risu.io Open in urlscan Pro
2606:4700:3108::ac42:2afe Public Scan

Go To Rescan
Add Verdict Report

URL:
https://risu.io/GxeOH
Submission: On November 10 via manual (November 10th 2023, 10:45:32 am UTC) from TW — Scanned from DE

Summary HTTP 260 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 22 domains to perform 260 HTTP transactions. The main IP is 2606:4700:3108::ac42:2afe, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.

This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 13	2606:4700:310... 2606:4700:3108::ac42:2afe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
8	34.98.102.251 34.98.102.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
59	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
3 7	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
8	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
9 12	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
7 13	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 8	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
48	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
2 4	172.104.105.5 172.104.105.5	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	34.36.145.36 34.36.145.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
2 2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
4	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	130.211.28.216 130.211.28.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
260	34

13 2606:4700:3108::ac42:2afe (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.102.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.102.98.34.bc.googleusercontent.com

assets.risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.96.203.13 (Manassas, United States) 3 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.36.155 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.123 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.36.98 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.104.105.5 (Tokyo, Japan) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1715-5.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.145.36 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.145.36.34.bc.googleusercontent.com

pmp-beacon.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

463a07c21df07ab36101f57534fbea4b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acbe510194847689608d8664d47963d9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 130.211.28.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.28.211.130.bc.googleusercontent.com

img.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 463a07c21df07ab36101f57534fbea4b.safeframe.googlesyndication.com acbe510194847689608d8664d47963d9.safeframe.googlesyndication.com	708 KB
48	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	728 KB
37	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	490 KB
21	risu.io 2 redirects risu.io assets.risu.io	502 KB
13	feebee.tw img.feebee.tw — Cisco Umbrella Rank: 299827 fsa-api.feebee.tw — Cisco Umbrella Rank: 298014	105 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	8 KB
11	aralego.com 3 redirects agent.aralego.com — Cisco Umbrella Rank: 278968 ads.aralego.com — Cisco Umbrella Rank: 30610 sync.aralego.com — Cisco Umbrella Rank: 3112	6 KB
10	appier.net 4 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 47637 gocm.c.appier.net — Cisco Umbrella Rank: 2603 pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 292095	5 KB
8	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969 eus.rubiconproject.com — Cisco Umbrella Rank: 602 token.rubiconproject.com — Cisco Umbrella Rank: 458	29 KB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	6 KB
8	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 15951	123 KB
7	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 105045 ssl.sitemaji.com — Cisco Umbrella Rank: 273814	44 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	188 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	236 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	9 KB
2	feebee.com.tw fsa-api.feebee.com.tw — Cisco Umbrella Rank: 290377	8 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6862	515 B
2	gstatic.com fonts.gstatic.com	54 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
260	22

	Domain	Requested by
59	pagead2.googlesyndication.com	risu.io pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net
48	s0.2mdn.net	risu.io s0.2mdn.net googleads.g.doubleclick.net
21	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com risu.io securepubads.g.doubleclick.net
13	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
13	risu.io	2 redirects risu.io static.cloudflareinsights.com
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com risu.io
8	fsa-api.feebee.tw	risu.io
8	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
8	cdn.aralego.net	agent.aralego.com risu.io ads.aralego.com
8	assets.risu.io	risu.io assets.risu.io
6	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
6	googleads4.g.doubleclick.net	risu.io
6	ads.aralego.com	2 redirects agent.aralego.com ads.aralego.com
5	img.feebee.tw	ad.sitemaji.com
5	ad.sitemaji.com	assets.risu.io ads.aralego.com ad.sitemaji.com
4	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com
4	sync.aralego.com	ads.aralego.com
4	gocm.c.appier.net	2 redirects risu.io ad2.apx.appier.net
4	ad2.apx.appier.net	2 redirects risu.io
4	www.google.com	tpc.googlesyndication.com
3	www.googletagservices.com	risu.io
3	www.googletagmanager.com	risu.io www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	ad.sitemaji.com
2	fsa-api.feebee.com.tw	ad.sitemaji.com
2	token.rubiconproject.com	eus.rubiconproject.com
2	secure-assets.rubiconproject.com	2 redirects
2	ssl.sitemaji.com	ad.sitemaji.com
2	pmp-beacon.apx.appier.net	ad2.apx.appier.net
2	www.google.de
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	risu.io
1	acbe510194847689608d8664d47963d9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	463a07c21df07ab36101f57534fbea4b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	agent.aralego.com	1 redirects
1	static.cloudflareinsights.com	risu.io
260	40

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.facebook.com
m.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-26` - `2024-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
assets.risu.io GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
feebee.com.tw R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
pmp-beacon.apx.appier.net GTS CA 1P5	`2023-10-21` - `2024-01-19`	3 months	crt.sh
*.c.appier.net GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 39 frames:

Primary Page: https://risu.io/GxeOH
Frame ID: 39F58F1C763DB5FD64158DC67CC55268
Requests: 53 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 8368277E92E577B315DB7BDD920711CE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: 67AA34E5EABA4254CE63E2D27DD534EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1699613126&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Frisu.io%2FGxeOH&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699613126098&bpp=6&bdt=437&idt=236&shv=r20231108&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1067739420242&frm=20&pv=2&ga_vid=1998497156.1699613126&ga_sid=1699613126&ga_hid=1509230930&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570%2C44808149%2C44808284&oid=2&pvsid=714268899992315&tmod=2029391408&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=252
Frame ID: 0A1F77D65649A9F5449E0B7FD6009E09
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6842FE286980BA60510C779CD8367F31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ECF6D4BA52B40F40E728852A11EA9C78
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 57FCF07960BA78DF9EA360FC21D774B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 14CA80951B16F1557B6B7C1B74F4E246
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6268975BBE3C4C3494FE458D06F6950A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWcxwIm51cH5B9UQaSB1Nf9UJjeSPPRLr-mjxF8gArB10Gkyt22OE3HJkf6ukqqgHzBvi3g3Gwzoq0GdP94d4SjzghBtkGdBp1ibiobl1lfT3V9JdZWY7r3trXYfkSr3YkdlakYnptNFo-PVrtcQavRaHeMS60-JkA0CcnQpMY2A4MfSFM
Frame ID: A3922F283F12AE4DA24BC9F267CFC01E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A403591B62A5467B986ECEB15FD2F687
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNU-U4HHlwutk39WEybgmQjeptEwuHI3TIThPqZCyaS53VGj_gsh1AJnO6RdxjMdtk5KISpfHnl3ouUiwKqSjwy788EtlHzD7BlgatmXOYHZqT5O1AA3iT-2S7CWbC5mtG3qjLwnw2RJ4tkXJH-bJdmO0cp9u-eYtK41B4nf9JzDBTcC0qs
Frame ID: C6AFEE869AF3305D3BA355D4EF693188
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 17807913905E867AF511E541C416182C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNUJmtCcNWKdyPFNywdl7kcxA84Ejnmq_5CLNAGj2b6m2ND3szlDN7TvrUHhrRJNWCFz2dK6Rjiu3JUXptf4NqkAVyKYDJxzWdrFxQKq49GEf-884w7BLXhc5eXAj2AWnFscB2c5oqcBP1B0wd4BqGDcJLyXWQWAZfLhhZPIXxp0vKlUyVM
Frame ID: 04D580D497B03051B06F3F73BC47E82E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EE5F43D246EEE971ECB0C336F6844D76
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9EB80AE7FA03EDDC911BA952CD65B392
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
Frame ID: D0C6E5F9BA116025103C34D510F94444
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
Frame ID: B7134AD540A8010E185D9DD8ED834C80
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DA43DF23916E970D4360A326283124D7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
Frame ID: 4EE1B72BD4E11783B4F7947A9FE9CE4B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D125665AD8682AC6683DDCCF856A3E83
Requests: 3 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TX36vtnWC0KRnUQXyAlOZQ&id=ida4mlvgiastit93r
Frame ID: 5A38625FA5787270CBF43FC1BB075667
Requests: 2 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=MY7k_-VXCI2R3vdlyAlOZQ&id=ida4mlvgiastit93r
Frame ID: 1463F6831E664D9C2813390081C84E0B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 1B5818E169F30397AAF471F41EAF9D6A
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 9B0A6ACE013F610BA0238644ACFD28EA
Requests: 6 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: B89BD8F0274CDF73024DA84D67E2FF8C
Requests: 4 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: 5D8368FC70376D2281F6DD49796B17C8
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: D116A7EC19F0E359D901072773CFD861
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 160458E94C1BE9D177E0000DB3FD24D1
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 14382D7B510E73A4505A99CE36DFCA82
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 66F98588E34EC8D972D6083FC6A2E4CB
Requests: 3 HTTP requests in this frame

Frame: https://463a07c21df07ab36101f57534fbea4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 6F3F1B499FE76251570F5EE42E0200EF
Requests: 1 HTTP requests in this frame

Frame: https://acbe510194847689608d8664d47963d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 00E2A9F495059FCC4CF9D61FE19B2474
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC9D67835A27C0A5E68EA69E4CB19FA0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A51477DF9E2260FA43350BC01EE1CF99
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 990C56E3704B5943D24D1F1546A9760D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65B1ADC02E49345ABDED7984874AFCA0
Requests: 2 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 233269ADEB846BD6B21F76ED1D26B9BC
Requests: 8 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: B536D65AC0351CB3F3EC695182D070E2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

短網址。行銷。分析 - Risu.io

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

260
Requests

92 %
HTTPS

53 %
IPv6

22
Domains

40
Subdomains

34
IPs

6
Countries

3272 kB
Transfer

8580 kB
Size

23
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/forms/d/e/1FAIpQLSedWw6hNYi6Xg_VPatPmsfe7DOKPGg3ijSOvZuWu38FefIMCw/viewform?emailAddress=
Title: 問題回報

Search URL Search Domain Scan URL

URL: https://www.facebook.com/risuiotw
Title: 粉絲專頁

Search URL Search Domain Scan URL

URL: https://m.me/risuiotw
Title: 聯絡小編

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 25

https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 35

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4MYzyxEqauqke0SeVNmaA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4MYzyxEqauqke0SeVNmaA&google_cver=1&C=1

Request Chain 88

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU4Jx-4pDnhs0OtsqJfktgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEZNRpgj4grign0LVnSScwE&google_cver=1

Request Chain 90

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYOSwDXgHmSSzwbjIL8HDQ&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU4Jx3YACg6vqrYNe-0s-gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOK9zGo6GW-clpIWwIatdl0&google_cver=1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzExOTY3NjczODMyODQ1MDk2Nw%3D%3D

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU4Jx23-7guLL7hsyucZ0wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFE1T6xy0s4tbSyUWhA03wY&google_cver=1

Request Chain 101

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D

Request Chain 133

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TX36vtnWC0KRnUQXyAlOZQ&id=ida4mlvgiastit93r

Request Chain 135

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=MY7k_-VXCI2R3vdlyAlOZQ&id=ida4mlvgiastit93r

Request Chain 186

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 190

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 208

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 212

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

260 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request GxeOH Show response
risu.io/ 11 KB
5 KB 1184ms
1144ms Document
text/html 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8855e9a5f81c83b2a5b857532ad5ee058e5d7460a5e1bdaca11f565ca6f60d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 823db4ac3c893637-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 Nov 2023 10:45:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 2aace19c-20a1-4088-a687-2cf47a4219a7
x-runtime: 0.076603
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
634 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 09:37:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 10:45:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35d16f915b6dc9c6a619f60e6bb768c5226e12242caa7ce24e7946b6c0a57a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 10:42:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Nov 2023 10:45:25 GMT

GET
H2 200 application-025be2bd.css
assets.risu.io/packs/css/layouts/ 528 KB
67 KB 58ms
8ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:44:18 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 7267
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68120

GET
H2 200 header-419e5bb6.css
assets.risu.io/packs/css/commons/ 226 B
364 B 57ms
7ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/commons/header-419e5bb6.css
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:30:56 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 26069
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168

GET
H2 200 expired-5e705e55.css
assets.risu.io/packs/css/pages/ 371 B
278 B 69ms
19ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/pages/expired-5e705e55.css
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b717cd062372a49b58c92a0a4c79590dfc3643ab12ee70a6661969d4e74a2ee7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:25:39 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 22786
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215

GET
H2 200 email-decode.min.js Show response
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 11ms
9ms Script
application/javascript 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/GxeOH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
server: cloudflare
etag: W/"654bb442-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 823db4b36d643637-FRA
expires: Sun, 12 Nov 2023 10:45:25 GMT

GET
H2 200 rocket-loader.min.js Show response
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/GxeOH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:16:02 GMT
server: cloudflare
etag: W/"654bb442-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 823db4b36d653637-FRA
expires: Sun, 12 Nov 2023 10:45:25 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 76ms
59ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 823db4b389a265b5-FRA

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 124613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 00:08:32 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:16:09 GMT
x-content-type-options: nosniff
age: 52156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 20:16:09 GMT

GET
H3 200 bootstrap-icons-dfd0ea12.woff2
assets.risu.io/packs/media/fonts/ 88 KB
88 KB 24ms
8ms Font
application/font-woff2 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Origin: https://risu.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 11:31:23 GMT
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 83642
content-type: application/font-woff2
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90528

GET
H2 200 expired-2c2543cc7ac4f091fb87.js Show response
assets.risu.io/packs/js/pages/ 179 KB
65 KB 13ms
9ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/pages/expired-2c2543cc7ac4f091fb87.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 114b61a7b9891f23037c62608f0290f61e6634390630f4720fb7ac0dbecf6f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 19:08:41 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 56204
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66183

GET
H2 200 zh-TW.js Show response
assets.risu.io/javascripts/i18n/ 23 KB
10 KB 283ms
280ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/javascripts/i18n/zh-TW.js?b8928d7ddbc6bd8fd605402c4caed5ba
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:29:07 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Fri, 10 Nov 2023 08:12:25 GMT
server: nginx
age: 978
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10051

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 79ms
56ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b501e618ae2242cd022c7e54b30c244911d18ab5afd3c502690d263db86a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52623
x-xss-protection: 0
server: cafe
etag: 9603808436078635629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 102ms
79ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19251dbfceb3195a12ab6b2dd2ad544c70ecfa8b6e97033b1aec932ed20e5f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52949
x-xss-protection: 0
server: cafe
etag: 2980805977791384552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:25 GMT

GET
H2 200 header-284b48f4c520b20108dc.js Show response
assets.risu.io/packs/js/commons/ 470 KB
143 KB 15ms
12ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/commons/header-284b48f4c520b20108dc.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:50:58 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 24867
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146149

GET
H2 200 application-bc03df23d8f68313a035.js Show response
assets.risu.io/packs/js/layouts/ 54 KB
17 KB 281ms
279ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/layouts/application-bc03df23d8f68313a035.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 09:52:36 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 3170
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17116

GET
H3

200

main.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 8368
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
3 KB

16ms
16ms

Script
application/javascript

2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Protocol

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a297b1fbbd53656da9795bda28f1e1be926abc5dd87ca817f374c3819626772b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 823db4b46f721e4b-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 10 Nov 2023 10:45:25 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 823db4b43f411e4b-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 823db4ac3c893637 Show response
risu.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8368 0
266 B 34ms
34ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/jsd/r/823db4ac3c893637
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Nov 2023 10:45:25 GMT
content-encoding: br
server: cloudflare
cf-ray: 823db4b518801e4b-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 192 KB
70 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

021ca83a9619a0b6c5da3685a023e6d54e8f91c503a11c5ba9c06e5c77ce48c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70982
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ 400 KB
135 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=risu.io&bust=31079570

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f80095344b8dcee063e8d5200c86136bfe79bba3ec5f7517b9e7309ab0ce94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138412
x-xss-protection: 0
server: cafe
etag: 14872776012036352596
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame 67AA 9 KB
4 KB 28ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 09:47:23 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 09:47:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=predictive_abg&a_c=ca-pub-9208708170783140&p_c=ca-pub-9208708170783140&b_v=r20231108&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=atf_ad_settings_from_ppabg&p_s=true&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

main.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 8368
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
3 KB

16ms
15ms

Script
application/javascript

2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Protocol

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a50758777c1addf4e6065bc1e8f72ca90064f67370b3fb1e1e6566f2f5a948c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 823db4b6cb091e4b-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 10 Nov 2023 10:45:26 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 823db4b67a9d1e4b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ysm_risu.js Show response
ad.sitemaji.com/ 47 KB
14 KB 40ms
7ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_risu.js
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/pages/expired-2c2543cc7ac4f091fb87.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 46ee8611e642c73ec01d376c8a6a9dc2ab03584ef80b06eec374768979cd9f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:53:45 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 09 Nov 2023 03:45:13 GMT
server: nginx/1.12.1 (Ubuntu)
age: 24701
etag: W/"654c55c9-baf8"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14005
expires: Sat, 11 Nov 2023 03:53:45 GMT

