9wRE5PVU56TCtLY1pKYXowYUh1bVJha2hwNk9XNTM4TGFDOTJBYlpDZkkxTUpDOGVlOHhJSDJ4UVJ1K2JVazgrNWZtU2ErVHczY25yRGtMZkxSaWs4dS9HWUh1Sjk0L0ZCUTVhZ3RYcDhRcVN3L0xwMnFmTzdpaDdIdE5lQT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
64b590e4f83b15ba345b713313d48fe3e1ce3e3431270c46125964a0a6c928f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1192062
expires
0

Redirect headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3bsx93xrT2t4b1hLUVFxRmdhbFI0dXlBbzZOT0hvSDVnSStNQ2M4SlhRREJGaVEwL0VhVlk2MXJtVnFWZEE1OTFsVm9OVncyZkJVTUFCRWhsMEgyd0k5TFhyZTNGZDlHTEpGeFJVZUM1MVhDK0EwWlFSQXBKUFJML09pRFNzREFEQ3N2VUd5YngyZXpWN3YxZ3J2aGhhUDJIdkcrcW9wRE5PVU56TCtLY1pKYXowYUh1bVJha2hwNk9XNTM4TGFDOTJBYlpDZkkxTUpDOGVlOHhJSDJ4UVJ1K2JVazgrNWZtU2ErVHczY25yRGtMZkxSaWs4dS9HWUh1Sjk0L0ZCUTVhZ3RYcDhRcVN3L0xwMnFmTzdpaDdIdE5lQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
242603
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 419B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:27:54 GMT
expires
Mon, 19 Aug 2024 11:27:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0818 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
613506505ecd2c5c244098c19224a38cc9b60d8718d2a5037714ff1dcace4bf9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A16zoVXVjalOnu5jTsU9Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-A16zoVXVjalOnu5jTsU9Bg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 20 Aug 2023 11:46:15 GMT
expires
Sun, 20 Aug 2023 11:46:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 0818 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=2141806399369076&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
pagead2.googlesyndication.com/bg/ Frame 419B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 09:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
7404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14691
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Aug 2024 09:42:51 GMT
campaign.php
fsa-api.feebee.com.tw/maji/v2/ Frame C789 		6 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=de
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
f7f91d3e0d79fe58aea49e64b0b149ab3d69d29da706c9145233efcc2144d755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Sun, 20 Aug 2023 11:46:16 GMT
content-encoding
gzip
Server
nginx
Transfer-Encoding
chunked
access-control-allow-methods
*
Content-Type
application/json
access-control-allow-origin
https://risu.io
vary
Accept-Encoding
access-control-allow-credentials
true
Connection
keep-alive
x-robots-tag
noindex
access-control-allow-headers
Origin, Methods, Content-Type, Authorization
Live_Streaming.js
cdn.holmesmind.com/js/modle/ Frame 93FA 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03273ae190b60d647255c6a8d8d56e1864a485d642d5ace4d1ddc05d2bcd84bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
iMsx2g2XOCJggZEpBtDu9pyeABImEhok
date
Sun, 20 Aug 2023 11:46:17 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:26 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
etag
"ef91e8dcfd23fe06203a93a747cf4ad7"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
38504
x-amz-cf-id
TgixyoD3_GNz1_Sf9ctJP5blpjs7EL0zcA9jkPk5kqGLIgtF0Zz0lg==
Live_Streaming.js
cdn.holmesmind.com/js/modle/ Frame EA02 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03273ae190b60d647255c6a8d8d56e1864a485d642d5ace4d1ddc05d2bcd84bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
iMsx2g2XOCJggZEpBtDu9pyeABImEhok
date
Sun, 20 Aug 2023 11:46:17 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:26 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
etag
"ef91e8dcfd23fe06203a93a747cf4ad7"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
38504
x-amz-cf-id
o4wfKiSH8vP25gCFv7Hhps0MoWpEqIN9_hndZGMH20jfCDQDEVfA8A==
generate_204
tpc.googlesyndication.com/ Frame 419B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?u_tfFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
t.ssp.hinet.net/ Frame 994F 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
3d3114bfc527fc5c375cc14c37142bb142a00761325b376e77269bdbb30119e6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 93FA 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0693249e31408dba7c8f9eddcc10bafee486239709bf382fe5a0b0d66db4c8a8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame EA02 		37 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
994d94109fff24564e28d6eb28d4b3d456a3f49ef1355807e318c28ab3babbbe
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/pagead/ Frame C6E9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=2141806399369076&bg=!jY6ljtrNAAZGPLJIZjw7ADkAdvg8Wiqua9JKYdNx1PaOHmc1rWrx-qcVmSfIQ3dI9ipqx0WXxmcnuU_B920Hdi7VHUp3TvEP4T8CAAAAgFIAAAAGaAEHmQLnKALOOCCmLbwExAIlAXTqT6orD9Tv0Og4hJzaJj5O4AYv_k_1Q033pnICQp6V9DRePrCCnnHYlI3Clw3KimqH93YQhPvb8CH5XJXbjoAmKg-v3cg6_ArE6N9YTiagYBtsd1vkAnAl5r0TaZSYGpHE-e6sGONqapC-vmqOjjj-h15rrjv14XPPzm3OuujbZvhJmMjw4kmYk_jzWKxllIQB0_h1oJXC5o0WAhKJ3WoQXtmwGUAZOZ1wabV_Keh98WFVTSzaKsQrDMLYhAfTViz89FRGefxyonBIOAHuURnHSkETrlWIB_Y1yyVERCQxJqFAC1O5o_HWfi5vYMfG9J1Iozs6-EYSiQM1MgSBy7cKPnaHnEWXP_hpr-PgUmzcHDVQJSUZ-Vlu9Ek2XTBlBeoANnyqWUU5e_8vKbnVeBenU8yuuv1HP7cRYrEe0Gz4a8-WQ3t6xJafqI2syZWxy4BFc6iPz7Fhp1pAirlwWyIIS_MGq40Aqnpc3qF7xJa90A9z16KKVhHokFlTqJEAG_OG3ZukS54RCxQ4tYi_VDqCpyXqPWwRE_7IVCErG5K98NF2WAy30kErqF6kXzfM4C-2tWzY7JAO4cLm2GKaYxBGqqs_20zoIDvcj-3YPrgt7gsjU61FaqNpnch5eivBahmcsx-Cuu3v04EOa_-jMzD90dkfu2i6PThxm7aj6F3QEE6xG-0455LVCTyPzuHxHADeoElQ6eDRvLITUa1Vth3ygItqVQyhzcfFrosQTnsd-3oQ7t1xJChk2zlZbYKa3f_Okh5vxN1tb7Worqxz8tZH8nXUhVHcyQhu8gFB3BlZimlE_ZQlTadxHOV5hwHklUlQ1EP4pM9aHnG1kTWIxvb-MBwKDZuv0U5NLDk6iKIsgLRUjpEtS5GJg4TugdtwdB3YjwQVRWOZ1WZZBZYPZdfhY_w07CWtYApiLlmEeHhfL02vI88YhoaI9dZnAqXJnstGMnf9GvpJInw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
emome2
t.ssp.hinet.net/ Frame 93FA 		30 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=6f427653-d7e1-4f31-a345-cdabbfe79eeb
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
93e9eb4006236b25349eb77a06669b15.jpg
cdn.holmesmind.com/image/19875/ Frame 48BD 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/19875/93e9eb4006236b25349eb77a06669b15.jpg
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55ac0751626dffb999a684696ac7a99ae11927ed01c7ebb880e5ed1d89afc7d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:36:56 GMT
x-amz-version-id
0tyPfBeJXcVIBkwO8tsV73BJKzvwMNa.
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Sun, 20 Aug 2023 10:36:19 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
561
etag
"089545bcfc800f722ef94afde33722c8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
13921
x-amz-cf-id
-ehxg-xsTVq6EfgdVE_qsf-Ti_nOxbYeTTNe7BivQ5KW-xk2zk0BMQ==
ade-tracker.js
cdn.holmesmind.com/js/modle/ade/ Frame 48BD 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date
Sun, 20 Aug 2023 11:46:18 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:15 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
etag
"cc88de770769cdecaa524a5801120c78"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1646
x-amz-cf-id
va-G7WbpGZ2h85k8hntMRjF8l6fm3he_0Yuaci9qPmPlfM-C7-5EYg==
v_sdk.js
cdn.holmesmind.com/js/modle/v/ Frame 48BD 		192 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date
Sun, 20 Aug 2023 11:46:18 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
etag
"8644272abfaa44219b2ed3d118b43dbc"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
192
x-amz-cf-id
IAa9BWbL2b3v3zbdrf0beAxtpbdbvV4LF8Q45j7hf04Ohs4nRsKwKQ==
sdk.js
connect.facebook.net/en_US/ Frame 48BD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ca9e0a34a005dc52c5a62d0255bca96a1cbd765ef1432954d2506a2fa8e6905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Aug 2023 11:46:16 GMT
content-md5
TUih+HWllMEnM1V2RKrZOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
FJPYNgDaJX1wz5FJ1HMId5rHixzqbfAEHzUNyGti3lnD1mG59+yKT0n8swTv2NcANJkYjXfWOyQ7bhjJgzVNYg==
x-fb-content-md5
093472b712b565c2cbce7114f59aff45
cross-origin-opener-policy
same-origin-allow-popups
etag
"84b07598863297670374a14ae0ef28b9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 20 Aug 2023 12:05:41 GMT
i
ad.holmesmind.com/adserver/ Frame 93FA 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1692531975&p=11260:92702:180794:773715f343fe38c7dbf1213bb026c502:19875
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
date
Sun, 20 Aug 2023 11:46:16 GMT
server
nginx/1.14.0 (Ubuntu)
93e9eb4006236b25349eb77a06669b15.jpg
cdn.holmesmind.com/image/19875/ Frame 157D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/19875/93e9eb4006236b25349eb77a06669b15.jpg
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55ac0751626dffb999a684696ac7a99ae11927ed01c7ebb880e5ed1d89afc7d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:36:56 GMT
x-amz-version-id
0tyPfBeJXcVIBkwO8tsV73BJKzvwMNa.