GET
H3 200 facebook-icon-43072eec.svg
risu.io/packs/media/brands/ 802 B
600 B 23ms
22ms Image
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/GxeOH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 52960
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 823db4b6bae71e4b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 google-icon-501a643d.svg
risu.io/packs/media/brands/ 1 KB
789 B 23ms
23ms Image
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/GxeOH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 52961
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 823db4b6bae91e4b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 think-4e37922e.png
risu.io/packs/media/illustrations/ 93 KB
94 KB 1730ms
1730ms Image
image/png 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/illustrations/think-4e37922e.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6bfef4edb0b84cebfd0f28e7cbcfb82c2db6b9d21687c717ff31ff0d9118eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/GxeOH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:27 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 823db4b6baeb1e4b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 95597

POST
H3 204 rum Show response
risu.io/cdn-cgi/ 0
135 B 12ms
11ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://risu.io/GxeOH
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://risu.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 823db4b6bb011e4b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c92db80711bd551f6cb7dca98dfeaee3b704f52348b783e74a1c04577a198e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87235
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Nov 2023 09:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3344
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 10 Nov 2023 11:49:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama&atf=1&url=https%3A%2F%2Frisu.io%2FGxeOH&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 823db4ac3c893637 Show response
risu.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8368 0
266 B 37ms
37ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/jsd/r/823db4ac3c893637
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
server: cloudflare
cf-ray: 823db4b78c211e4b-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

54ms
16ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Protocol: H2
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11824
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjCW7jMNBFPy%2FTPTNQxTaU9WYRp1wMTlcaWZBNUnkrQti2OzpnKNAmVunyvDwlTbLn0tB8YW6I9BY1xaC3Vy0s5vVMLWXOC3cgUXSoiR3aHDDIN7DK4BnwVNCPfWF2q%2BR5OpGbzmRIfd3IL1ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 823db4ba6cfd1d86-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A1F 124 KB
27 KB 429ms
427ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1699613126&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Frisu.io%2FGxeOH&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699613126098&bpp=6&bdt=437&idt=236&shv=r20231108&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1067739420242&frm=20&pv=2&ga_vid=1998497156.1699613126&ga_sid=1699613126&ga_hid=1509230930&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570%2C44808149%2C44808284&oid=2&pvsid=714268899992315&tmod=2029391408&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=252

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9208708170783140&plah=risu.io&bust=31079570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2476eb5a8eb10a8f3d717f89faa3d3722febb85afe82943c8bfe732eb1709125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 27469
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:26 GMT
expires: Fri, 10 Nov 2023 10:45:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
57ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b989bbf4d86e37bd1d88708d9302ce9bbe88877bbdeab20d963043d4c572cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12243
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
216 B 14ms
14ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1509230930&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2FGxeOH&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=300540832&gjid=639721417&cid=1998497156.1699613126&tid=UA-146086888-1&_gid=1407952902.1699613126&_r=1&_slc=1&gtm=45He3b81n81MR8WJDJv812733088&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1251937044

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je3b81v883701885z8812733088&_p=1699613126085&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1998497156.1699613126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699613126&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2FGxeOH&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1&tfd=1921
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 78ms
26ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146086888-1&cid=1998497156.1699613126&jid=300540832&gjid=639721417&_gid=1407952902.1699613126&_u=YAhAAEAAAAAAACAAI~&z=405208928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cebfc4ab45f90266355449c663ad187e1e79100bf680515be3c8e4555b8cef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 156ms
129ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 10:45:26 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je3b81v9134562597&_p=1699613126085&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1998497156.1699613126&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2FGxeOH&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1699613126&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1991
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 26ms
25ms Ping
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=1998497156.1699613126&gtm=45je3b81v9134562597&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 52ms
31ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZH634PL121&cid=1998497156.1699613126&gtm=45je3b81v9134562597&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=343253262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 52ms
31ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=1998497156.1699613126&jid=300540832&_u=YAhAAEAAAAAAACAAI~&z=397621331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 41ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=1998497156.1699613126&jid=300540832&_u=YAhAAEAAAAAAACAAI~&z=397621331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6842 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:28 GMT
expires: Sat, 09 Nov 2024 05:44:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ECF6 829 B
997 B 25ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c3bed79bd0370efad282dacf28000306e1fe3761d481baaebd1cdf9de42b412e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v9Q7c7i9xO8aRkx2pG4d4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-v9Q7c7i9xO8aRkx2pG4d4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:26 GMT
expires: Fri, 10 Nov 2023 10:45:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ECF6 0
0 40ms
40ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=714268899992315&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6842 39 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 05:44:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6842 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uBtmMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A1F 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20231106&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1699613126&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Frisu.io%2FGxeOH&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699613126098&bpp=6&bdt=437&idt=236&shv=r20231108&mjsv=m202311080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1067739420242&frm=20&pv=2&ga_vid=1998497156.1699613126&ga_sid=1699613126&ga_hid=1509230930&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570%2C44808149%2C44808284&oid=2&pvsid=714268899992315&tmod=2029391408&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/ 160 KB
55 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311080101/reactive_library_fy2021.js?bust=31079570

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc147e2313a2a7e95834f454403e4603e4f66df8f5914b807197ddeea560630e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55822
x-xss-protection: 0
server: cafe
etag: 1255622002362187898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-9208708170783140&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20231106_093601&sat=1699412083693&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=12&fd=(0%2C0%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1507&abl=false&rr=n&su=risu.io&pvc=714268899992315&r=0.1&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570%2C44808149%2C44808284

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
628 B 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11952
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFlndNLNiIUZePso%2B35lahtUOY7NhLh2ThLVsDC8spjERhRqqxVUDg8sa6P2FlUaWhmjlhVgOsRxjmyDMVjzS5o5wZLsrCKxbE%2BMetd1dRK9Wq7wCQX2a6PsFp7GdmvCXqRcgxPlm1lRbuBDQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 823db4ba9d431d86-FRA

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 409 B
1 KB 396ms
104ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FGxeOH&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.4296127322812864&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 4c34c89b92ba7a6222f549d56196466135bdbef47e2b1b06545b994b9f96cc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 10:45:27 GMT
X-Width: 728
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 409

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 409 B
1 KB 403ms
111ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FGxeOH&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.4360609316228554&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 4c34c89b92ba7a6222f549d56196466135bdbef47e2b1b06545b994b9f96cc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 10:45:27 GMT
X-Width: 728
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 409

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=3&tms=200&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570%2C44808149%2C44808284

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570%2C44808149%2C44808284

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759875%2C44759926%2C31079401%2C31079406%2C31079437%2C44798934%2C44807461%2C44807764%2C31078301%2C31079570%2C44808149%2C44808284

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 57FC 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 09:59:07 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 09:59:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 14CA 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 09:59:07 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 09:59:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/ Frame 6268 9 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 09:59:07 GMT
etag: 16674218716276178799
expires: Fri, 24 Nov 2023 09:59:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A392 624 B
246 B 48ms
47ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWcxwIm51cH5B9UQaSB1Nf9UJjeSPPRLr-mjxF8gArB10Gkyt22OE3HJkf6ukqqgHzBvi3g3Gwzoq0GdP94d4SjzghBtkGdBp1ibiobl1lfT3V9JdZWY7r3trXYfkSr3YkdlakYnptNFo-PVrtcQavRaHeMS60-JkA0CcnQpMY2A4MfSFM

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:26 GMT
expires: Fri, 10 Nov 2023 10:45:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A403 89 KB
31 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A403 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame A403 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A403 198 KB
62 KB 1121ms
1092ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63768
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A403 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DaCcE4XzIzyhiUguS3W6MjQj2gpZDaHCzwrCZ3HJPZ3OgfpAjZSDZVivH956IR7Nl0uCpWwO7dAtNAUOYH-wBwXP7kfUMQ7hRkGKg-YYp87EAy9Lg

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A403 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11175279587433067519&x=1&ct=76

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C6AF 624 B
246 B 48ms
46ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNU-U4HHlwutk39WEybgmQjeptEwuHI3TIThPqZCyaS53VGj_gsh1AJnO6RdxjMdtk5KISpfHnl3ouUiwKqSjwy788EtlHzD7BlgatmXOYHZqT5O1AA3iT-2S7CWbC5mtG3qjLwnw2RJ4tkXJH-bJdmO0cp9u-eYtK41B4nf9JzDBTcC0qs

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:26 GMT
expires: Fri, 10 Nov 2023 10:45:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1780 89 KB
31 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1780 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame 1780 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1780 198 KB
63 KB 1065ms
1055ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63768
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1780 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DU4r-F_YfVvvIdcQdu_xG0KQMrsAMhYgRYWtOBIxruRoJSZALzw-lpCkBSmcUQDiJn2nUi66a7QebsDy7O0yjflWkcCOPNjtMGj7aLTfSwYCPI4NU

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1780 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2705624644699179237&x=1&ct=76

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 04D5 624 B
246 B 49ms
46ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNUJmtCcNWKdyPFNywdl7kcxA84Ejnmq_5CLNAGj2b6m2ND3szlDN7TvrUHhrRJNWCFz2dK6Rjiu3JUXptf4NqkAVyKYDJxzWdrFxQKq49GEf-884w7BLXhc5eXAj2AWnFscB2c5oqcBP1B0wd4BqGDcJLyXWQWAZfLhhZPIXxp0vKlUyVM

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:26 GMT
expires: Fri, 10 Nov 2023 10:45:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EE5F 89 KB
31 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame EE5F 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/window_focus_fy2021.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/ Frame EE5F 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231106/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE5F 198 KB
62 KB 1082ms
1078ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63768
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE5F 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSeYklYUL44ZQs2x2GyzM0cNQm0Stp4ZsGNpp2KRYsxbNeZ9wE1PG_ns-uxCN6FDlg3TCiEVYeCDaKRBkP5E1l12Y7jEznZ-PJ905PjO_sTNhHhss

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE5F 0
20 B 44ms
41ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11685136766494649623&x=1&ct=76

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A392
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4MYzyxEqauqke0SeVNmaA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4MYzyxEqauqke0SeVNmaA&google_cver=1&C=1

43 B
768 B

25ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4MYzyxEqauqke0SeVNmaA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWcxwIm51cH5B9UQaSB1Nf9UJjeSPPRLr-mjxF8gArB10Gkyt22OE3HJkf6ukqqgHzBvi3g3Gwzoq0GdP94d4SjzghBtkGdBp1ibiobl1lfT3V9JdZWY7r3trXYfkSr3YkdlakYnptNFo-PVrtcQavRaHeMS60-JkA0CcnQpMY2A4MfSFM
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YXWaPqbvcPLbhfZK5OurdK%2F6CPIBKu6zxSMU6dNRhOGxJreS4QfkDvEKnJwGseo8iLXPR6lDO0EIxpbol4F5mSSHhOfnwWzSEtSwyMpvMx%2FaWGdfqVHQ3O0Yy3PeV6vh1OUIwHroB4NmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823db4bc2c779bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiDhO8mOSgc6%2BbqjMgayVhNbUE8KZ36hjH8NpWVf4%2BwYiUwGonjWJUsLY1YwEzup32J%2FJXEQpkIKcHyrK3Pfnfczm1g9yRUF2ep%2FKcXOB1Vp6mS%2Ba2JaEQGYqJfDUuOUYBM4YqnSPwrgHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEL4MYzyxEqauqke0SeVNmaA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 823db4bbefc13671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A392
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU4Jx-4pDnhs0OtsqJfktgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

43 B
735 B

24ms
24ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWcxwIm51cH5B9UQaSB1Nf9UJjeSPPRLr-mjxF8gArB10Gkyt22OE3HJkf6ukqqgHzBvi3g3Gwzoq0GdP94d4SjzghBtkGdBp1ibiobl1lfT3V9JdZWY7r3trXYfkSr3YkdlakYnptNFo-PVrtcQavRaHeMS60-JkA0CcnQpMY2A4MfSFM
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fvmRU6%2BoHyNqRVtmY2lOq0bYpFwqPInLum2R%2F7kYx%2Fpb4cQu1EV670Me6Awav2oS6Rc74wCiLGEc40%2FnjH1eUH2aQVwRRUL8twjF1hoSvWyyFyTtI%2FN24ewkTMNMvuWBrF9MFct5%2BvQcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823db4bc4c9e9bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A392
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEZNRpgj4grign0LVnSScwE&google_cver=1

43 B
842 B

7ms
6ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEZNRpgj4grign0LVnSScwE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWcxwIm51cH5B9UQaSB1Nf9UJjeSPPRLr-mjxF8gArB10Gkyt22OE3HJkf6ukqqgHzBvi3g3Gwzoq0GdP94d4SjzghBtkGdBp1ibiobl1lfT3V9JdZWY7r3trXYfkSr3YkdlakYnptNFo-PVrtcQavRaHeMS60-JkA0CcnQpMY2A4MfSFM

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
an-x-request-uuid: fe4b70c2-adcd-4bf6-b10c-fc652a17e5fe
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEZNRpgj4grign0LVnSScwE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A392
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D