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Sun, 20 Aug 2023 10:36:19 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
561
etag
"089545bcfc800f722ef94afde33722c8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
13921
x-amz-cf-id
GAK4pjvAO7dXsCK3suiFG_bck1x9mD8JHQyFC4Z5x95pk9fe20ZvuA==
ade-tracker.js
cdn.holmesmind.com/js/modle/ade/ Frame 157D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date
Sun, 20 Aug 2023 11:46:18 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:15 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
etag
"cc88de770769cdecaa524a5801120c78"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1646
x-amz-cf-id
NjxOWJ9CjZIKjkXw_3s8TBo4_shiQI3kc2xblBs3fLThtFidbLeXOw==
v_sdk.js
cdn.holmesmind.com/js/modle/v/ Frame 157D 		192 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:c200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date
Sun, 20 Aug 2023 11:46:18 GMT
via
1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:26:17 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
etag
"8644272abfaa44219b2ed3d118b43dbc"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
192
x-amz-cf-id
2X1_hp-n8MxmthQc9LH4TBSZsZ5qbGKgzSkpjL6ACzn6uC90hZ1NwQ==
sdk.js
connect.facebook.net/en_US/ Frame 157D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ca9e0a34a005dc52c5a62d0255bca96a1cbd765ef1432954d2506a2fa8e6905
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Aug 2023 11:46:16 GMT
content-md5
TUih+HWllMEnM1V2RKrZOw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
FJPYNgDaJX1wz5FJ1HMId5rHixzqbfAEHzUNyGti3lnD1mG59+yKT0n8swTv2NcANJkYjXfWOyQ7bhjJgzVNYg==
x-fb-content-md5
093472b712b565c2cbce7114f59aff45
cross-origin-opener-policy
same-origin-allow-popups
etag
"84b07598863297670374a14ae0ef28b9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 20 Aug 2023 12:05:41 GMT
i
ad.holmesmind.com/adserver/ Frame EA02 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1692531975&p=11260:92702:180794:009d77cf0995db96c22fb2af9f26842c:19875
Requested by
Host: risu.io
URL: https://risu.io/REerL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
date
Sun, 20 Aug 2023 11:46:16 GMT
server
nginx/1.14.0 (Ubuntu)
sdk.js
connect.facebook.net/en_US/ Frame 48BD 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8e4e3f65a4f0fd217685c767f42f1215
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f20a411c5cdb95ed825c03236ffa6a08092308f68a502425f06ea29caed5a3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Aug 2023 11:46:16 GMT
content-md5
BMe3WO/Skm6y/OdlbuWoGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88859
x-fb-debug
aHRWunD5Dr3OdOVfnmFGY75YZEKlgi1hGZh4c9vIWUTbs40JLF8IUvZGAjtfVyjxmMEbdFUg9Us5gnJGzsKoxA==
x-fb-content-md5
bedf33d8abbc2eeb20c58b8810784ce0
cross-origin-opener-policy
same-origin-allow-popups
etag
"69aaa9f96aec04dea9efac6032b31447"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Mon, 19 Aug 2024 10:10:20 GMT
sdk.js
connect.facebook.net/en_US/ Frame 157D 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8e4e3f65a4f0fd217685c767f42f1215
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f20a411c5cdb95ed825c03236ffa6a08092308f68a502425f06ea29caed5a3bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Aug 2023 11:46:16 GMT
content-md5
BMe3WO/Skm6y/OdlbuWoGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88859
x-fb-debug
aHRWunD5Dr3OdOVfnmFGY75YZEKlgi1hGZh4c9vIWUTbs40JLF8IUvZGAjtfVyjxmMEbdFUg9Us5gnJGzsKoxA==
x-fb-content-md5
bedf33d8abbc2eeb20c58b8810784ce0
cross-origin-opener-policy
same-origin-allow-popups
etag
"69aaa9f96aec04dea9efac6032b31447"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Mon, 19 Aug 2024 10:10:20 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame ED1C 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
330610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4220
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-107c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gin3M0XeZGAKynFRHd9XHVUw8eq%2FlHDlRoLo%2By2BLgei7c1BoobTdg6teRoaJXk4RdyMqGLWfFWIbV6gbDKcsE6yiZRcgyJxH5jBkMzF6ns5FxFUb3swb47%2FA7P6KChMEmiT73EmRYFk7pJk5H9ZpfvV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f9a65174b431c40-FRA
expires
Fri, 09 Aug 2024 11:46:16 GMT
fsa-core.min.js
ad.sitemaji.com/fsa/ Frame ED1C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 17:13:28 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 01 Aug 2023 04:21:31 GMT
server
nginx/1.12.1 (Ubuntu)
age
66768
etag
W/"64c8884b-1be1"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2629
expires
Sun, 20 Aug 2023 17:13:28 GMT
aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9hMmY3YWMzMzViYjJjOGUzMDExNjc3MjRiYzgwYTAxOA.jpg
img.feebee.tw/i/bgYZ0n_fyt9KbGuc82D8_zFyK_pRB9tpy3Ox-kDGolY/372/ Frame ED1C 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.feebee.tw/i/bgYZ0n_fyt9KbGuc82D8_zFyK_pRB9tpy3Ox-kDGolY/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9hMmY3YWMzMzViYjJjOGUzMDExNjc3MjRiYzgwYTAxOA.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 -, , ASN (),
Reverse DNS
Software
imgproxy /
Resource Hash
ab7f0163ea74d07ccfd0a611ed2a304571ecf8c2d81e750a641c59f10d02744b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:17 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="a2f7ac335bb2c8e301167724bc80a018.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20970
x-request-id
DTyYoXHJO5aB1DJ5LRzJD
aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9jNWEvNDI0L2MwYzIvZmQ5Mi81MDNjLzA1NmEvMzk1My8xMTgwZWU5YTM4MDI0MmFjMTEwMDA1LmpwZw.jpg
img.feebee.tw/i/t4n1yNMMXbMLpjXvBDpB8U8CG5wxd8eH_4QZWmbIjAs/372/ Frame ED1C 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.feebee.tw/i/t4n1yNMMXbMLpjXvBDpB8U8CG5wxd8eH_4QZWmbIjAs/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9jNWEvNDI0L2MwYzIvZmQ5Mi81MDNjLzA1NmEvMzk1My8xMTgwZWU5YTM4MDI0MmFjMTEwMDA1LmpwZw.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 -, , ASN (),
Reverse DNS
Software
imgproxy /
Resource Hash
3ddbe0f2c58182f3db460adec5b94c7553e0106c87915b8032ff5417757c76e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:17 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="1180ee9a380242ac110005.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14298
x-request-id
LE3RuETCfJJUMbZK79x4f
aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS85N2JjNzliNzQyNzVhZGViNzFiYThjMjMxZmJlODJjZA.jpg
img.feebee.tw/i/mJ6TVE57AsK_2VUqLpGTXFxy9zVQozUwRrtjSooMqO0/372/ Frame ED1C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.feebee.tw/i/mJ6TVE57AsK_2VUqLpGTXFxy9zVQozUwRrtjSooMqO0/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS85N2JjNzliNzQyNzVhZGViNzFiYThjMjMxZmJlODJjZA.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 -, , ASN (),
Reverse DNS
Software
imgproxy /
Resource Hash
c2469374508f4eb7df0c875be52e67918b63b5fcc8b4752be56470a5487abda4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:17 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="97bc79b74275adeb71ba8c231fbe82cd.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11521
x-request-id
ZwQpX14H9Z0T_4_O4aqXW
IzMgHA_8ihKcF5SBLAX_2ZtAa4ORMkiFbDYqqNGjWUwr97kqbEZKrQb099eAbPPmPSl8XsAeX2XCymd3Yv0giymbJWiAArRSic1PSCaWca1ssb9qHJNwHLRz9qJr_tHOqH9MI9XpvTwGKhX3XEKlQyJ6LUjiIRS-G_DMGi9UlZJ9kcYjrqJ_lhPfhKwjoYUL71w4K...