170 B
243 B

25ms
22ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
an-x-request-uuid: 8412dbf0-c79c-45c7-84a7-03915970d53f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A403 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5873853340168&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A403 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5873853340168&version=m202309260101&ct=76&x=1&cor=11175279587433066000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A403 91 KB
38 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CryC5QVmnu1l6txdh8unUGQoFSvHQ6y7I2V1ggF0lMg-b9xXAXAwLQhEqmZWKWoY90FBxtNPeoPdX4I2wckJ1SnaCvlg&cry=1&dbm_d=AKAmf-Bq_drtiwLIKI944h8jG11oaSPt-mrVwxSdimkIFHEaR7gbFcRm7Ae7ZmRglyWG8anRZuCWTzPXVTfapGHPkNyXaK-5aSPLL2_LKNvqeAwyQDNCsu2nfKskf9U1ViypdOLpQunRNwrsZZH0ZQ7s8RWZAjKt2ynB02SLB9y0EOHBjRpQcwIWu8ZtIqFV4g8-prAlMHtSFv59-wbcc7tBJg2bPXDBlS3P4SN98-MjqExvBn6SJgGrRdmqdhTJ9PSMhiM_UN0_8fiQDXKYeP7J_mET-YsewWgKQyMWXPWNK5Sd1Qyz_lreKTDCm55luLI8dU2Jr0uJ2LlRG08CHSIcxW4oeZQ5Pg6F1oXtZb5atQI-dA0kTIZx--y093iIg9BGdkPnpDURc-7dmrOOwH4OT72h-tpwSf896GbVDPtbpQGUyrQbdIOFLiLbly4pncR4wyVixlhmjtW28c-NY1q9H-ylymWsrOTWqhKRr3VgyWz9klLcoj2n3kFsOCyGjuNJiuZ7qoZ9NV__KB5x6VhN4UfiIBC7vIWdXhYPEqVRcY0Z2kk2SAQWEZIPQ6HL7asWQj5v8zGpn8zmzI7zSmF_iJA3_8FNoDDiOBe63U3KuHu66EPHXFnQmYEhzPYGYKKTm201tEdSACimSp0bgGZ141n-5vlEeoWT9XFlzw0U13bb5j9-nUj03a_hAkKbPQfF3SlA7UTN62cUS1P8fXwqo2twTssIDXF8FOahe4gC2DPRApLSqRf4HLTj_bdBKnsmkCrrbHcHoazxYvcfmRcunp79gK77fpdqIYFOPGs4jaqPmXcURZain2oMTp39cdN9d-r0uH_d_65prW4iJPobhIvVCXgq_CSABV7m3aNSFE58S285xEf_SypNBBfgEkbWU-Qy-S3ojRZ08DLcoYgVt5nqx-cnBx_KRXb1DblhDabtuir_OCeGkA7TPnoBC8oA0ullOndeDpmxmx4x30zJG77ANRqSVitRaEchfvb0SbK-MDBoKc0WaR-GeLUchztHsiSQrLKdI5NQLw8dd_qWRBEcaNqXIs7KaKqcCHIgQUUgh51P6stz1tp9APByCm16i3NpHpX-x6sy73OZ_UIQ1xYAOc1Y_xDXP1NCf3ChE1B-M4BSEbkm6giWgK3jcn4n9l6r36qnkfB_AWhx1aX8VtaD5IunCxryZVtBV3EC6ch2XhRPNrsmpKIVqdeyW_EUsahpASMMjj7KaUlpGaw3Vu5igHeAeQSg64ni9yURmznSSusE3MTX7O-HS_mmrXMQKDlA2u5b-pty6x3QpbEvbqwsA3PMezUZKJvtknvii8FwJW00h3fo8EIoRVyylkF8pdb5iMqLmYoMUzAd1Lagw6jtOzj17Pdqb_BgFlqP1SIaBqhBDv8g1lwi1akx7ExPVXtOm5s5pDcXuTk39ihvO3hBQ9Re3a3wqh5pco5uwhbx7zYvm1YfgZn6cnm4i1WCpH3OYLyGJmAIGWtty4wlNeoKeAjHI_Pi4YSH2eP79hMk5VvhDOMxQY8aGKHdl_4ExghUBz5Ot-uE8y1wD5GIZvhxtN-HbY6akdN6lCW79lcs2n9qNPZ4Yw4cy5R7MJC1jyhLP4JdJ0NhK6JNmBBeOCsM9ddRLdHBoqzL2AjjPDxgsne6EiCYp2iVyz_Gieo2zMoZL292h1nq-FfgYKcdsSXFwRK3fkDkdWvc11HH8REqElhvqgiNR3Z1IKFYESUHeVk6HyBfCER5heqy0ApQAfDfnUD3CkGkOTgZBSPa_a5Rh3KlSfJX3Z236C5qG1QcCCCisHj2BOigJe61l1w2gJzNlK7mFtCj972qDVzOjS_7sCgxfc9vRmp5-WmeFft8C-wVpRuboN2zbGnuLeeDLdu2Aw6qSLZf_psiH4W5l7F-y1fzKw44xlGUNvxSz4k1KSdrFM0RWlRs1YH0afskBENOP6e4cvxhayNMvXmv1CgdQWnzKINyyTwqdgQmZLS4_sej9hwKhqV-hMynYqVjEzpr4eC7udKE0ZfvelZChn93twRILp6I8a0532k0c9jKrnVrwMJvcKkFbq1506FJuoar_eafoCPJaxvwxUt-ddlJtNAzZnItUoK6Bwo0UiP3Viw1gjC-7H109rdt05-vOtUbyLpc-6q_HWd7yT36JyuVo3am2h4zLh0v3E8HNY2rZgFpvnkjJNnjOycWVZSJoPwrHyuOYKaLtle7P5D9NzyhvldG2GZtQL3D43ZQ-PoKy3ZAlMpZgz2rVmz6h8TRPYNv_W2hUT8tO8ZXMfOzYp2_wL0499EJXOrjkluYHk55j6iYN-aniq5kswWSSXvjCOGQoD5EvOiM6T5bPj7t6Kkojlu10QB3Ngzwjn2ZT2Ooq9SYGmEHQjoW8hmodm-5enGGwU_kcq12jF2D7h9ErjVDiJzfGThr2kGLWeEOSGvWlVvac4iVxiDDpNpwuOF3ls3qjs6GBGZOpDBTlkx9Nw0fIyFI72lzdUY_6bQAAX_EGsNbBNVumD6kLso8QS71HexM3yCwi8jteKBTizQnBVjw_CAH7hGI-FGfdUbZKBbceFphyriC3nS96BA44j721Le9XGW5UYkiL25Wa4uW3OSExDzkCSOncckHmLYL86jS6-8jYT5KrRp7QYrZySn5mqpc_R2GUBt3EfB2ClCfQhr9P7b0ZpH1EjBqiu239AVZdxaAUjJFG5wW1qmXXi4QdiPihOEFMUXhC0UdrGnBU3oeMjdqXWZAohD8BFqHAlJ7DyK5l7AQrTWDf2fCC1AnjydfK5Gr5AeRPfCjLNtF-NDLFU4Ip9Xnr-gofIR6gLLvo4S4tWBZMAKL_XJGz1M7k_yTi5SfwZQQJd_ePsrELeH-3HM3lfO0oD9AEGKP7IXJ6YddZI9xooGF8hPRJqYczwt2lKz_zXZBLOSh88JH9wMCqKV4Cc5oNrXIqXCj8TlLaHMZjSexizIp4-3dv6LN0LH855pLkj4E3pvCxvtwOaP7RGs-UVsSLbssR8WIBJ3D3dtGtalti710FR-kgBgA0Tsl3dqbR_x82JHUXlBqMcd76FX1Q1HTP6Of8B3j2A-twVUbeFWSHUM64E12UNf00S10o2mSX7okXx4iJRk2fW9O4N5TSNbXF5FMqj0le42Ejk3gd16JBKb6jdK2gyJkJ8FhJMJh3begkQuCNUGHQGA6Jd5chyygUcIGoL7DuZwHxcNLhmfM2HoLnbTb9ANg0jRk3tN2r4XwrajbAi0JeaQqjgdYwWER_OoXpKrUcWrE7Vn4Olzfl5QYwbuT9gNbqqmC2vnDoFv8fNgOOqoBXyAi_ynB4K7xhkeh0Q3Pa-y2a5fhny_NNSOTu8bdcWDMzejlLCX7REF1wN7DpIM9O_IJBn6TdIdtcMkgevgPMwbo8nYdLXVh71hqvbjo_n6EqIDmksHbpumoW8_nHZZODEB5YlK4CCw9dP6fUeMkYmgKKgT-uIzuMjgZJ0DiZ_lz2VCdem6RlY9typVRiSsRVPqUij2_2u2Ces0S-EcKf7IDMcsY9d7Qin9HoZy0Vq8nz7U9JOsbtIMbdKL-xvAhTiJsDBYvuKw4UNsOducGCoVN1K5XPBinpzabErc5qcwdIbzpuKii7hcUY6ZjT879OXw6BMQeejk&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Frisu.io%2F&ds=l&xdt=1&iif=1&cor=11175279587433066000&adk=1877897943&idt=63&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f30dce9d7769c59e56c7ce97d78a66aea21d226f5eafe9e21ac73ee56f75a04f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38943
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C6AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYOSwDXgHmSSzwbjIL8HDQ&google_cver=1

43 B
531 B

46ms
45ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYOSwDXgHmSSzwbjIL8HDQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNU-U4HHlwutk39WEybgmQjeptEwuHI3TIThPqZCyaS53VGj_gsh1AJnO6RdxjMdtk5KISpfHnl3ouUiwKqSjwy788EtlHzD7BlgatmXOYHZqT5O1AA3iT-2S7CWbC5mtG3qjLwnw2RJ4tkXJH-bJdmO0cp9u-eYtK41B4nf9JzDBTcC0qs
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVtGu0%2FEXHgXHPd4V7Y6GfcQ1yub8X33JaNUNXAJ4Og38hL%2BeL59DO%2BvEROSGyk9qMr%2FeIV98o7uP1vm6QVL%2BVJ8yV2MVD%2BXJav2Y7DkCECuun8LQ5SXBC0dOH79SydgvEM3tVOEw4O6%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823db4bbefc93671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDYOSwDXgHmSSzwbjIL8HDQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C6AF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU4Jx3YACg6vqrYNe-0s-gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

43 B
731 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNU-U4HHlwutk39WEybgmQjeptEwuHI3TIThPqZCyaS53VGj_gsh1AJnO6RdxjMdtk5KISpfHnl3ouUiwKqSjwy788EtlHzD7BlgatmXOYHZqT5O1AA3iT-2S7CWbC5mtG3qjLwnw2RJ4tkXJH-bJdmO0cp9u-eYtK41B4nf9JzDBTcC0qs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnEDSmXigv68DMbuRxr7FnnLeAvyogisZxX8TtLfYwEK8oqx91tZoj8AT810jubhzMGplQ7L32HdZSLyj%2FIhm2loVR68b0MZw2X0MgTCdqzR99kYqjpz5f9QgZzu%2BGIwYVsfmc0xj2%2FygA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823db4bc8cf49bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C6AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOK9zGo6GW-clpIWwIatdl0&google_cver=1

43 B
845 B

10ms
9ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOK9zGo6GW-clpIWwIatdl0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNU-U4HHlwutk39WEybgmQjeptEwuHI3TIThPqZCyaS53VGj_gsh1AJnO6RdxjMdtk5KISpfHnl3ouUiwKqSjwy788EtlHzD7BlgatmXOYHZqT5O1AA3iT-2S7CWbC5mtG3qjLwnw2RJ4tkXJH-bJdmO0cp9u-eYtK41B4nf9JzDBTcC0qs

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
an-x-request-uuid: 7950b4f7-b644-4497-adde-20be08198873
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOK9zGo6GW-clpIWwIatdl0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C6AF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzExOTY3NjczODMyODQ1MDk2Nw%3D%3D

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzExOTY3NjczODMyODQ1MDk2Nw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
an-x-request-uuid: 197ce569-dfd7-4bee-8943-cab6d79b1736
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzExOTY3NjczODMyODQ1MDk2Nw%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 04D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

43 B
438 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNUJmtCcNWKdyPFNywdl7kcxA84Ejnmq_5CLNAGj2b6m2ND3szlDN7TvrUHhrRJNWCFz2dK6Rjiu3JUXptf4NqkAVyKYDJxzWdrFxQKq49GEf-884w7BLXhc5eXAj2AWnFscB2c5oqcBP1B0wd4BqGDcJLyXWQWAZfLhhZPIXxp0vKlUyVM
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrVaRP6lg9umYt4cyZ6nAmNJ2SVhuNh2DmrZ%2BZjMYbJq2ugOtKCwOFl%2BGl0FmARCG6kQTivwA9oyR%2BV33%2BeK3L9fJHbw5zbPVNAUfWcG7bJybvRDO0GtXhmfnL8%2Bc8qaivBd79AiSJKQTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823db4bc0ff23671-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 04D5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZU4Jx23-7guLL7hsyucZ0wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1

43 B
735 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNUJmtCcNWKdyPFNywdl7kcxA84Ejnmq_5CLNAGj2b6m2ND3szlDN7TvrUHhrRJNWCFz2dK6Rjiu3JUXptf4NqkAVyKYDJxzWdrFxQKq49GEf-884w7BLXhc5eXAj2AWnFscB2c5oqcBP1B0wd4BqGDcJLyXWQWAZfLhhZPIXxp0vKlUyVM
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5l6Bs%2Bp9PeVeeJWEQxv70hpgKILDzcjx0dCINLI4ffAJDG8e61ZfxB%2BsCuIQ%2F4WR70NcGFL7wXxdGg0Qo7j2jjQXr8jhvNjWWS1JnSv%2B97mJDBceYAmKtjFbRRm6FIoOgmxoApL6WuCCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 823db4bc8cf59bbf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELztlzce8stU4AmLwyMeTeY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 04D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFE1T6xy0s4tbSyUWhA03wY&google_cver=1

43 B
842 B

11ms
10ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFE1T6xy0s4tbSyUWhA03wY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjMk_rhATAB&v=APEucNUJmtCcNWKdyPFNywdl7kcxA84Ejnmq_5CLNAGj2b6m2ND3szlDN7TvrUHhrRJNWCFz2dK6Rjiu3JUXptf4NqkAVyKYDJxzWdrFxQKq49GEf-884w7BLXhc5eXAj2AWnFscB2c5oqcBP1B0wd4BqGDcJLyXWQWAZfLhhZPIXxp0vKlUyVM