fsa-api.feebee.tw/maji/v2/view/ Frame C789 		842 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fsa-api.feebee.tw/maji/v2/view/IzMgHA_8ihKcF5SBLAX_2ZtAa4ORMkiFbDYqqNGjWUwr97kqbEZKrQb099eAbPPmPSl8XsAeX2XCymd3Yv0giymbJWiAArRSic1PSCaWca1ssb9qHJNwHLRz9qJr_tHOqH9MI9XpvTwGKhX3XEKlQyJ6LUjiIRS-G_DMGi9UlZJ9kcYjrqJ_lhPfhKwjoYUL71w4KrJp-oZc_7F9TjXu7KwaxaYN791nhcolMWcK01VPQfni_AlTC1g0YPgcbvzgP2SFF4PdGXcwljYWz7yUPuSGI2j6EPg15qjRRPWQToWACCXLljYgp98RB8jyJ_1n3kO.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Sun, 20 Aug 2023 11:46:17 GMT
Server
nginx
Connection
keep-alive
x-robots-tag
noindex
Content-Length
842
Content-Type
image/gif
av
ad.holmesmind.com/adserver/ Frame 93FA 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=11260:92702:180794:773715f343fe38c7dbf1213bb026c502:19875&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:17 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
av
ad.holmesmind.com/adserver/ Frame EA02 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=11260:92702:180794:009d77cf0995db96c22fb2af9f26842c:19875&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.193.203 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-193-203.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 11:46:17 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je38g0&_p=66189446&cid=462374568.1692531972&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1692531971&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2FREerL&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=scroll&epn.percent_scrolled=90&_et=17
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 20 Aug 2023 11:46:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IzMEiC8bWnMcAGXoZXXsPFLJa0yQZA1KDucBmbr2NoFWBmssZ8ybCsCqzglAeQH7C2TmQRoSPKrq0iEFzKprRtO-rO6yanUNku1uHD_odmjsvBNH5nXT6vS6jK5rOxw7170ycAJF9L_xOsfqfX46nNwFQuv518gHI6c_EfiZ3DeefClM8MvX-Hw3TV3UJtSlE0KAH...
fsa-api.feebee.tw/maji/v2/beacon/ Frame ED1C 		842 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fsa-api.feebee.tw/maji/v2/beacon/IzMEiC8bWnMcAGXoZXXsPFLJa0yQZA1KDucBmbr2NoFWBmssZ8ybCsCqzglAeQH7C2TmQRoSPKrq0iEFzKprRtO-rO6yanUNku1uHD_odmjsvBNH5nXT6vS6jK5rOxw7170ycAJF9L_xOsfqfX46nNwFQuv518gHI6c_EfiZ3DeefClM8MvX-Hw3TV3UJtSlE0KAHCTfGNMOmo4WefQWC_Up8UZdwjkU2jktf5XK6hG40d99Z7Q1GicT43tROlfS8Ejq9Potve4VjpKvPqLcle59n1g-6uCDKSPOQ3K7LBeQRHTpbAtMhDMN_WQ1fM1rW7tQEgynFY5Cb5dXKA5PfbIE4tNL7jaRfz6R_m8dUDjVWHYRQTN-BrGXnZHH_YkYyQOaWTWvJBBJ2mTGHO-GSoGW36ZhcVZCzxWH_xPh-hEqLiGpKgpUoka8xLlmDLY9QHgqrDGpBLRKkK3pQFiNBwnS4GBlzNbQ4c5-D6mSxstr1eXscaah--9rbQbcVOnI9bRMGelXdisU3iBpYFqCLf8EW6GqQBP0XFCJoXW1RXWJH9w6BCqAZyI6dRwIDCMqjLpGs-UZpPPTC3M8wEs49NmboFEbOgb6XOEhq_M8bMtSISvC1yusd_QhA6mnLmV1C_yrVnO4u6adDA834h66XWI7bYfV1iBSBYrI0UbeCJsKuWLiJwT5UqcAjD0K-9W90Z-llmO-fplpGjMUH-mR9GtlDqhzFmxHU0INvF6dwqOGAQWZWGROuox4aTYFp2y6Ldq.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Sun, 20 Aug 2023 11:46:18 GMT
Server
nginx
Connection
keep-alive
x-robots-tag
noindex
Content-Length
842
Content-Type
image/gif
IzMZfbibuFxouuYLUrT6xr6xNk6pv0FBZwcjaykylWKSq3Wn02iQyALxZW-gvrI-3EJkJAojf4JBYy41_9LKQunEPho71edt-5Azo50Zj-qOXrrqLlMySNr5mE7NIimECgP71081o3Nj1dgQYGQCW8n_7sNzy5xRrRJ78L_Y3zqDWnUfpMnyHOBA0p7AxX79BbvPD...
fsa-api.feebee.tw/maji/v2/beacon/ Frame ED1C 		842 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fsa-api.feebee.tw/maji/v2/beacon/IzMZfbibuFxouuYLUrT6xr6xNk6pv0FBZwcjaykylWKSq3Wn02iQyALxZW-gvrI-3EJkJAojf4JBYy41_9LKQunEPho71edt-5Azo50Zj-qOXrrqLlMySNr5mE7NIimECgP71081o3Nj1dgQYGQCW8n_7sNzy5xRrRJ78L_Y3zqDWnUfpMnyHOBA0p7AxX79BbvPDTNwLNXlcIBo7kRBYFAXhpCcGqWukfEFNW_63OX9vW6glHSsEO5yswH7J93V-Qttyf_aCdNXM1HEeKBOnRo9lxBZfR6TQrDvKmDcvttEegK3CmTXH9Z-S5_-w3Br1rw4urwu0XFPjeVFKwWaVmZ8qJeDEe7GBe9nYNETVq6DE2g4-iui0slmp7u8PmH2h4BBK8r08nn9JGrIJ51mhjYURMcxwvvZ-6_U5Ht9QhH-jL6gB0fpA1KAWaV0hLjBjmZsY4ymXJevM21-Igtn9O6ng.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Sun, 20 Aug 2023 11:46:18 GMT
Server
nginx
Connection
keep-alive
x-robots-tag
noindex
Content-Length
842
Content-Type
image/gif
IzMREGhMai-yaOCL2v2YsQrmw3l9QH0bvJPhSxC760oIKQShYHflsVMisMXDJtKrr8_hBGPeRv6zU244DuDyymgNafMB43EPnBQ5VZTlZrNOPuQr4JjjVLnuRZ_ahJI6KdI1E0WAx26ev2PVwixEZcWCOOZ0EWB8GwUxHyJBg6VejsxvrcGSOpGX4vPfCMFGIPJT_...
fsa-api.feebee.tw/maji/v2/beacon/ Frame ED1C 		842 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fsa-api.feebee.tw/maji/v2/beacon/IzMREGhMai-yaOCL2v2YsQrmw3l9QH0bvJPhSxC760oIKQShYHflsVMisMXDJtKrr8_hBGPeRv6zU244DuDyymgNafMB43EPnBQ5VZTlZrNOPuQr4JjjVLnuRZ_ahJI6KdI1E0WAx26ev2PVwixEZcWCOOZ0EWB8GwUxHyJBg6VejsxvrcGSOpGX4vPfCMFGIPJT__i6sM5fGuGyIu120Vd5PRrutDDK6GBRvdAuQzDs_hF4hO9ZNADZDwzRYaPSDpNJ-H20bG-0QUDXeWKANScKaVnd6L8I3Q1NMvR9H8KrtX8-oXX6wjOmKxv4aYNeBfnJmMY_jtcJWFJeSZnDXSoeRNOWohZ7MUgbw6IB3AfEkoO6uIt9awls1gwS2eh1amm6NO2-qYSOy-bRnvT6AXHTE1SRDUhSGhMH-Sf53PrwoewRBZB0Gw0qN80wp28Gq2nrd7vylwI5SjisMFnoOo5XA.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Sun, 20 Aug 2023 11:46:18 GMT
Server
nginx
Connection
keep-alive
x-robots-tag
noindex
Content-Length
842
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture object| __cfQR object| __cfBeacon boolean| _rails_loaded object| I18n function| setImmediate function| clearImmediate object| dataLayer object| gon object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| hotkeys object| __heic2any__worker object| vttjs function| WebVTT boolean| __cfRLUnblockHandlers object| HSHeader object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| onYouTubeIframeAPIReady function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _typeof object| SD undefined| div object| urlParams object| device object| sitemajiNative300x250List object| gaplugins object| gaData string| apiKey object| native object| googletag object| NativeJS object| nativeSectionCodes object| ucf object| ucfad_async object| request string| paramsString object| criteo_syncframe_state

29 Cookies

Domain/Path Name / Value
risu.io/ Name: ahoy_visitor
Value: 2eedc656-0faf-49bb-8e3e-9755ba716ba2
risu.io/ Name: ahoy_visit
Value: e4a3c0c3-15b7-4ce2-ba7c-9be18cc70ee2
risu.io/ Name: _risu_session
Value: v8EZMOo%2FOjg68r4ctKh6M%2F2ktOTpO9cCvlusNF2I58JUY96g4hC4108lp39hrleXKZkm6zdwifdD%2FAkETumPHmBmLmN0Ll1NEbHBxsVosKOjudehtb2Dn%2BcTJp6SPtgAyM2Xgnpa8qLB0%2BkucLGqnDFd6Uv2ebCjZ6Bum1sRXUfTpyoLbHYk--6cXiy2UC0S6icbW9--3c%2F29JTr2hNt6ZTJHNw3xw%3D%3D
.risu.io/ Name: __cf_bm
Value: y20fZkGtyWNaKNiTA0ubHhKIgQKyrj6iS0Osb1ggPsg-1692531970-0-ASmnrNiiQKMz2BPH6gGVPsc3Gx3QgZcwBAuzX3v1LnxMIdaWsPuJ+AWm/GZqrZkeeLsTbBiXaS+E5deClpRrvxg=
.risu.io/ Name: cf_clearance
Value: eNQNUvnaSQHmSCaZkNanfMoVqnV9QEaLOb2BRGE5VvE-1692531971-0-1-cb448e17.98160e42.4882e75d-0.2.1692531971
risu.io/ Name: prefers-color-scheme
Value: light
.risu.io/ Name: _ga_H814P3QJ03
Value: GS1.1.1692531971.1.0.1692531971.0.0.0
.risu.io/ Name: _ga
Value: GA1.2.462374568.1692531972
.risu.io/ Name: _gid
Value: GA1.2.1589952683.1692531972
.risu.io/ Name: _gat_UA-146086888-1