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
an-x-request-uuid: 21bfe784-0144-4a4a-91b7-4df7aec07d1c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFE1T6xy0s4tbSyUWhA03wY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 04D5
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
an-x-request-uuid: eae7ed10-367c-4295-af5a-01f3355d7a23
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczOTQzMDgxMjUwOTkxMzcxNQ%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1780 0
20 B 47ms
46ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4793944929650&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1780 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4793944929650&version=m202309260101&ct=76&x=1&cor=2705624644699179000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1780 91 KB
38 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDRfSAFp0YwEMkodPegCtmP2Gxq7izriH6Cb963iv0CCBkihCp1-ynbesOZlrqaSNC7TjM4lQpen0DjGu_7spntn1GAw&cry=1&dbm_d=AKAmf-A_OLWV--7cRLhV32IbE_AZu5xrHlRyAx3syYEW_C-3915dG_uv87F6-qsCDtBUuWsl8a7Y66rDuM7hXCbYAIkX07t1YHMJow3xnMaAhOqbumkC_PvvcF25Q7Z47_YznQ0kQkgLY0-8zO-hhZcA5W36-rUGe8RLchAOnYohcFS0xh9H9SF9KYA5_chzU05dflyxBYz0lJr7gSh4bWmjV56vhBiBHoEjRLWJd3BZtKxVo-u6LxeOL0McUSI5HCCvHxmDD4qo6kCiLGQ_yahVihkT-aqO-WjmdtL6VzdMVryLxQM69oqfBcMbtEJGn5FiSxGsrBTDw9isbLpb07pEWRpv8a1IEP2tHCZ0ck-NdhCaJTFiTzdpowP_DSHe8Pf1iODTLGWYOrDKdyi1jc-ODbVqyYTeB5N5nMgmGFtqb0rNsH4sThc1qbVD1gZSUFHjlN32o-YUOqML56jrwGw1_D1OqtnF0Z1nHZ7nZYCaHho-OsN_7pXcsjUXaxuHVdro2Dw95b7kpMn_R857sUmAOxF7CR_D2l7qHgPEdzHho27WO7xoyROEMpNA2i72vTgaMF6Ry3QoNWozrSKKpbk6dtw51b6owvGc5vhxjABWrPG6dfOskBC8HbL4kLhqHissuaJlYVL2iujAOIFoFB_lf11JCaefibLbMrRTILWmFmzcvqPyqwVhHNY1Bxub2z07_aU_wVUEe8L3Lc17E8JzoYIr-07zCTNy9-fs5GozUf2GBZAeK8RpTVLXienKw7S_erLqhUR7gVWfkz6oMvVItRLqsi8dCEQjIfL6VvaqRNU7xp27iVitNzhWj9GmeP625KzYDKbUJGZJS-NrNj_CWCC_RIA0LiX9OeGbFRapNj-gJcQoJfKScHYM-qc03p6vEhZeooZgvcgUFpQRyiChyLRSAa20U3KCCrBdfj3203qNU2bTe4I0tMIdxhQMog0L2Y917ixznhT_TssvcY82cBmef3ZZbZQqNxeHDNtv9V-99dmutmBQhevhf8RJLmc2dzGrTwNqLQ6nCTllp3hJU5Ir7HUR8XDJZmxjgxzeaXz1tcH26Ae2pz33scJ1RIwKwqoYsNKm8oocPNVK8Dg7vH0eyIvcbw3axiHI0OdWaa4otw7t852_jQ6Vgn1aJSsHrkfsdJ0Mwjnn8KDgNEEBcfXvZArgqOVxA89Om_WGHrFqCcLBAwuDXnreQLqtxh81rC36hAANx3zYsO6YijvBz2vfKyXXbE4yb_XJSw8yi9hjN0nDObs8pUVrVi0dbv_PCZHVbZZXm_N0417yg0GqNTrtjaYBQTRtIU-fUsf-gnz8rgEbVPtE6pv5v9mFNvgPjx6Wbdw9v3s5oiAaRsptkeRL3yUp_prmuBo5lA0agbaurhs1yYY654NOYaHS1sgmGLZd4IDEQ-gnMWzdyhPr57ffhO9l2Kp_hLFxsyGB12GRXnDnl7rEP_dTBtypzhXOJ0Ons42Jwo--7W5_Yy60dFaqErHWvU_A9vVmHlLp-9U-5eg7LEN8vbiw2Kp9WdHBupNDACqcgE-S0MYJqA76gc6fwfHVkTjFp_uGkioM1GEBch6R0TlDVYxNV0N1Ld0XKiGiquIHfFIN7-DaZASQT_ppcBjG2KtVDhrhI9lASZdvNyqbN17jM2_u1_t9p7-rFGlrG1tBd1Phuv_ap5qBqxdFAinsaw1C0Q3OY_XbWlr191nVXdguaTvBUEQfjh4Q7zKNjMb1Yfr7hx2nt1dAJH3Q02oxWucoFkU31xXBVr1eupw-wJ4izxVr3AmVGrG1xb-2utq3jNyVwhxvQb2WlaaDZDar8hvqkaupOgjETRbhWPIlZD2XQZ9siMMwhG826s_L3w7Tr91_HkINdRSh6fbqI-zGHP6bO7Do4fNBk6QsdjrSw8sL3wsC9IfbgSRMabgWtZj83OLToY_4NRr-Fp1lCZvumRffJoWpRSILdRkm-s6usvDK2jdvrfUopUHTfQFtF4CMWSohL2FhlBGPdcljAwhGh_qI0QeEphg-fvlwxXaNyWFYHJiambWPDxpAo0-Jm222qZZv6LfJeEZlE8EQny-XTdxZBO_KGpXD1bpFmSOjpYCGjuCrpdUiOcWgJLYiAEXJlSa5HahS1ZaTgc5K-OBoPhYKCk6y81ulMxcBfsYWkVrZrsstevvZ0cieI3J_LlBAAlQA49Buwtx8YXlXKQiuViRlFQy8SANRDYcJI3G8A615wBMaQ1DApIpFX70JEmAyaEjC6TOJPSl29BBPbvElDjbAD-Ak8fa737PhT6JHu8FEwCYW1tbMeZSQI-j4a5uAo3jZbwGpeImCtAobl6dqNT7FeMT4NYAWR4oSyPtHdbOXCFaxGB3JbYI1xx7WoChi09ew50gHGciJuspRxYQz7DpAsmrpvK9yO4C_OuOT7ENO7MwtGkicw6Ohidv0VzWdP3u1jl_jZOyup60iDY0oYwEiK4eDUKkX8o9SfP3V5XQoJqr2IFwpzAtgNIKEIupmOEPt5bGvXfSIMQzPKOZPFyTBOIikijU7MEynaiXIn_6dHBC5_lKGfda_uNZA_-36BGqfaYcxQW1SWw1HuvRPEvJAqVWADB8Wrn7cH09aBQqLNmQ-38e-Ry_FBGTnwE8baQq3MhuqDlroYDdkbmAbfzettZ7bije8c9QsmPpO-zBXSaZPzQj6RFD5ADrKbmcD1wCZ_kZs7suoUZxYhm8fIaga_qBrUXpt7i4X_V5L6X24tdxIP7CbIL7ujJDcqGHesvUL1PGFb42AFLVWbEIO_hcOZz_vVzT1Pvxe9sXIOafQ1OcVzXFA1jE_C94-AIg3bhC5Zfnsi5WtP2HQ0IZkvQOULu0RiOwJqsZYFjV_Wuz2I2HzxEqS5S4z9974XhxeIIGXMRs-mVtwcJ9bzT4Y0Bzr1rXr3ABmT74hjyyfFgi9Cj3pAAk5U4--Gx2EIGcLFknyABVcKoKYnVBT7IkAJb042HkcYvyvGXe6IKgRrhUC1_x6DCRovabE6tOqpYCK_dtuiL-eXjSzcdnhL-7-tThpOKWMhyB_XUWxD7yp79WsbPZk-R1JuSOximTTsELYNoj2gHyVeawifPeOWdaqWIdhRLLmV1uu0f-2Xii-exJjYLTEXIf36yOo8_xUvrGw4ItoAFP5CsA4RY_OMyUxaQDfumN9hLYdfzn9DjKrsLEbxwx8c5dVIK_W1uOm7ov4wfCwuwzfr7xPltXkTCdFokdSm0LtELejDCjLMWtLb0SVMkB-ZcTlRxcoUTM3qKylNXW00eIOpZ7dGK3Ta12bENsOv_1SygfJbiyUJbxG-JG_OB9MY1zUTx_KcCw7SuLS7srl_7sNmISl6g7xAkZByktkiwLce11MtytE_AjUn3Lu1w6P0GSutFvAajlswz3ItgKEolfAheahsT6JAoUgfBUZJFD_U4tqPdOgQqySObeSgCn-9uqayxVJPlQ8LuqlWt7TBqKD04FEvn-QzA7V97m8qPBv7DdobwxORUHIHG80uuiOSfv_5vS5m4CwdTGk4jC-YrQ36x2ZGczncIoqODcut9jOTUI5ZeCx1B_ofGZE6iSzXlznSriNxrlIYOYezyuD44x4wY8iIVv8LlCsiz53v4Pm-bSdf1X8wkzmUKW4FQ3s8sFI5wzfmaf_J86HaNxMBZKqC19CD2nsdzZWnJIWdXbS8QOc0mzjieNh5cKdUOjw2BEzw6BADU5hRpAF-7fUx9QYZOTRUgLe9W662lmR2AkUTVkYY3CqOCoIrM2BaW0pXjtLHAElHvG36okVc6uCqJzS377POLIYutwmRhcVHuYvlL2oOwMTvmAz1eQ&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Frisu.io%2F&ds=l&xdt=1&iif=1&cor=2705624644699179000&adk=929882891&idt=90&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0acf78c4b7b8e70c1e761fb49119db7238bf7c9a3806f3f69a1936b40daac9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39014
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE5F 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4629085880451&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE5F 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4629085880451&version=m202309260101&ct=76&x=1&cor=11685136766494650000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EE5F 91 KB
38 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrySewGTBjIokmHxCeCbqUUIdB1xZHtU4aTKyVtJxK0AeuOVOhc7ZrsRYRUQzTfxQfSR41yOnf7O-wA1MMW9zBEKQDxw&cry=1&dbm_d=AKAmf-AjnlKC5ChHOeAk-xtg_iEagHHqZInmYW2PmL5bwlsjMCngyv3r78719p8Ux5-Q_SsdNn1g-t8b3BxNjXNGKVq2bg3J8L-d6IKJGmSI-V4mgehXApKFNk6zswPK4jgtjh1JaIfTkKMx0GoWilrRMxPnMT1p_y4f7KrU8WU58gnix6r8MjjceeBPaS8JrywbazMqKo_K7EplSufD3fQ8EEPV5aO48VI1ho49hkIFqij0poWSbOM1OsFadmZXjjXZ6jpkOQo6_FGTDS4RGciD0wBZOeSur9pGXr9GBkljUBrbDsxzN5RZvXVvyZZ7xcVUZafVCeChUB52gKKlBcX_X-5uDwNtCiNjbz0cu8N3Guv6I-yKvuYTteyWTytbfbuOBg9AOyemDt0VJFEoBrESeGicZjA6rHF9TcVVKrvqhaF0lRRhnKYrmVGtSzar5h42iD0FpsBU_xHkIBUmC1AOAVYj7ISCMG4Uds7FOEhXto-9mhwc9sTY9uM3aIRc6sTASpNBB_LS6CATWUBpGFJPkZxO1CL4EbsWAjBhuV76jy8AkMAgCYiMT0yR4VdXCUW4Sj03iu7Pw118szEyMhU21NpRlWNSvLjANL4mnrt-UJIgwHEdASPKV_h2kGDREcNteYSHHfGPOoGtPBpkvQAsyFcMqvyQP_wsJ8oZ5GuZfCI2bj3v3s3KsGpr6AvoVKdruG645RmiO6MqiUYb0-24eupli5lny9O0hETH2TPRWMk0HIp1yWafqFC_lXtld91Fs8Jw_W_WcpTkVgLAkeN672Gv-tLHFqR4deC-zH2MH3lIG_uTku7Xs_vnRy1hXRdjDzF60bht7dmSoEW_6F3cEom61F9l7iGyvYhFKx_txR5BJ1mGNTzsyGxC19oa3wXc18GFScY-Oqet1AkWT-Od459fOcf9nJzFokE68Xl-NX8lIXdvZBzBcgFPaYwQ4Z4tjnckPmMfAsAEHVAznpPP677aMR53jEWAulmG1cFR9FNsNYwMQRRhB1SDWjaaLYLisyVzT1HZsi9sL_9xkcfIlkQBDCbF4TJKJs0Ozho8X9lUeRoLQS0HFwjlNYff61-XqG7NXUOeW_jM9eMPJbeVIQ2y0e8DrqgX3bVOXHKya2avCN3Jpzce3Tf6o7zryW9Sx-4slmyrwAlv-GUWMYU-jVNGDlGPq87wFis8HeLiriK9NrjAbrv4Mj5bo6Ikr--oRtzx5x463-m8eEFIQWLAbmimY2c-yz54R2JRsn7eOamunIkcxcsRScbbXMVMRgzEub5275TJHNyKoKtW8XYApQBO4DN6Z-llnaxWH8opGMi5BjBejLaZoN57lBH3xrvlZ8Y2HetUYaZm4gUzpUORcf9zLxEYqDHNx7Bs3GTT15GgRTty3wEqbP9AFlvdq9vFtdWm2rZ2p1LDxa2DD5hI3V4-U5-uGFB1jnjIJpHbVJkD1EaUzsD09bIxIg3noW5PA5XQzkIHlsSeA2DfEHG1LPCIVX8ypX5I1tI9D1r2kNXCGbkjR7NdIOaGkqTPSIjQy_ghQ6ryqCJkHCtZ2Mix0H74_OPjs2BuSt9kkboiHi89SQbX0Nmx3CQDfEUKNUXdpWqNAANsFr2W-hpurA26MQlDwdcJ_N1UWP_zRT6fgwSparrPa1fSf3rFZvYk8IMgbCWxGnGIA5vTW5dKFHB3unvPLmEaX3t-w_R0VUnhJmjxg8u8075tVv8haCZ6c63Q19YeVJELlFyx7yra1aIXAhU5eHVk5dlLDnn_oK73wnOPVh_3q1Z-K_4vhLqWZ151_MazZl1lsu9XE2N6rEMZnXMOpjn1GMTBlCS16lVrPj7aJd43CVri-j8ybnOBwJDIZCRh61njA04WyFHcFvUc2b3wcSG3SpO4gdEf0hL3r3ZNe-mL7HQSAM0kDV6GqTTstl3x-GrgogN9CP784FSoNC10Vs1PN6qe65VSW_wEAgk548_zQGsN7CkpnxgpEFpYHUtrlP2Ap-kgL5dRNDIKxAgR3lt7nS4nS75kNrYqvU09_eidknWTpxtT30Gi_xeKqrpz26iHVGYotNDO2wdlzBetofIHNIYtzAv8lS_xUJngNsScqJMuo0ZnsvujSp52OotYIeDNBG93BPKCJNa0WOSptuR-2ivhlFZNHyYwug4S4wnC7h14JxISniL_qL_VrOIu2FLS_E_0KBX4WLksHT0new7s6V-7pkxAG34XLePk2jNJmPu7DUIGLiwkrkd4pf-O05VW-Qv8bJHe6MzPix831wTTKn8Da1IvhIMzRq85Ln2RhKDGrNDtkTEF9eXjT5wNIQKz9bl39uJWcoshWZe5bxEYsh6fn7YNSbaXEyJOi98NSCj9igE-urhH8jW6i_bhUxnas2Bqy-_s1UONnYqj7qPeiKMRtNBKMqUz7o9ujsaYac9MRgsNl-nfMY8abrL9tCzVx6-Bnk554SCfQ9C0vzRJPSBQ75RWg6FavF8o-qtCuJhgpmjVJuIPoqK1Lv2Nd33jVv4701KAc5U-klG_Yp9fQR0aVKQEJd36VQxRdC4AHJvG9Cd-4_FB6lWMMgOZHOkULLo9BFlVVbYUP3-Fy845GWj5IxOj6Zy_PFGegfe7g16w6QI8JVGZCb3EQmNfnC4kcZG-UJY0wmUA5nfJPSBbg2d1QUBBuyN10uDFQ0mb_dTKRYJYMrLELhwijRWqyWAfsnxA8Bx5X2Rpu_rDAQYjMMbXb_wGqHGOcGp2PAgAxTQJy4htczTl2Xar7RErlxAOZGbUVAg9l0OZydj0t4HASm7mRvHHTYY4o9P8FSDkRX3Z5NcMxs6-r1J5hSIHrz-IOvLEZUOe3lkNVR-7ROSLjkoy0J3RGyGf2Zes3FcqAUDweQG2t8CYlii4t3ntI4ZBpQRMzF3op7KPBW2C1YZzAe4tLccKTeS-D8R2CdksRMBdLwMW7sFaWgvMyYLFbbXpuCEe9QDusWShTo3eh2lr4bvjBrPjmSNypGA7Qa1C86BROWOEgRtBTTvfDOMBQiJjGRmA38dXxlejHBc9zVGMCtOb0CwDW3VcWE8xI5qxU5z2WCNnBtCCk-qmrRyr3E7TBB7p-_k_E6jmP5JnB0VgCQ-gaFIh2IOlEosLnU_RQOFIVnPQNSPbbxhr_ips2npI88-J11nYkz2epEfYNJW6-hmilL0pFiF7lW5YEaDfJa-QwIjfnsXE05jdYyz6LN1N3eUR_0S0pL0VgHNb3QBd1SqDoG04QZtCxGZQPa_5W6I5i-tGGiNB7ENeKPlQMGvRjHdzyT78MaUxOslvQKLZEFuaMdu6Ea9VEtKqy11wcZyCblx09QEnIVSFFgDlEWgspdsfpj0rQ2joECPTHKLt8Z4qT5Z1_nE1HW2XZSKMxY1Gnf8w8nq7wXyqIrb9nDYahgguVu8x7ybFGTWs3LVUTKDmplSYdu4rC9-gKgZY-daYGIZ2Oq1WmidwCGfPXYPt3hOb3QXS3YAre1IajTz9BVSn-QVE1lj9hty4GNJhdPjUJ9hke63QIkoQhecL7N8bd7L0fzcsQxCYJFyRbqRKfU39bxIAW7VzqETi69CQBwf0A01Q8UhXXrr5DuEhQroX-gIv3l-BDf6CcvxvpafDNMt_6pWCjHw0kHxE4is613iAL0IgJ9E2zA5SZ4qruLXA3e4pZy9GVaSRTjqbAjij4t1jhMNKkMU_RagRZ_SHyn-hN-5jTqhDrqEV_e_OjVokS3Bya6aaLSwJ1Sdui-7IjFuNW8yK_5DlzTCXJgmla1yaWkIGU53-Ch5ZNv4oaB9C_XOKfzhYWSYDG3Qb2wITnLOmHNozNRJwv1nirjmiF8U&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Frisu.io%2F&ds=l&xdt=1&iif=1&cor=11685136766494650000&adk=2988274607&idt=73&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00b7155ea2828d60d5678296a90f526fdc09a36c91f53c4ee3e77dea4150049f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38816
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A403 111 KB
39 KB 55ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 05:44:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame A403 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CryC5QVmnu1l6txdh8unUGQoFSvHQ6y7I2V1ggF0lMg-b9xXAXAwLQhEqmZWKWoY90FBxtNPeoPdX4I2wckJ1SnaCvlg&cry=1&dbm_d=AKAmf-Bq_drtiwLIKI944h8jG11oaSPt-mrVwxSdimkIFHEaR7gbFcRm7Ae7ZmRglyWG8anRZuCWTzPXVTfapGHPkNyXaK-5aSPLL2_LKNvqeAwyQDNCsu2nfKskf9U1ViypdOLpQunRNwrsZZH0ZQ7s8RWZAjKt2ynB02SLB9y0EOHBjRpQcwIWu8ZtIqFV4g8-prAlMHtSFv59-wbcc7tBJg2bPXDBlS3P4SN98-MjqExvBn6SJgGrRdmqdhTJ9PSMhiM_UN0_8fiQDXKYeP7J_mET-YsewWgKQyMWXPWNK5Sd1Qyz_lreKTDCm55luLI8dU2Jr0uJ2LlRG08CHSIcxW4oeZQ5Pg6F1oXtZb5atQI-dA0kTIZx--y093iIg9BGdkPnpDURc-7dmrOOwH4OT72h-tpwSf896GbVDPtbpQGUyrQbdIOFLiLbly4pncR4wyVixlhmjtW28c-NY1q9H-ylymWsrOTWqhKRr3VgyWz9klLcoj2n3kFsOCyGjuNJiuZ7qoZ9NV__KB5x6VhN4UfiIBC7vIWdXhYPEqVRcY0Z2kk2SAQWEZIPQ6HL7asWQj5v8zGpn8zmzI7zSmF_iJA3_8FNoDDiOBe63U3KuHu66EPHXFnQmYEhzPYGYKKTm201tEdSACimSp0bgGZ141n-5vlEeoWT9XFlzw0U13bb5j9-nUj03a_hAkKbPQfF3SlA7UTN62cUS1P8fXwqo2twTssIDXF8FOahe4gC2DPRApLSqRf4HLTj_bdBKnsmkCrrbHcHoazxYvcfmRcunp79gK77fpdqIYFOPGs4jaqPmXcURZain2oMTp39cdN9d-r0uH_d_65prW4iJPobhIvVCXgq_CSABV7m3aNSFE58S285xEf_SypNBBfgEkbWU-Qy-S3ojRZ08DLcoYgVt5nqx-cnBx_KRXb1DblhDabtuir_OCeGkA7TPnoBC8oA0ullOndeDpmxmx4x30zJG77ANRqSVitRaEchfvb0SbK-MDBoKc0WaR-GeLUchztHsiSQrLKdI5NQLw8dd_qWRBEcaNqXIs7KaKqcCHIgQUUgh51P6stz1tp9APByCm16i3NpHpX-x6sy73OZ_UIQ1xYAOc1Y_xDXP1NCf3ChE1B-M4BSEbkm6giWgK3jcn4n9l6r36qnkfB_AWhx1aX8VtaD5IunCxryZVtBV3EC6ch2XhRPNrsmpKIVqdeyW_EUsahpASMMjj7KaUlpGaw3Vu5igHeAeQSg64ni9yURmznSSusE3MTX7O-HS_mmrXMQKDlA2u5b-pty6x3QpbEvbqwsA3PMezUZKJvtknvii8FwJW00h3fo8EIoRVyylkF8pdb5iMqLmYoMUzAd1Lagw6jtOzj17Pdqb_BgFlqP1SIaBqhBDv8g1lwi1akx7ExPVXtOm5s5pDcXuTk39ihvO3hBQ9Re3a3wqh5pco5uwhbx7zYvm1YfgZn6cnm4i1WCpH3OYLyGJmAIGWtty4wlNeoKeAjHI_Pi4YSH2eP79hMk5VvhDOMxQY8aGKHdl_4ExghUBz5Ot-uE8y1wD5GIZvhxtN-HbY6akdN6lCW79lcs2n9qNPZ4Yw4cy5R7MJC1jyhLP4JdJ0NhK6JNmBBeOCsM9ddRLdHBoqzL2AjjPDxgsne6EiCYp2iVyz_Gieo2zMoZL292h1nq-FfgYKcdsSXFwRK3fkDkdWvc11HH8REqElhvqgiNR3Z1IKFYESUHeVk6HyBfCER5heqy0ApQAfDfnUD3CkGkOTgZBSPa_a5Rh3KlSfJX3Z236C5qG1QcCCCisHj2BOigJe61l1w2gJzNlK7mFtCj972qDVzOjS_7sCgxfc9vRmp5-WmeFft8C-wVpRuboN2zbGnuLeeDLdu2Aw6qSLZf_psiH4W5l7F-y1fzKw44xlGUNvxSz4k1KSdrFM0RWlRs1YH0afskBENOP6e4cvxhayNMvXmv1CgdQWnzKINyyTwqdgQmZLS4_sej9hwKhqV-hMynYqVjEzpr4eC7udKE0ZfvelZChn93twRILp6I8a0532k0c9jKrnVrwMJvcKkFbq1506FJuoar_eafoCPJaxvwxUt-ddlJtNAzZnItUoK6Bwo0UiP3Viw1gjC-7H109rdt05-vOtUbyLpc-6q_HWd7yT36JyuVo3am2h4zLh0v3E8HNY2rZgFpvnkjJNnjOycWVZSJoPwrHyuOYKaLtle7P5D9NzyhvldG2GZtQL3D43ZQ-PoKy3ZAlMpZgz2rVmz6h8TRPYNv_W2hUT8tO8ZXMfOzYp2_wL0499EJXOrjkluYHk55j6iYN-aniq5kswWSSXvjCOGQoD5EvOiM6T5bPj7t6Kkojlu10QB3Ngzwjn2ZT2Ooq9SYGmEHQjoW8hmodm-5enGGwU_kcq12jF2D7h9ErjVDiJzfGThr2kGLWeEOSGvWlVvac4iVxiDDpNpwuOF3ls3qjs6GBGZOpDBTlkx9Nw0fIyFI72lzdUY_6bQAAX_EGsNbBNVumD6kLso8QS71HexM3yCwi8jteKBTizQnBVjw_CAH7hGI-FGfdUbZKBbceFphyriC3nS96BA44j721Le9XGW5UYkiL25Wa4uW3OSExDzkCSOncckHmLYL86jS6-8jYT5KrRp7QYrZySn5mqpc_R2GUBt3EfB2ClCfQhr9P7b0ZpH1EjBqiu239AVZdxaAUjJFG5wW1qmXXi4QdiPihOEFMUXhC0UdrGnBU3oeMjdqXWZAohD8BFqHAlJ7DyK5l7AQrTWDf2fCC1AnjydfK5Gr5AeRPfCjLNtF-NDLFU4Ip9Xnr-gofIR6gLLvo4S4tWBZMAKL_XJGz1M7k_yTi5SfwZQQJd_ePsrELeH-3HM3lfO0oD9AEGKP7IXJ6YddZI9xooGF8hPRJqYczwt2lKz_zXZBLOSh88JH9wMCqKV4Cc5oNrXIqXCj8TlLaHMZjSexizIp4-3dv6LN0LH855pLkj4E3pvCxvtwOaP7RGs-UVsSLbssR8WIBJ3D3dtGtalti710FR-kgBgA0Tsl3dqbR_x82JHUXlBqMcd76FX1Q1HTP6Of8B3j2A-twVUbeFWSHUM64E12UNf00S10o2mSX7okXx4iJRk2fW9O4N5TSNbXF5FMqj0le42Ejk3gd16JBKb6jdK2gyJkJ8FhJMJh3begkQuCNUGHQGA6Jd5chyygUcIGoL7DuZwHxcNLhmfM2HoLnbTb9ANg0jRk3tN2r4XwrajbAi0JeaQqjgdYwWER_OoXpKrUcWrE7Vn4Olzfl5QYwbuT9gNbqqmC2vnDoFv8fNgOOqoBXyAi_ynB4K7xhkeh0Q3Pa-y2a5fhny_NNSOTu8bdcWDMzejlLCX7REF1wN7DpIM9O_IJBn6TdIdtcMkgevgPMwbo8nYdLXVh71hqvbjo_n6EqIDmksHbpumoW8_nHZZODEB5YlK4CCw9dP6fUeMkYmgKKgT-uIzuMjgZJ0DiZ_lz2VCdem6RlY9typVRiSsRVPqUij2_2u2Ces0S-EcKf7IDMcsY9d7Qin9HoZy0Vq8nz7U9JOsbtIMbdKL-xvAhTiJsDBYvuKw4UNsOducGCoVN1K5XPBinpzabErc5qcwdIbzpuKii7hcUY6ZjT879OXw6BMQeejk&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Frisu.io%2F&ds=l&xdt=1&iif=1&cor=11175279587433066000&adk=1877897943&idt=63&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:10 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame A403 31 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:06:39 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A403 41 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
DATA 200
OK truncated
/ Frame A403 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15162abc2e01cbd18b8ecb56e788150403851c99079664e362eadd776a770b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1780 111 KB
39 KB 22ms
13ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 05:44:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame 1780 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDRfSAFp0YwEMkodPegCtmP2Gxq7izriH6Cb963iv0CCBkihCp1-ynbesOZlrqaSNC7TjM4lQpen0DjGu_7spntn1GAw&cry=1&dbm_d=AKAmf-A_OLWV--7cRLhV32IbE_AZu5xrHlRyAx3syYEW_C-3915dG_uv87F6-qsCDtBUuWsl8a7Y66rDuM7hXCbYAIkX07t1YHMJow3xnMaAhOqbumkC_PvvcF25Q7Z47_YznQ0kQkgLY0-8zO-hhZcA5W36-rUGe8RLchAOnYohcFS0xh9H9SF9KYA5_chzU05dflyxBYz0lJr7gSh4bWmjV56vhBiBHoEjRLWJd3BZtKxVo-u6LxeOL0McUSI5HCCvHxmDD4qo6kCiLGQ_yahVihkT-aqO-WjmdtL6VzdMVryLxQM69oqfBcMbtEJGn5FiSxGsrBTDw9isbLpb07pEWRpv8a1IEP2tHCZ0ck-NdhCaJTFiTzdpowP_DSHe8Pf1iODTLGWYOrDKdyi1jc-ODbVqyYTeB5N5nMgmGFtqb0rNsH4sThc1qbVD1gZSUFHjlN32o-YUOqML56jrwGw1_D1OqtnF0Z1nHZ7nZYCaHho-OsN_7pXcsjUXaxuHVdro2Dw95b7kpMn_R857sUmAOxF7CR_D2l7qHgPEdzHho27WO7xoyROEMpNA2i72vTgaMF6Ry3QoNWozrSKKpbk6dtw51b6owvGc5vhxjABWrPG6dfOskBC8HbL4kLhqHissuaJlYVL2iujAOIFoFB_lf11JCaefibLbMrRTILWmFmzcvqPyqwVhHNY1Bxub2z07_aU_wVUEe8L3Lc17E8JzoYIr-07zCTNy9-fs5GozUf2GBZAeK8RpTVLXienKw7S_erLqhUR7gVWfkz6oMvVItRLqsi8dCEQjIfL6VvaqRNU7xp27iVitNzhWj9GmeP625KzYDKbUJGZJS-NrNj_CWCC_RIA0LiX9OeGbFRapNj-gJcQoJfKScHYM-qc03p6vEhZeooZgvcgUFpQRyiChyLRSAa20U3KCCrBdfj3203qNU2bTe4I0tMIdxhQMog0L2Y917ixznhT_TssvcY82cBmef3ZZbZQqNxeHDNtv9V-99dmutmBQhevhf8RJLmc2dzGrTwNqLQ6nCTllp3hJU5Ir7HUR8XDJZmxjgxzeaXz1tcH26Ae2pz33scJ1RIwKwqoYsNKm8oocPNVK8Dg7vH0eyIvcbw3axiHI0OdWaa4otw7t852_jQ6Vgn1aJSsHrkfsdJ0Mwjnn8KDgNEEBcfXvZArgqOVxA89Om_WGHrFqCcLBAwuDXnreQLqtxh81rC36hAANx3zYsO6YijvBz2vfKyXXbE4yb_XJSw8yi9hjN0nDObs8pUVrVi0dbv_PCZHVbZZXm_N0417yg0GqNTrtjaYBQTRtIU-fUsf-gnz8rgEbVPtE6pv5v9mFNvgPjx6Wbdw9v3s5oiAaRsptkeRL3yUp_prmuBo5lA0agbaurhs1yYY654NOYaHS1sgmGLZd4IDEQ-gnMWzdyhPr57ffhO9l2Kp_hLFxsyGB12GRXnDnl7rEP_dTBtypzhXOJ0Ons42Jwo--7W5_Yy60dFaqErHWvU_A9vVmHlLp-9U-5eg7LEN8vbiw2Kp9WdHBupNDACqcgE-S0MYJqA76gc6fwfHVkTjFp_uGkioM1GEBch6R0TlDVYxNV0N1Ld0XKiGiquIHfFIN7-DaZASQT_ppcBjG2KtVDhrhI9lASZdvNyqbN17jM2_u1_t9p7-rFGlrG1tBd1Phuv_ap5qBqxdFAinsaw1C0Q3OY_XbWlr191nVXdguaTvBUEQfjh4Q7zKNjMb1Yfr7hx2nt1dAJH3Q02oxWucoFkU31xXBVr1eupw-wJ4izxVr3AmVGrG1xb-2utq3jNyVwhxvQb2WlaaDZDar8hvqkaupOgjETRbhWPIlZD2XQZ9siMMwhG826s_L3w7Tr91_HkINdRSh6fbqI-zGHP6bO7Do4fNBk6QsdjrSw8sL3wsC9IfbgSRMabgWtZj83OLToY_4NRr-Fp1lCZvumRffJoWpRSILdRkm-s6usvDK2jdvrfUopUHTfQFtF4CMWSohL2FhlBGPdcljAwhGh_qI0QeEphg-fvlwxXaNyWFYHJiambWPDxpAo0-Jm222qZZv6LfJeEZlE8EQny-XTdxZBO_KGpXD1bpFmSOjpYCGjuCrpdUiOcWgJLYiAEXJlSa5HahS1ZaTgc5K-OBoPhYKCk6y81ulMxcBfsYWkVrZrsstevvZ0cieI3J_LlBAAlQA49Buwtx8YXlXKQiuViRlFQy8SANRDYcJI3G8A615wBMaQ1DApIpFX70JEmAyaEjC6TOJPSl29BBPbvElDjbAD-Ak8fa737PhT6JHu8FEwCYW1tbMeZSQI-j4a5uAo3jZbwGpeImCtAobl6dqNT7FeMT4NYAWR4oSyPtHdbOXCFaxGB3JbYI1xx7WoChi09ew50gHGciJuspRxYQz7DpAsmrpvK9yO4C_OuOT7ENO7MwtGkicw6Ohidv0VzWdP3u1jl_jZOyup60iDY0oYwEiK4eDUKkX8o9SfP3V5XQoJqr2IFwpzAtgNIKEIupmOEPt5bGvXfSIMQzPKOZPFyTBOIikijU7MEynaiXIn_6dHBC5_lKGfda_uNZA_-36BGqfaYcxQW1SWw1HuvRPEvJAqVWADB8Wrn7cH09aBQqLNmQ-38e-Ry_FBGTnwE8baQq3MhuqDlroYDdkbmAbfzettZ7bije8c9QsmPpO-zBXSaZPzQj6RFD5ADrKbmcD1wCZ_kZs7suoUZxYhm8fIaga_qBrUXpt7i4X_V5L6X24tdxIP7CbIL7ujJDcqGHesvUL1PGFb42AFLVWbEIO_hcOZz_vVzT1Pvxe9sXIOafQ1OcVzXFA1jE_C94-AIg3bhC5Zfnsi5WtP2HQ0IZkvQOULu0RiOwJqsZYFjV_Wuz2I2HzxEqS5S4z9974XhxeIIGXMRs-mVtwcJ9bzT4Y0Bzr1rXr3ABmT74hjyyfFgi9Cj3pAAk5U4--Gx2EIGcLFknyABVcKoKYnVBT7IkAJb042HkcYvyvGXe6IKgRrhUC1_x6DCRovabE6tOqpYCK_dtuiL-eXjSzcdnhL-7-tThpOKWMhyB_XUWxD7yp79WsbPZk-R1JuSOximTTsELYNoj2gHyVeawifPeOWdaqWIdhRLLmV1uu0f-2Xii-exJjYLTEXIf36yOo8_xUvrGw4ItoAFP5CsA4RY_OMyUxaQDfumN9hLYdfzn9DjKrsLEbxwx8c5dVIK_W1uOm7ov4wfCwuwzfr7xPltXkTCdFokdSm0LtELejDCjLMWtLb0SVMkB-ZcTlRxcoUTM3qKylNXW00eIOpZ7dGK3Ta12bENsOv_1SygfJbiyUJbxG-JG_OB9MY1zUTx_KcCw7SuLS7srl_7sNmISl6g7xAkZByktkiwLce11MtytE_AjUn3Lu1w6P0GSutFvAajlswz3ItgKEolfAheahsT6JAoUgfBUZJFD_U4tqPdOgQqySObeSgCn-9uqayxVJPlQ8LuqlWt7TBqKD04FEvn-QzA7V97m8qPBv7DdobwxORUHIHG80uuiOSfv_5vS5m4CwdTGk4jC-YrQ36x2ZGczncIoqODcut9jOTUI5ZeCx1B_ofGZE6iSzXlznSriNxrlIYOYezyuD44x4wY8iIVv8LlCsiz53v4Pm-bSdf1X8wkzmUKW4FQ3s8sFI5wzfmaf_J86HaNxMBZKqC19CD2nsdzZWnJIWdXbS8QOc0mzjieNh5cKdUOjw2BEzw6BADU5hRpAF-7fUx9QYZOTRUgLe9W662lmR2AkUTVkYY3CqOCoIrM2BaW0pXjtLHAElHvG36okVc6uCqJzS377POLIYutwmRhcVHuYvlL2oOwMTvmAz1eQ&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Frisu.io%2F&ds=l&xdt=1&iif=1&cor=2705624644699179000&adk=929882891&idt=90&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:10 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame 1780 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:06:39 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1780 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9EB8 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EE5F 111 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 05:44:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/ Frame EE5F 11 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrySewGTBjIokmHxCeCbqUUIdB1xZHtU4aTKyVtJxK0AeuOVOhc7ZrsRYRUQzTfxQfSR41yOnf7O-wA1MMW9zBEKQDxw&cry=1&dbm_d=AKAmf-AjnlKC5ChHOeAk-xtg_iEagHHqZInmYW2PmL5bwlsjMCngyv3r78719p8Ux5-Q_SsdNn1g-t8b3BxNjXNGKVq2bg3J8L-d6IKJGmSI-V4mgehXApKFNk6zswPK4jgtjh1JaIfTkKMx0GoWilrRMxPnMT1p_y4f7KrU8WU58gnix6r8MjjceeBPaS8JrywbazMqKo_K7EplSufD3fQ8EEPV5aO48VI1ho49hkIFqij0poWSbOM1OsFadmZXjjXZ6jpkOQo6_FGTDS4RGciD0wBZOeSur9pGXr9GBkljUBrbDsxzN5RZvXVvyZZ7xcVUZafVCeChUB52gKKlBcX_X-5uDwNtCiNjbz0cu8N3Guv6I-yKvuYTteyWTytbfbuOBg9AOyemDt0VJFEoBrESeGicZjA6rHF9TcVVKrvqhaF0lRRhnKYrmVGtSzar5h42iD0FpsBU_xHkIBUmC1AOAVYj7ISCMG4Uds7FOEhXto-9mhwc9sTY9uM3aIRc6sTASpNBB_LS6CATWUBpGFJPkZxO1CL4EbsWAjBhuV76jy8AkMAgCYiMT0yR4VdXCUW4Sj03iu7Pw118szEyMhU21NpRlWNSvLjANL4mnrt-UJIgwHEdASPKV_h2kGDREcNteYSHHfGPOoGtPBpkvQAsyFcMqvyQP_wsJ8oZ5GuZfCI2bj3v3s3KsGpr6AvoVKdruG645RmiO6MqiUYb0-24eupli5lny9O0hETH2TPRWMk0HIp1yWafqFC_lXtld91Fs8Jw_W_WcpTkVgLAkeN672Gv-tLHFqR4deC-zH2MH3lIG_uTku7Xs_vnRy1hXRdjDzF60bht7dmSoEW_6F3cEom61F9l7iGyvYhFKx_txR5BJ1mGNTzsyGxC19oa3wXc18GFScY-Oqet1AkWT-Od459fOcf9nJzFokE68Xl-NX8lIXdvZBzBcgFPaYwQ4Z4tjnckPmMfAsAEHVAznpPP677aMR53jEWAulmG1cFR9FNsNYwMQRRhB1SDWjaaLYLisyVzT1HZsi9sL_9xkcfIlkQBDCbF4TJKJs0Ozho8X9lUeRoLQS0HFwjlNYff61-XqG7NXUOeW_jM9eMPJbeVIQ2y0e8DrqgX3bVOXHKya2avCN3Jpzce3Tf6o7zryW9Sx-4slmyrwAlv-GUWMYU-jVNGDlGPq87wFis8HeLiriK9NrjAbrv4Mj5bo6Ikr--oRtzx5x463-m8eEFIQWLAbmimY2c-yz54R2JRsn7eOamunIkcxcsRScbbXMVMRgzEub5275TJHNyKoKtW8XYApQBO4DN6Z-llnaxWH8opGMi5BjBejLaZoN57lBH3xrvlZ8Y2HetUYaZm4gUzpUORcf9zLxEYqDHNx7Bs3GTT15GgRTty3wEqbP9AFlvdq9vFtdWm2rZ2p1LDxa2DD5hI3V4-U5-uGFB1jnjIJpHbVJkD1EaUzsD09bIxIg3noW5PA5XQzkIHlsSeA2DfEHG1LPCIVX8ypX5I1tI9D1r2kNXCGbkjR7NdIOaGkqTPSIjQy_ghQ6ryqCJkHCtZ2Mix0H74_OPjs2BuSt9kkboiHi89SQbX0Nmx3CQDfEUKNUXdpWqNAANsFr2W-hpurA26MQlDwdcJ_N1UWP_zRT6fgwSparrPa1fSf3rFZvYk8IMgbCWxGnGIA5vTW5dKFHB3unvPLmEaX3t-w_R0VUnhJmjxg8u8075tVv8haCZ6c63Q19YeVJELlFyx7yra1aIXAhU5eHVk5dlLDnn_oK73wnOPVh_3q1Z-K_4vhLqWZ151_MazZl1lsu9XE2N6rEMZnXMOpjn1GMTBlCS16lVrPj7aJd43CVri-j8ybnOBwJDIZCRh61njA04WyFHcFvUc2b3wcSG3SpO4gdEf0hL3r3ZNe-mL7HQSAM0kDV6GqTTstl3x-GrgogN9CP784FSoNC10Vs1PN6qe65VSW_wEAgk548_zQGsN7CkpnxgpEFpYHUtrlP2Ap-kgL5dRNDIKxAgR3lt7nS4nS75kNrYqvU09_eidknWTpxtT30Gi_xeKqrpz26iHVGYotNDO2wdlzBetofIHNIYtzAv8lS_xUJngNsScqJMuo0ZnsvujSp52OotYIeDNBG93BPKCJNa0WOSptuR-2ivhlFZNHyYwug4S4wnC7h14JxISniL_qL_VrOIu2FLS_E_0KBX4WLksHT0new7s6V-7pkxAG34XLePk2jNJmPu7DUIGLiwkrkd4pf-O05VW-Qv8bJHe6MzPix831wTTKn8Da1IvhIMzRq85Ln2RhKDGrNDtkTEF9eXjT5wNIQKz9bl39uJWcoshWZe5bxEYsh6fn7YNSbaXEyJOi98NSCj9igE-urhH8jW6i_bhUxnas2Bqy-_s1UONnYqj7qPeiKMRtNBKMqUz7o9ujsaYac9MRgsNl-nfMY8abrL9tCzVx6-Bnk554SCfQ9C0vzRJPSBQ75RWg6FavF8o-qtCuJhgpmjVJuIPoqK1Lv2Nd33jVv4701KAc5U-klG_Yp9fQR0aVKQEJd36VQxRdC4AHJvG9Cd-4_FB6lWMMgOZHOkULLo9BFlVVbYUP3-Fy845GWj5IxOj6Zy_PFGegfe7g16w6QI8JVGZCb3EQmNfnC4kcZG-UJY0wmUA5nfJPSBbg2d1QUBBuyN10uDFQ0mb_dTKRYJYMrLELhwijRWqyWAfsnxA8Bx5X2Rpu_rDAQYjMMbXb_wGqHGOcGp2PAgAxTQJy4htczTl2Xar7RErlxAOZGbUVAg9l0OZydj0t4HASm7mRvHHTYY4o9P8FSDkRX3Z5NcMxs6-r1J5hSIHrz-IOvLEZUOe3lkNVR-7ROSLjkoy0J3RGyGf2Zes3FcqAUDweQG2t8CYlii4t3ntI4ZBpQRMzF3op7KPBW2C1YZzAe4tLccKTeS-D8R2CdksRMBdLwMW7sFaWgvMyYLFbbXpuCEe9QDusWShTo3eh2lr4bvjBrPjmSNypGA7Qa1C86BROWOEgRtBTTvfDOMBQiJjGRmA38dXxlejHBc9zVGMCtOb0CwDW3VcWE8xI5qxU5z2WCNnBtCCk-qmrRyr3E7TBB7p-_k_E6jmP5JnB0VgCQ-gaFIh2IOlEosLnU_RQOFIVnPQNSPbbxhr_ips2npI88-J11nYkz2epEfYNJW6-hmilL0pFiF7lW5YEaDfJa-QwIjfnsXE05jdYyz6LN1N3eUR_0S0pL0VgHNb3QBd1SqDoG04QZtCxGZQPa_5W6I5i-tGGiNB7ENeKPlQMGvRjHdzyT78MaUxOslvQKLZEFuaMdu6Ea9VEtKqy11wcZyCblx09QEnIVSFFgDlEWgspdsfpj0rQ2joECPTHKLt8Z4qT5Z1_nE1HW2XZSKMxY1Gnf8w8nq7wXyqIrb9nDYahgguVu8x7ybFGTWs3LVUTKDmplSYdu4rC9-gKgZY-daYGIZ2Oq1WmidwCGfPXYPt3hOb3QXS3YAre1IajTz9BVSn-QVE1lj9hty4GNJhdPjUJ9hke63QIkoQhecL7N8bd7L0fzcsQxCYJFyRbqRKfU39bxIAW7VzqETi69CQBwf0A01Q8UhXXrr5DuEhQroX-gIv3l-BDf6CcvxvpafDNMt_6pWCjHw0kHxE4is613iAL0IgJ9E2zA5SZ4qruLXA3e4pZy9GVaSRTjqbAjij4t1jhMNKkMU_RagRZ_SHyn-hN-5jTqhDrqEV_e_OjVokS3Bya6aaLSwJ1Sdui-7IjFuNW8yK_5DlzTCXJgmla1yaWkIGU53-Ch5ZNv4oaB9C_XOKfzhYWSYDG3Qb2wITnLOmHNozNRJwv1nirjmiF8U&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Frisu.io%2F&ds=l&xdt=1&iif=1&cor=11685136766494650000&adk=2988274607&idt=73&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 01:55:10 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/ Frame EE5F 31 KB
12 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231106/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11881
x-xss-protection: 0
server: cafe
etag: 5723174479369309319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 20:06:39 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EE5F 41 KB
14 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 02:22:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 02:22:26 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12807486595921873393/ Frame D0C6 30 KB
6 KB 25ms
8ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34a2387cabcf0b797d4d19fd2e86739c84c8645f93c79bddaf7420e92daf9e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5912
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 08:48:50 GMT
expires: Sat, 09 Nov 2024 08:48:50 GMT
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A403 0
0 104ms
51ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQCz6D0SmPiOkKZhcU-4tuhNuv3EjIdsmf1fFtRdU6ons5wHYh03So-kAzgwGd-Ulz-dSUTEyV_qe6hWE2qCUHU7ofGUnQ1U6RLuvbGMaaBDLZzqiqiFmHjh7BOKCgyz4cTilJ32rqarvYg_HfKoDbFdM0ota_RLSvlhryLx29Mt77sZ-gmF8OY-FaVuecCnpCbC5O4I68GziLFelHGBDh5kVW0HHuRc2A0aCQFL4s0b-6TZTavX3_QWvqx6hphcIhmoDhK5HecJtDPqsncYQ5vN7m4aqPEigwfOvUlBjN4WIib6p5yM_0YvKCG5sH3VbjVl6Lg04_c4v9azrfYu10FTsX4P5cXheDA2yRJ1PpanuKTqgZ98NfDKkpC06LqyG9emZ6PAUsLkSY54dn-v0KLsLWIZYqJE6Asg3tUuaW_E4iptmjOUFxzRQQHFslMvWbiEqR3U8g2wBRBjScFKQMe806sSMQ1g1OrjmMtJ1YL5ROZyek_FNp9CzBD4kotQE_PZKu4kaci50dNcvgI67avChG375cblG74BnfWR_krJvpN2Olr3_Ma5GrZ8bqyGKdpkS9Hy8O1ExgjKRCeAfdzJObfih13gMNRNv4qx3kNnzG3VrjY9pfuaYC7UyuEuRoJ8NQvT7NUOJz17Dd_op6jswCzQ-3pC9iDiiZwXr2rY2-HJZbqQfXG_AoH_0-duYQAJntaPr3pORtZ2MR1hhYH1xBwVaNZEyDn1WQIWUJ6A1MFF-YQTM3IBFPXAqRaos7ZhRMMHfmPUiaidVuQFTmGGpjo3ooZzhTx4ZvkkTv_rBOe97yI_pSwv5skgV8k8shGokqWShiUKDy-ixkN5KD-secYo_65RxJ1U5fUvEWTZeNjzNkT_dh2ET659XrX8uQKmhJLUWflG6QAsBt57d48fKor-QYExiXirQg4juoUBOI7CrLAoE5oKgK0OYAS6U3hqOJP5-rtxCQXv8AD-CnYQj5lWBfiWmzhzRYfa8-RPImHjHoyDmsgvhoSa3fQ5ckHPf8RdP-I1cbcjga7D9_XVkjMorhif1H0foaRdaE_PYysSyPspKbXha36T8GSei3fsdlVpTGX5CyrEtsb18zML7Fucnfuq_uovsDUE_CxzcEZtJ3witXsmvKi_pPib5Rqe-qC413AZ-p7fxwdzTOIfzDOzN6MwY2P44p0a_4lfozaWjNlunIclJ3b_pPbtU1Qggboc4IC2Mqywvhk_9vHKdyAl8xf_vsh3OcYmgjgjSen4SJb5Pu-wxmtxQ2uMhNyQjEZzoqXsXPd729XuDK4nZ6MflEzzmwhtEQMJYkbCU5pWzhPUZnfGAZ8ysmaLeAvJdCdRZe&sai=AMfl-YQ5aWWfyTv7jZtwJkKLPNKfEiPprttOkGukchRgOpYMb9SgwUH6atMUHBK7_5nCkyx1hRTNE1gDj6UiL6uE3YcDQWrejFRadVzolUOEaA-MNjv05t6FlvNa7v8_MoCbj09pyWvEw_jPPYkE6GYUncV5fdBHImIXZYs0p84TiVp1y6Yn6jPAfzQq-KAmWi3izE00GaKdtvfZRPX4VLx2y_az53w7QWl5sKDBw7GgDHGo_Yqes2vEzuNzHZXeNL76ARgcJsT91u6f0WNomQC9VUb9KzScru56m3t4d6Kz-Hq80Kwj1pXkR2COkfTvzU0T&sig=Cg0ArKJSzAOybPiPZMr9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=107&cisv=r20231106.44755&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 122 KB
22 KB 19ms
9ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de82811734c6c2ea38f64be7a51240f21d9d3eb40884692044d8ae82fa003dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22826
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 19:23:54 GMT
expires: Fri, 08 Nov 2024 19:23:54 GMT
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1780 0
0 99ms
52ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurK7q5Kwv7BJBjkletVo_U_ZXgitIaifo8BLMHa8RRNqeAG8KOmtRWZwIR9wqO02jJht5hjvivVXm9O6DGOQNYKle0UuvdmcfOX79I7uy-ahLTd-XQxcdQig7qTYCZQULPZToJaRSveWYfuXEbFBEw9Xg4pZc24pozpm16r85jejzmanvwTwmF8U-60MXF1T1_5RWOjbLzy17PlH3LwWRCKHinHo6zgW22THL4weOta4C0gLep-ehXQtetVUlQC-FXUFTOt33PrtvNwDoVSf11T0dyFUf0aGGzaLxM6xcA97DkqAr7POJUN-C6H7Wr8tgq3TdvdCiG_n2IvZueIKodPKqEu0G-HyQ4LmpYfkaKXE01xlrTZSjq3At_VdBiKSBDpectJoYmOUJMlboEZ7J1ZtiH1hAs9wecNIjUJeEZaAshBzhOaCQWs1cEdASj6g-TcYCqFlWsXuCE9uLBi_3lVcLAlYIUPAPN2OmJ3WbnoraLreKU82MNlLn8PrtC4lBSJSNLwTSewlLhkx0E5wgGsnI-tbKzIcCR2LMXNy3dC3T20GlVFA5tM2adEp4Qg0SuvEYF6LIUxiHig23CTYGIOm8V6klGvz6s5a6_JB1yPuRRK_3f0L9JisuG9adPZ6JTxU-7VnisaCu2vmpwA1kKKwZxELRM1RCDnwdEVVQ0RhMA1FNr9FXZfOqpp0OlwznGfQrf_69A5jbi8727ay4YVC9iXt-bXJQz05vfuHZbhzSlo1Is3vkNypo8gLTz5ry9hCk4l7FWusew02L-wI9A1oHvnYW0Fe5yJS9xh_uqR1JfJNd3Iy2S7H6gewZ0W1xHNzcL9A_HGffWFWpydfIR1QJ9kSZnyTbNuHrbAbJsViginRHfME1o8dVEtdJguom9hQ4SINAPqX42Z5lLd1JMYDSZUj12t10EV3E7gnqXAuCC7FZQOWhIdYqzMx9FY_Nkk9a8jrd3ujB1KHFK8MdlfTCkXFhDNxmVQKSLSHLwcVgwZDa7TTNMT44Z92PV3bTGo3BPHahCa54olGdnwaG38GdzPOOQqqfaGIlyNTwnJDWoD8kttUhjcE9zKZwNJ7z5PsUPnHcQx3kJ_2Y01azvqL44TD_S2_UfmVkDNK1nK41gNEopF5e7M6w4J-I-eNGvGJjLYiCw2Yj7GsCk7yzsUOGc9f5oH35ErCDA02caNFTZIcjLlFWMmUA1jFBgM60evc6N3SZTlrs6Xfn2ZvRgK24susSD0O-jr-iGj65oNudFZn4VuOtt1eFsjdubqvBk9NSREOYemVYX9Gg6dRtnSZPq8J0sI31rzqgkwkvVWVG_KC5uwNW96TnDyJ0HTigzH6AmvzeXSKJzKmNW2JXJxxy3bEJLdOWO5QCVg5K2ho3hT4MmXistNLs8AQ&sai=AMfl-YQTg1laimJyf3dL6WJeOHsF7dYf-Ry3Kjd8t-1ig4Puc3V7KeFys9_aMpXONz9DeWZXQ3KlpbYhjfWRq--YBVVsHSOyDdMCyp0mpedl6dsgl6DNxAQ0a6brCllo18MXDPZEaf1rhMLv7iz16IeuxKunqAMfROM7CTD4RmaQDZZayVdcVR10WL92P8vpfqS9NmLnov21nv14YTir7TmXymHanj1BWE8iANwYr-iYsQ0bjDjnLBUwgm8Dzwr2mnCxtIgyQJCXNEHDnQ-2vKdgSM7ufAADVLTDH7R8m6hXlCdztHZ4kc_aKMRxkgvkWdKLTbE&sig=Cg0ArKJSzDYvk4uKzTt5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=78&cbvp=1&cstd=75&cisv=r20231106.72516&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DA43 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 122 KB
22 KB 10ms
10ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de82811734c6c2ea38f64be7a51240f21d9d3eb40884692044d8ae82fa003dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22826
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 19:23:54 GMT
expires: Fri, 08 Nov 2024 19:23:54 GMT
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE5F 0
0 76ms
50ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUoE1W3pjyspPQd6QU_TDrhgy7xaKYadNvE3CGBQrjYBJFsRhVhMBcwzweRfzg0aaDBKUmuOGIk1a0NBnQzdXzYZiZ1m-bNVkaNI2h60SweXD9M6Y8-NqxrRGhtKBu_eGS5DMaclSQm49Aa3K2gJFE91oh8AyisFycpCmzB9LiKoF3TwalUHgHw2E1uh-dXuRIOxgyZE7Y4Qa9qfms0BHo_Wdsw3gNprVXmaL1KQWvuoPgjaj6GeDLw7Z13shR6d8ALbuQAX5TDrX54lPkignwryHJYa9Y0saqVMz6H2HQkjj4q_UQNzTefeaRK2MeyGN5U3Eas_hW6LovKgRtI7Lu6ucK8ybBO1KzQGHa7y0cADjQTUQ53Zu6twmDQhEdGIS-BevloDHGLwNmbXgB9BrzxXPJ9l5Mhz7ERMUCBYAkKYygZOsCXxo8dCdT7dpuoWHDyzAcG7CqglafWPUQWpkCpfr8mdb5EpnxLeypCAVdz4DtiMIZn3i1S6r3TeKK1MZNWi8Fo7S_H43eFV188x-D4SURN1C9X7S6rxO9waLYow3xDPHshQtJ8aFM12XHnW63gIzKckl-kEOVl2pQErLaCqqAi_Q9Ht1fVIo4Twzg_ZxLbp9wh6iFPdNnScQJRNZru7nIsNLGcZ9lJBZjg_tF2BhlRMJ1hQotoev1pJ3lh3CzF57hk5VkMmnlMIMV74D7NSFTA0sHgfy1dNNcoYOkTX1vuvMRbYu3wHtq0KAHpGUSLxOz4Oi2fSR4ScZYKtfWPm9HzUIEhr8cpHtpPZA-De8EC4dO4RkpbzPdYfdZXKLF5V9ZJpEcrIK5hUGk2US6_qTRiniXqFwT6GrWPYyXHD5b_9VwZoaOrgPEjAUEJBlOjULJCF3xEhLpOFiFuxCZIQXXra-E_MdH8YsskAtuhKjh0IX5WYhVVEGS90ulakcCI0AZnOfs0DWpDBZqRbpI1KzI_5ikgMUzyuVuSIBHvEXkWa8TKYdJriTj6gGpT0Z1U-Hss0EOHW7aH1Jaguy_9nPqPbhWh96e9Odimulw38HseHPHDNfRHVDnUuef2MhY_tjUKCEmFoguuiYNdiU4tL1Sz7CPSKh8Ao0X_-1J1bOvzFR3qKII4rivDJQLlwX8SdDM7WP-yxm9IZwxCBHHB7TRY-BJwT3H8ie7ZKDzlNFT09jHmvHmhaj-kJQvkj-Z2JlV7A2BjCg7oRige3jZPa0Wd6XCjhCI3J0t7ttN1hV6ds-1gS7SqA3yIMp7H11Z8HOc3yPyQwSsRIRi4GZxFpwp_M0FjMfTJTOzwFunx52I4fNFDA9tLZj1sUkT_HWrwuPRIbiDsA_plWdVheOI46gjyWt5H5N--nEO70TbhNyX-6vqtv_5NRo6jyCIFQgIS7cpmUB1JetbUg&sai=AMfl-YTydyHlhxiEwLAqmX25lDKXusrsKRG0hjAKMTj3ToYKsl3WG3KHj8AdaWsLbErvZcVFtDhpd37udfZ36HgO0gGN2VpGaHB8zhXAOvhsTNNex_vcHsyMqQxudOFQQWcdY8_SRSoC1aJBvINFjYKTm6LA11lGOsQtmBAXyKS2sf34bpVdiuD2qcKUBY5IehPTZYK4hVIjYYogwCxIGs37bld428mPN8OrWtpfZ0QJP2j98lZlQz5CDvuxg6iNdkOh8hWaE84O0eeeXuNn2Ap5hySBU-YSeKpAKQq-bC8hYC9JyfIrCTU0Vj_2srAexQCIciw&sig=Cg0ArKJSzNeaqpPbcRrOEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=66&cbvp=1&cstd=65&cisv=r20231106.81118&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EB8 39 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 05:44:25 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame D125 38 KB
13 KB 11ms
9ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:20 GMT
expires: Sat, 09 Nov 2024 05:44:20 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b4bcf46b7b11704ea2e88b3103a89404.js Show response
s0.2mdn.net/sadbundle/12807486595921873393/ Frame D0C6 134 KB
38 KB 9ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/b4bcf46b7b11704ea2e88b3103a89404.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1535347cab84b2b7431d22f29c356f5906552f565f5aa49d0e6922a5d0a4d5c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 00:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39043
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 00:21:39 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B713 29 KB
10 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 10:44:39 GMT

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 5A38
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TX36vtnWC0KRnUQXyAlOZQ&id=ida4mlvgiastit93r

3 KB
1 KB

278ms
278ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TX36vtnWC0KRnUQXyAlOZQ&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 9516c9e4923a17a9a9bdbeda814a5b9522c455d0ef3668186a7fe227be49fbf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Fri, 10 Nov 2023 10:45:28 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TX36vtnWC0KRnUQXyAlOZQ&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4EE1 29 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 10:44:39 GMT

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 1463
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=MY7k_-VXCI2R3vdlyAlOZQ&id=ida4mlvgiastit93r

3 KB
1 KB

297ms
296ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=MY7k_-VXCI2R3vdlyAlOZQ&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 21fea726c9b91bd4334ecdb0e7cf8169294dbc21b8f0f3afe974ed3a43fc625d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Fri, 10 Nov 2023 10:45:28 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=MY7k_-VXCI2R3vdlyAlOZQ&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame DA43 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 05:44:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=714268899992315&bg=!1tWl1ZrNAAZxrfrxUa07ADQBe5WfOJlH5iOWjkpcz3cvD719LNjKOqEByrz6-17Etux9YU7ow9Hl6lezql-_Mi1WXTKsAgAAAGJSAAAACGgBBwoAbeGE6gqKhGxCp8WJ-I-2-WUoNZsFG1-gqxLHrFvopiJgWR5HVJChjNnJdnDac1--pwyH8oIhFpl6KGTv6U1dsQkaGf36qlJK0EgTLHXvk-rlVyYrGnTo8F7x697pXCAj2e93yl5NFsUhjXscMHKZAqsH04tVsz7J--nctkwfEN72KkGMe3JaHU2EsIOFBuRG8sxQ_vGQ1mrThWTYccZWsMtJVmL34h_2E9cKtGOcfLUThgX929K6om73HOmPwlVQtkB5Z2uhZYFocojIbPqqxbUq3S7KiWrZ6b_zAYuwn_t80yHbB_lOiRbjuhTUEsqTIlG684nKe-DbNycWK2LnCbPCBQG7vKbI9LkFpw3rjos17Zo4b1DHZTn0Dj37EHGilmRTjUDoZ2NNL4-JgAVTceZ3K238YYMo6tZmr8CEnfWvitPNqNEDJ-_8TXDHbOaEJfHKi8DjUzcWwUacuZqRa75zn6ojbMIg6TgRnKDSTSb_cab_ydAeyA3gRzGe77yrMB5VegMxU0UdqYYDOxWMNZO3lynrNHqj8-agMOWCi_Xhe1VGghjSR9Z_NZZEZ0qq7Amw7bOta6cnVX-f4Hdn5gA4JJHTtSffKNuFpsFZ0sMX_iYlthpCH2d5FOfr7xCA4Au43gbAMnCdK5XFtHE-leVOWv92S2IfGQg1DVp6KK1VyWybuGhCl468aFV7UsTJ-pTLOv2fgvoCspFj1401q2HPWibmQs0I1BNQlkd07hZ3deKJ8rwWZbRD28gV9F-bqw0dnhLVfOGtQAf1ahuzUq8JZd-TT_ymQiyCz6X0bRasObdSAdviXoVJ0b80_KXoWBs08_5fMiLgH-FwH28DVBVrR4vJ-iwIi6KBDDsbGZxIRtvs3Qa6TpKDDBmUR9dEzlZjp1vR6WP07rbJAkvgg6ncBWDfQBim43EzOO6K5MM6s37bnr0OOqF3PG-01o4-LMzjfwJxp7g9dTN1uI6Ye4mtZ252Sbs_zUw6jW3xAxqocoDYhYgeOSDOTfpZesFMeyKZ5gDG2GkFQcvCIeMbxKElgWGOZEtGv5OumA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D125 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 05:44:25 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 1 KB
642 B 10ms
9ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 02:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 02:49:26 GMT

GET
H3 200 d1df1f2fba322c8cbdd32b9e0f7bc627.png
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 10 KB
10 KB 12ms
11ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/d1df1f2fba322c8cbdd32b9e0f7bc627.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c464c8fe534e1979c2656dfc7f5849499c7829f23d55e9f348baa52fa2eaf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:07:21 GMT
x-content-type-options: nosniff
age: 9486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10127
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 08:07:21 GMT

GET
H3 200 901066d6a068abae473621f270bd1026.jpg
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 5 KB
5 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/901066d6a068abae473621f270bd1026.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

374dc66429a5d3fabb947be8b237a02f525595f5a9c3170e4a755e86a89a2edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 17:47:54 GMT
x-content-type-options: nosniff
age: 61053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5142
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 17:47:54 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 5 KB
3 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:53:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1780 0
0 44ms
44ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsurK7q5Kwv7BJBjkletVo_U_ZXgitIaifo8BLMHa8RRNqeAG8KOmtRWZwIR9wqO02jJht5hjvivVXm9O6DGOQNYKle0UuvdmcfOX79I7uy-ahLTd-XQxcdQig7qTYCZQULPZToJaRSveWYfuXEbFBEw9Xg4pZc24pozpm16r85jejzmanvwTwmF8U-60MXF1T1_5RWOjbLzy17PlH3LwWRCKHinHo6zgW22THL4weOta4C0gLep-ehXQtetVUlQC-FXUFTOt33PrtvNwDoVSf11T0dyFUf0aGGzaLxM6xcA97DkqAr7POJUN-C6H7Wr8tgq3TdvdCiG_n2IvZueIKodPKqEu0G-HyQ4LmpYfkaKXE01xlrTZSjq3At_VdBiKSBDpectJoYmOUJMlboEZ7J1ZtiH1hAs9wecNIjUJeEZaAshBzhOaCQWs1cEdASj6g-TcYCqFlWsXuCE9uLBi_3lVcLAlYIUPAPN2OmJ3WbnoraLreKU82MNlLn8PrtC4lBSJSNLwTSewlLhkx0E5wgGsnI-tbKzIcCR2LMXNy3dC3T20GlVFA5tM2adEp4Qg0SuvEYF6LIUxiHig23CTYGIOm8V6klGvz6s5a6_JB1yPuRRK_3f0L9JisuG9adPZ6JTxU-7VnisaCu2vmpwA1kKKwZxELRM1RCDnwdEVVQ0RhMA1FNr9FXZfOqpp0OlwznGfQrf_69A5jbi8727ay4YVC9iXt-bXJQz05vfuHZbhzSlo1Is3vkNypo8gLTz5ry9hCk4l7FWusew02L-wI9A1oHvnYW0Fe5yJS9xh_uqR1JfJNd3Iy2S7H6gewZ0W1xHNzcL9A_HGffWFWpydfIR1QJ9kSZnyTbNuHrbAbJsViginRHfME1o8dVEtdJguom9hQ4SINAPqX42Z5lLd1JMYDSZUj12t10EV3E7gnqXAuCC7FZQOWhIdYqzMx9FY_Nkk9a8jrd3ujB1KHFK8MdlfTCkXFhDNxmVQKSLSHLwcVgwZDa7TTNMT44Z92PV3bTGo3BPHahCa54olGdnwaG38GdzPOOQqqfaGIlyNTwnJDWoD8kttUhjcE9zKZwNJ7z5PsUPnHcQx3kJ_2Y01azvqL44TD_S2_UfmVkDNK1nK41gNEopF5e7M6w4J-I-eNGvGJjLYiCw2Yj7GsCk7yzsUOGc9f5oH35ErCDA02caNFTZIcjLlFWMmUA1jFBgM60evc6N3SZTlrs6Xfn2ZvRgK24susSD0O-jr-iGj65oNudFZn4VuOtt1eFsjdubqvBk9NSREOYemVYX9Gg6dRtnSZPq8J0sI31rzqgkwkvVWVG_KC5uwNW96TnDyJ0HTigzH6AmvzeXSKJzKmNW2JXJxxy3bEJLdOWO5QCVg5K2ho3hT4MmXistNLs8AQ&sai=AMfl-YQTg1laimJyf3dL6WJeOHsF7dYf-Ry3Kjd8t-1ig4Puc3V7KeFys9_aMpXONz9DeWZXQ3KlpbYhjfWRq--YBVVsHSOyDdMCyp0mpedl6dsgl6DNxAQ0a6brCllo18MXDPZEaf1rhMLv7iz16IeuxKunqAMfROM7CTD4RmaQDZZayVdcVR10WL92P8vpfqS9NmLnov21nv14YTir7TmXymHanj1BWE8iANwYr-iYsQ0bjDjnLBUwgm8Dzwr2mnCxtIgyQJCXNEHDnQ-2vKdgSM7ufAADVLTDH7R8m6hXlCdztHZ4kc_aKMRxkgvkWdKLTbE&sig=Cg0ArKJSzDYvk4uKzTt5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&vt=11&dtpt=167&dett=3&cstd=75&cisv=r20231106.72516&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE5F 0
0 45ms
45ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUoE1W3pjyspPQd6QU_TDrhgy7xaKYadNvE3CGBQrjYBJFsRhVhMBcwzweRfzg0aaDBKUmuOGIk1a0NBnQzdXzYZiZ1m-bNVkaNI2h60SweXD9M6Y8-NqxrRGhtKBu_eGS5DMaclSQm49Aa3K2gJFE91oh8AyisFycpCmzB9LiKoF3TwalUHgHw2E1uh-dXuRIOxgyZE7Y4Qa9qfms0BHo_Wdsw3gNprVXmaL1KQWvuoPgjaj6GeDLw7Z13shR6d8ALbuQAX5TDrX54lPkignwryHJYa9Y0saqVMz6H2HQkjj4q_UQNzTefeaRK2MeyGN5U3Eas_hW6LovKgRtI7Lu6ucK8ybBO1KzQGHa7y0cADjQTUQ53Zu6twmDQhEdGIS-BevloDHGLwNmbXgB9BrzxXPJ9l5Mhz7ERMUCBYAkKYygZOsCXxo8dCdT7dpuoWHDyzAcG7CqglafWPUQWpkCpfr8mdb5EpnxLeypCAVdz4DtiMIZn3i1S6r3TeKK1MZNWi8Fo7S_H43eFV188x-D4SURN1C9X7S6rxO9waLYow3xDPHshQtJ8aFM12XHnW63gIzKckl-kEOVl2pQErLaCqqAi_Q9Ht1fVIo4Twzg_ZxLbp9wh6iFPdNnScQJRNZru7nIsNLGcZ9lJBZjg_tF2BhlRMJ1hQotoev1pJ3lh3CzF57hk5VkMmnlMIMV74D7NSFTA0sHgfy1dNNcoYOkTX1vuvMRbYu3wHtq0KAHpGUSLxOz4Oi2fSR4ScZYKtfWPm9HzUIEhr8cpHtpPZA-De8EC4dO4RkpbzPdYfdZXKLF5V9ZJpEcrIK5hUGk2US6_qTRiniXqFwT6GrWPYyXHD5b_9VwZoaOrgPEjAUEJBlOjULJCF3xEhLpOFiFuxCZIQXXra-E_MdH8YsskAtuhKjh0IX5WYhVVEGS90ulakcCI0AZnOfs0DWpDBZqRbpI1KzI_5ikgMUzyuVuSIBHvEXkWa8TKYdJriTj6gGpT0Z1U-Hss0EOHW7aH1Jaguy_9nPqPbhWh96e9Odimulw38HseHPHDNfRHVDnUuef2MhY_tjUKCEmFoguuiYNdiU4tL1Sz7CPSKh8Ao0X_-1J1bOvzFR3qKII4rivDJQLlwX8SdDM7WP-yxm9IZwxCBHHB7TRY-BJwT3H8ie7ZKDzlNFT09jHmvHmhaj-kJQvkj-Z2JlV7A2BjCg7oRige3jZPa0Wd6XCjhCI3J0t7ttN1hV6ds-1gS7SqA3yIMp7H11Z8HOc3yPyQwSsRIRi4GZxFpwp_M0FjMfTJTOzwFunx52I4fNFDA9tLZj1sUkT_HWrwuPRIbiDsA_plWdVheOI46gjyWt5H5N--nEO70TbhNyX-6vqtv_5NRo6jyCIFQgIS7cpmUB1JetbUg&sai=AMfl-YTydyHlhxiEwLAqmX25lDKXusrsKRG0hjAKMTj3ToYKsl3WG3KHj8AdaWsLbErvZcVFtDhpd37udfZ36HgO0gGN2VpGaHB8zhXAOvhsTNNex_vcHsyMqQxudOFQQWcdY8_SRSoC1aJBvINFjYKTm6LA11lGOsQtmBAXyKS2sf34bpVdiuD2qcKUBY5IehPTZYK4hVIjYYogwCxIGs37bld428mPN8OrWtpfZ0QJP2j98lZlQz5CDvuxg6iNdkOh8hWaE84O0eeeXuNn2Ap5hySBU-YSeKpAKQq-bC8hYC9JyfIrCTU0Vj_2srAexQCIciw&sig=Cg0ArKJSzNeaqpPbcRrOEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=218&vt=11&dtpt=152&dett=3&cstd=65&cisv=r20231106.81118&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/12807486595921873393/fonts/ Frame D0C6 173 KB
80 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 21:35:16 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A403 0
0 44ms
43ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQCz6D0SmPiOkKZhcU-4tuhNuv3EjIdsmf1fFtRdU6ons5wHYh03So-kAzgwGd-Ulz-dSUTEyV_qe6hWE2qCUHU7ofGUnQ1U6RLuvbGMaaBDLZzqiqiFmHjh7BOKCgyz4cTilJ32rqarvYg_HfKoDbFdM0ota_RLSvlhryLx29Mt77sZ-gmF8OY-FaVuecCnpCbC5O4I68GziLFelHGBDh5kVW0HHuRc2A0aCQFL4s0b-6TZTavX3_QWvqx6hphcIhmoDhK5HecJtDPqsncYQ5vN7m4aqPEigwfOvUlBjN4WIib6p5yM_0YvKCG5sH3VbjVl6Lg04_c4v9azrfYu10FTsX4P5cXheDA2yRJ1PpanuKTqgZ98NfDKkpC06LqyG9emZ6PAUsLkSY54dn-v0KLsLWIZYqJE6Asg3tUuaW_E4iptmjOUFxzRQQHFslMvWbiEqR3U8g2wBRBjScFKQMe806sSMQ1g1OrjmMtJ1YL5ROZyek_FNp9CzBD4kotQE_PZKu4kaci50dNcvgI67avChG375cblG74BnfWR_krJvpN2Olr3_Ma5GrZ8bqyGKdpkS9Hy8O1ExgjKRCeAfdzJObfih13gMNRNv4qx3kNnzG3VrjY9pfuaYC7UyuEuRoJ8NQvT7NUOJz17Dd_op6jswCzQ-3pC9iDiiZwXr2rY2-HJZbqQfXG_AoH_0-duYQAJntaPr3pORtZ2MR1hhYH1xBwVaNZEyDn1WQIWUJ6A1MFF-YQTM3IBFPXAqRaos7ZhRMMHfmPUiaidVuQFTmGGpjo3ooZzhTx4ZvkkTv_rBOe97yI_pSwv5skgV8k8shGokqWShiUKDy-ixkN5KD-secYo_65RxJ1U5fUvEWTZeNjzNkT_dh2ET659XrX8uQKmhJLUWflG6QAsBt57d48fKor-QYExiXirQg4juoUBOI7CrLAoE5oKgK0OYAS6U3hqOJP5-rtxCQXv8AD-CnYQj5lWBfiWmzhzRYfa8-RPImHjHoyDmsgvhoSa3fQ5ckHPf8RdP-I1cbcjga7D9_XVkjMorhif1H0foaRdaE_PYysSyPspKbXha36T8GSei3fsdlVpTGX5CyrEtsb18zML7Fucnfuq_uovsDUE_CxzcEZtJ3witXsmvKi_pPib5Rqe-qC413AZ-p7fxwdzTOIfzDOzN6MwY2P44p0a_4lfozaWjNlunIclJ3b_pPbtU1Qggboc4IC2Mqywvhk_9vHKdyAl8xf_vsh3OcYmgjgjSen4SJb5Pu-wxmtxQ2uMhNyQjEZzoqXsXPd729XuDK4nZ6MflEzzmwhtEQMJYkbCU5pWzhPUZnfGAZ8ysmaLeAvJdCdRZe&sai=AMfl-YQ5aWWfyTv7jZtwJkKLPNKfEiPprttOkGukchRgOpYMb9SgwUH6atMUHBK7_5nCkyx1hRTNE1gDj6UiL6uE3YcDQWrejFRadVzolUOEaA-MNjv05t6FlvNa7v8_MoCbj09pyWvEw_jPPYkE6GYUncV5fdBHImIXZYs0p84TiVp1y6Yn6jPAfzQq-KAmWi3izE00GaKdtvfZRPX4VLx2y_az53w7QWl5sKDBw7GgDHGo_Yqes2vEzuNzHZXeNL76ARgcJsT91u6f0WNomQC9VUb9KzScru56m3t4d6Kz-Hq80Kwj1pXkR2COkfTvzU0T&sig=Cg0ArKJSzAOybPiPZMr9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=333&vt=11&dtpt=223&dett=3&cstd=107&cisv=r20231106.44755&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: risu.io
URL: https://risu.io/GxeOH

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 1 KB
642 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/b4bcf46b7b11704ea2e88b3103a89404.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 02:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28561
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 02:49:26 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 5 KB
3 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12807486595921873393/b4bcf46b7b11704ea2e88b3103a89404.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:53:44 GMT

GET
H3 200 94b8e4ecff73b8a16c70e2331be84df9.png
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/94b8e4ecff73b8a16c70e2331be84df9.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015b7e58f0c92c52619b207ea31059ade01dd99e1329e98cb2695fa1f324dbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:43:07 GMT
x-content-type-options: nosniff
age: 18140
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3688
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 05:43:07 GMT

GET
H3 200 d1df1f2fba322c8cbdd32b9e0f7bc627.png
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 10 KB
10 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/d1df1f2fba322c8cbdd32b9e0f7bc627.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c464c8fe534e1979c2656dfc7f5849499c7829f23d55e9f348baa52fa2eaf93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:07:21 GMT
x-content-type-options: nosniff
age: 9486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10127
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 08:07:21 GMT

GET
H3 200 901066d6a068abae473621f270bd1026.jpg
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 5 KB
5 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/901066d6a068abae473621f270bd1026.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

374dc66429a5d3fabb947be8b237a02f525595f5a9c3170e4a755e86a89a2edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 17:47:54 GMT
x-content-type-options: nosniff
age: 61053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5142
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 17:47:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EB8 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4Xz6xwlOZfK-AYqajuwPjJSqoAIAAAAAOAHgBAI&bg=!srGlsf7NAAZxrfrxUa07ADQBe5WfOPXLCli4PYYJuf2JnKV0Aqz1mtx6Pr6ZbCy1C6z5bN0_mSA3-Eqphe_Sagf8leRiAgAAANxSAAAABWgBB5kDBk8EemcY6g59SxRSeqeovBpkPyRkAgrs-h-qBeZ83BCX8Yera3sHYkE_HcFWAV926cJclHjoq59YaCoeEtcVNmJouZTAH1vsC0j27FqAflBvsbyRf9RNRwnxAKLUcq_ONLaek7a1cJvzoa3rpaZhcQpYk6Skk87VtqzNt37MVd4O5YG9R1UgtxpjvKAU96ccEohQbRpkv5iUfdR1hlWVS2cXfHWLIq_-FvO2gkkn2dPaY9CRjFjOGIuZzb5PGmii9O8Re64OCkoYFzkNyRTvlH3kEbMQFNESFTkSq9IR03bi0zpgtQWaW7dcRpRqEM_9JtD0PHE7iBNeFR07gZ_vcWKHNO-PKgprRraH5hsdvrJWu8Sd4UJ4GqV3mLPoxYVexgrbBDLEASDg93nDT__AFb0IIOmNPGmV9WSNKdHq0ipItw2jZz6zSDOqRlTNlgsHMvfVKr6ZBr-NmDwnzY8nquYzL1vIiO7a-Em7InSKxSgPeX_2QxmDZzukeixnlyD1S33wyvkeze3iZBwUcKvqCJlts-VxuwDGI4_ToGm8pGIHOP8OfFYoYd9C2K_JHOHrNvCDbVUrrvj5VXxg2Xr-t0t6lLuf189upwvjAzX-4Xc1OO4jnfdeqgipPGPRUoZVMNwBQ4TNt7d7MmOBvVGHKS6db7r3CQhDLhRiu-Y85MJFhC_Gc_2jZFbcMS4974C_EJejGRCvdmseYpZBtd5Dj1ocRo03WvZtB2Ngj8jyGu4dDH5vicGfqvtSY_xEq9Uc7Q9iQwZIeF9_JIPMx-lpMmap95eiiB7A8bBGbJXL8tQgBOI9BY19QMFRPFY8JncK7xN6hYBHl7jpviixqVn-cL6Xisfm2EKNLiBrNtWCBGgFmfGb7SmeCYr7Q3Nn4UY5qgeZGg-fpX6EnUVHA560B4WsyDyqPO9y1jicwD2pyzp3Ctf5OuDuEItZ23w9kw7JzHijsIG3PTV3GuQbwnazJtOGC23GrkGYFTSNS4CfqzwlawvsLwyXoZK7aBWjgwA4BgMRQCL98g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA43 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=By7m2xwlOZejFA5Dmx_AP04SM8AEAAAAAOAHgBAI&bg=!JSalJmnNAAZxrfrxUa07ADQBe5WfOL7-3vtJnUzU5OmM7sGCHwNsPAWXzityQc3eH-EKZBqPfgRXoJ0cmViyuZeahTV_AgAAAOVSAAAABmgBB5kDCGu87YV_GnRDv8bSugaVaI38PSBowRffoDEHqsETOU5iMT4mCatYE9QAkMvGYExpDrQDrearDtYxvE7H3G2vOauA3OBj0nzDV4JWPGS5Lic4ZwSFnkYahMA87Qdj2qdDlimna0i_4f5lPRJ5RBnqCOaLxz4Kv4WZto8_JF-VA7jqhRNGyika_RFHO7fTncgtRhaO69-malAyoJU-nO6vE5LYsA739DC2xoQQmJrU7b0wB1ADRv7R-iYYR1beBls1EV5jlf02jxF21_V5sd9cuCfSFrm3G1GLupifQOrzyBv5VsKNOnXqaV3GINOfOtZsSgvJrS-cQezcQCSuV8uiu8g_bOiilyF5_7an2GzHNN2d214phzleG7QIVPS3zHIvJY1f8x11inO8zbKKk37RJbsUG9jbFHlOj2QanoTaY9Sx96S2DiZAEFyz54n6bOgIkirguWjdOXA0dxejeKaK5NMC_TIruRZs-W8mEBUJQtwWznIPlg3m0028gOto2s6LOyGe1Hddh9d6uikOl_k7MyVda2Q9rSjrTYdXFlO-i5Ra6JZB_eeCpTkaPOrSyKZhLW7l13I_8So5P7mplDbxBaRwWwIlAQp8fDh1nVWTGcKDp7Xwy5lIf8g4koW4pevceXN_ZzblmGrnGJifizoBMA9y-Hr7OHd4LVw9ULftVPZHp_CC_A5ERVlaAR_GWHGsBeMO75ZfEall9SZR8-LXN-ikdlYLCqEoyD-D4h87tobSBNfAIXouvCnVRzzUfHZfqwwWP_7oqcuSn-EHPB7BOjes0iBn1TdvWIPaaiUn4yay6FsquN9F9ec5nSXn8eo2zqGdBP21XCq6u628lixOucOZiSi38nQBXQ0j16TXd3xPcuWUYPagPDhKMC_GSyGB5xGt2P_f7ikIOjCWkymbf5xBxupsmFhDUEKWQaeL0IPQL2rJmIKS-lUBv_cd3qFRwUV_KLI9tCeKFiwII_xA9A3DRbTyDGabMljZUzAhQqIPaqHbGOcKt9iPKWQaXo1QGoFZypNjFfoG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D125 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqUv1xwlOZfu2BOjZx_APwaCFEAAAAAA4AeAEAg&bg=!GRqlGlXNAAZxrfrxUa07ADQBe5WfOMlrINrbixcGDn8hZ4q9cTKBtaTjJRL_y0m7jkyvNjCdO2jHpEyA6F_C8H70vY4UAgAAAMhSAAAABWgBBwoAQ-4q4ek8sRU6ClVZxSQxP4PdoetIF80zA98BlFJN1OlZiP6jtYIYmSjsSqke5mhUVtuDyDwg40K5Th_2RHtqq-SJIweZAwjUqliFccZBE0SMlHe6IEM_GJnZuSTSIJPc43LUc1Q8rYGPh5NwYbr8qcOpQcOpANloNNBgfwCmpKxvOH0fW6Vfmea3ZVFFrCGaCWuCfWZrgS58ODXECT-P8m9csUBCc4fVGs2kf0enUdlxuJjnYOsX-ySdUvZXmmWvGUY19dZIeSCV7rqmxmWzx8t4lCsD7eYBTf3QnRSUoSHMzuMEhLSS8fAGXwB79VJX8k-OS-SfnuCqC45dxn5QEZ_lv3mUcvHI1Zh7fNS6nYsTsSrkQD51o-35wygaBnWGPSiREf5tq4F200AI0EyVvYVVifLfZEfGYngsXF39LLis-zJa6P4O6Su9o5_Pff-y8eX6nejaPSJLTWNP0whZtaUtrgYB3dO6D0VOSCUlr9k4NG6sDTUqvTbrZPTGKhDxmetue6zhpuky9YF0ZtMYn5m97I3gCubx8TiIk7IZwOxCgdarflQzI4r-J8bQ-T_m_KZj0H8GK1vSO1Ca4_jmpTU0WbeWY35GLXzuKn3lls79k9-zFa2E3R50b32tEkVMHki093zOirKMnOMcFXF2BbMm6eVc7AindbOgLI_yDdzb1pBtyJeSYwHo2J4XBBdH-LAmiALXGkGtbYvy6ZJuPIUq2FmkfyfsX559spC8MAN6WcctAmZb1aP5NYiY1MdVtdNdFkfStBXih1rXy8bQHpa1LZQFZKGhSmb8FUaEoHN9U1YyPj1KGwl-SUuvYkAmFlE0ZF0AAjWeLF5IDus4X5o0Ez6-kgrZbj-JBYVWGjSMgb6rlhVpVlFChgLk5n618gIwGdCMAeqc9qhbXQPhRnLObRaGrXT875S42Q54Y5-6QLLkebrYPeg-WxTln8ANS7uRWhucHnP3rA3Gs9hyvXlqXl0zE5dFccm1ar3TRJfI5dwOnHXojRP3STWnrJG9feYlHIQHWQk7DrV4TZq6SRu-j2At9wOQyIjoCRaoqv-ea3nvyYYsaDsIyXeFXqSm4eoKEDxosQEjt89fBZ9lSfjLBBSU1_xZDDex_NknRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1780 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d0878cc351649089c5981efecd967dca5e21701d976d1ad63514ce8a67d6e88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 404 null
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 43 B
69 B 668ms
668ms Image
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/null

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 10 Nov 2023 10:45:28 GMT

GET
H3 200 fg.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/fg.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50e483322a23da4e946c6b02e63aff894ed0327bc5eebb492028be2a236adba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:29:28 GMT
x-content-type-options: nosniff
age: 134160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3350
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 21:29:28 GMT

GET
H3 200 bsh.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 2 KB
2 KB 13ms
10ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/bsh.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c09d6f1fea7d0ab9cf3527b9854cfd80cb5d3b01eba9c254fc48192c9ca27442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:30:42 GMT
x-content-type-options: nosniff
age: 18886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2124
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 05:30:42 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 1 KB
2 KB 18ms
15ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f628a9bad4f015f8e7e75c249bb0a00a40ec41023899166f53c5fc778203ebc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:05:25 GMT
x-content-type-options: nosniff
age: 319203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Nov 2024 18:05:25 GMT

GET
H3 200 text04.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 942 B
977 B 16ms
14ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text04.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa50a9f9876ac36838a64fabf2d22935d66741bf4ab9e898489a6ddd0b0e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 22:58:29 GMT
x-content-type-options: nosniff
age: 560819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 942
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 22:58:29 GMT

GET
H3 200 text05.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 3 KB
3 KB 15ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text05.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4b198abe4eb458d0d1e59fe765a451072fbbd413bee208240d14b579635e1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:21:51 GMT
x-content-type-options: nosniff
age: 59017
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2584
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 18:21:51 GMT

GET
H3 200 schatten.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 2 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/schatten.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cad184993c8dd48fef0eaf48298f4f83956c6b6d79447ac5c5750b65bbf43ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 22:22:44 GMT
x-content-type-options: nosniff
age: 303764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Nov 2024 22:22:44 GMT

GET
H3 200 hi04.jpg
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 34 KB
34 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/hi04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b28ea51ba99efae71f9583808164dffa71f6da836ab1576abfe2b4c94b1634e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:58:46 GMT
x-content-type-options: nosniff
age: 528402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34543
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Nov 2024 07:58:46 GMT

GET
H3 200 text02.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 3 KB
3 KB 58ms
57ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5587570e7200dd6db9ee86b720dbd2621897a83ba3fd0270721e534b145572a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3002
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 10:45:28 GMT

GET
H3 200 text01.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cec54b1e6b86690fd4958d9941745cb1addea27a943eb41bc68a4d1130494bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:56:57 GMT
x-content-type-options: nosniff
age: 24511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2499
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:56:57 GMT

GET
H3 200 gelb01.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 169 B
204 B 19ms
17ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/gelb01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53832e6f0edc37423b4cddfb548ce44545141dea7aef27877885aa4689fbe3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:41:44 GMT
x-content-type-options: nosniff
age: 68624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 15:41:44 GMT

GET
H3 200 hi02.jpg
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 62 KB
62 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/hi02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e5f5c1c87d05652c665feee88a386c5711ff58b6e13ba1e336430eb432a50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:00:05 GMT
x-content-type-options: nosniff
age: 571523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 20:00:05 GMT

GET
H3 200 hi01.jpg
s0.2mdn.net/sadbundle/729354386462554019/ Frame B713 36 KB
36 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/hi01.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd5e09833a25ffe4d589d31872226c593ead71f5e26aab06172a02c5baa5b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 17:39:15 GMT
x-content-type-options: nosniff
age: 234373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36945
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Nov 2024 17:39:15 GMT

GET
DATA 200
OK truncated
/ Frame EE5F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b716155bcd3e9ec506d6d1bc441367b61e964c7a2002d4cd84a986ecc0286282

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B713 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 404 null
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 43 B
69 B 833ms
830ms Image
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/null

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 10 Nov 2023 10:45:28 GMT

GET
H3 200 fg.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/fg.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50e483322a23da4e946c6b02e63aff894ed0327bc5eebb492028be2a236adba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 21:29:28 GMT
x-content-type-options: nosniff
age: 134160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3350
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 21:29:28 GMT

GET
H3 200 bsh.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 2 KB
2 KB 10ms
8ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/bsh.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c09d6f1fea7d0ab9cf3527b9854cfd80cb5d3b01eba9c254fc48192c9ca27442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:30:42 GMT
x-content-type-options: nosniff
age: 18886
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2124
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 05:30:42 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 1 KB
2 KB 11ms
9ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f628a9bad4f015f8e7e75c249bb0a00a40ec41023899166f53c5fc