Value: 1
.risu.io/ Name: __gads
Value: ID=f0d8919c4191e706-22daf5cf55de0012:T=1692531971:RT=1692531971:S=ALNI_Ma9dzmja7RLH91tkvpTdE2jtIbMtA
.risu.io/ Name: __gpi
Value: UID=00000c648ec207d4:T=1692531971:RT=1692531971:S=ALNI_Ma-9dvNbbf_Kmo35qWBJQd9yALXWQ
.risu.io/ Name: _ga_ZH634PL121
Value: GS1.2.1692531972.1.0.1692531972.60.0.0
.aralego.com/ Name: sspid
Value: c85dbfa2-58ec-32f7-849c-5107faf66fbd
.c.appier.net/ Name: _auid
Value: TG-egsJxDEC5E1qSBf3hZA
.holmesmind.com/ Name: Vision
Value: 20230820-23:59,20230820-22,20230820-22,20230820-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 710232-MPuFwKoYOLkCmvcgWy3L2ZlgqCh1SGVp
.holmesmind.com/ Name: fcm
Value: 1
.risu.io/ Name: CFFPCKUUID
Value: 4423-16cYXVz01MklExnUxeAGmE8b1CJ1Zz7U
.risu.io/ Name: CFFPCKUUIDMAIN
Value: 8975-aXNasi8a2Z56TpC7xglu9w3ovPNbDahR
.risu.io/ Name: FPUUID
Value: 8975-e122781faeb272aa237dc97cc2487d98a6328090e6c62ab3eda20b96941a3838
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.criteo.com/ Name: uid
Value: e2bfa5d7-8173-48df-b6ac-3d4a3025653a
.doubleclick.net/ Name: IDE
Value: AHWqTUnrKJQeU9JCLujix7LGzxurglkZTgeLJTvuHZh7qBW4r16sDXWi1eNxt4tjYJQ
.lndata.com/ Name: admckid
Value: 2308201946151569225
.risu.io/ Name: cto_bundle
Value: GvEAWF9jZEFIWlAzJTJGJTJGSUI2Y3phWm00d3oxTlprT2djb0xZJTJGR21ONyUyQkZrdmFxOGhKN1RQTSUyRklqNlU4QW4wNk5SM0t6R0VFVWs0eHQ0NWJOdGclMkJ2TEJ4dmRyeEdOeVJwcm9aaDMwb3UyOHNlQjFCaVFMUnNaMG83OUswTXdCRkdpN3hTZ0Q3R1JMMG9ZeHYlMkJDRlNHcnMwQlhkQSUzRCUzRA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
agent.aralego.com
assets.risu.io
bidder.criteo.com
c.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.lndata.com
connect.facebook.net
d978cde4281304a14c8d956cf30d644b.safeframe.googlesyndication.com
eus.rubiconproject.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
img.feebee.tw
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pmp-beacon.apx.appier.net
prebid-asia.creativecdn.com
prebid.scupio.com
region1.analytics.google.com
region1.google-analytics.com
risu.io
s.yimg.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssl.sitemaji.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
fcm.holmesmind.com
103.132.192.30
116.50.36.71
130.211.28.216
162.210.196.208
172.104.64.149
178.250.7.13
18.180.23.89
192.96.203.13
2001:4860:4802:32::36
203.75.214.136
210.59.219.34
23.56.202.187
2600:9000:2104:c200:0:e06c:e940:93a1
2606:4700:20::681a:467
2606:4700:3108::ac42:2902
2606:4700:3108::ac42:2afe
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6810:7daf
2606:4700::6811:180e
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9a
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
2a03:2880:f084:105:face:b00c:0:3
34.81.191.174
34.98.102.251
35.186.215.140
35.190.36.98
35.201.76.93
35.72.193.203
52.197.179.68
60.199.208.47
69.173.144.138
87.248.100.136
95.101.149.233
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
03273ae190b60d647255c6a8d8d56e1864a485d642d5ace4d1ddc05d2bcd84bc
04185c9bdf0bc39a0e770c08e1c0dc007484a1ddd8fb50e81d33b1ab7bc5e676
05b374d05231f031b755f2d522847efa8d0b2af827366c01b055216eda7fe1f3
0693249e31408dba7c8f9eddcc10bafee486239709bf382fe5a0b0d66db4c8a8
15bc94c5ccb90e63849d895e4afb7ca35907776f601f3b2872d4256b5d3a771b
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
1a01df832d69344e48fa76b5ee78d4103cbd6572826b77b4a8d69310ccfea845
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28196ab389ed9e4958f82b3528cd13035d2bfd35df0d60cc126cfb73225e2493
2b8a34ffc8c4ee5b4a735e57c01a329e7d6e218b993b7d91ae38fe5a09662436
308561eb59a6e1af374c15652df7ee599cb28b37f294c40b125be84731639db9
30ecb4353cd1a190d9940c007c5fc276151a2592636ee73694d8168409bd0dcc
31020b3680c09d76da253d297d6d3faa98fd6b551c1c751829db8c12a9f4a1ad
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff
3d3114bfc527fc5c375cc14c37142bb142a00761325b376e77269bdbb30119e6
3ddbe0f2c58182f3db460adec5b94c7553e0106c87915b8032ff5417757c76e1
3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e
3f71813349543fcd5c130d1f6ea842ba20d0f1ddf127ada278051485b4709edf
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489
40fb2972719900ba9483ad59a7c0806f0a1d05a997cb963621e89df30e8450b5
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ae05184c2e61e8b85e94aaf991fea9f94250960b9d3dfcfdeef5fe4ed3bed0f
4c34c89b92ba7a6222f549d56196466135bdbef47e2b1b06545b994b9f96cc4a
4ca9e0a34a005dc52c5a62d0255bca96a1cbd765ef1432954d2506a2fa8e6905
4d25ac5db6ad3cba42a94d2170bc8b81e1e14f564f9b85879c7518afb39d6500
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8
5494634ab4401257567bfed83706b80632f5ea41d3ad90cec229dce89bb255a6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ac0751626dffb999a684696ac7a99ae11927ed01c7ebb880e5ed1d89afc7d6
59dc56e9490deeafaa410229b43332fc7d6ce6e53a1744621b8f39eaf42c539d
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
613506505ecd2c5c244098c19224a38cc9b60d8718d2a5037714ff1dcace4bf9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
64b590e4f83b15ba345b713313d48fe3e1ce3e3431270c46125964a0a6c928f6
695c41368b7f73bed68179baf297ecd790c9c3c17658322b0116ea9d7e18640d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7838384c729d79fffbd9df6b0ef50afaa752da5bcda4ab191dcce8f12483bab5
7d5c1c7adfe2e58637340cafb685788138bc6335cf1b97bcc47d3c8c18d47ec4
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
803b05e85419e4a2fbbcc472773c3d5c3066123037c96bc5838dbe17c25098f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bbc096ec2330c2610ff6c3eea1e94409500e53065ec539f62849938aef4d31
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304
8896dd66f19a0a112caf1339ad1f89206150160d6f1ba9da4420b52c0086ff09
896fccdd4bf0aac29d2a1721a3d555a4884c48ebfc6f136dbcb1ccfcd69f2507
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
994d94109fff24564e28d6eb28d4b3d456a3f49ef1355807e318c28ab3babbbe
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f
a99e93e1d1379de36cbd97bf6bca2350443bc14f54fb837877740d66b29128a5
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
ab7f0163ea74d07ccfd0a611ed2a304571ecf8c2d81e750a641c59f10d02744b
abff00bf92a4fcad413fdbf309a2599a6e0ce6b2bf60f179dbc8c3a3322860c7
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b333918496aa4a7ef415f36b522a2b8c84eabca40b6e6ac1dadd845a6c29f75d
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2469374508f4eb7df0c875be52e67918b63b5fcc8b4752be56470a5487abda4
c6c73c701168f47d3abf9422106074fd3ac845afe3b26debdc3503c005c5fbae
cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d78153ba647326478f318402e585119d3e412c656c9b408637d2f396ba230fda
db7dc624f5439e358203f77bd5e3a1cf1b6e15d8221441977095904657dcfcf9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6
e2ffa0996ab42fd93af0ee29ef3019acba41ccd90b469164e07d8b1dc5b2b09b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93c1dd3d0b9ea150fd320dadea2e47d710a65ca3849cbe3e98a85e063028319
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20a411c5cdb95ed825c03236ffa6a08092308f68a502425f06ea29caed5a3bf
f4309ea2c1a1e63b3beb3d38ef47f134683f18953d4c472c97680cf104e70385
f7f91d3e0d79fe58aea49e64b0b149ab3d69d29da706c9145233efcc2144d755
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e
fcf26e36b23826e16643dcb4735b654c74e1be640948d7b55f6fbbe58b5a6770
fe1c7064c996278f086598dab595b3c50cc28cff6a05fc52afaa2993a42ddfe9
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe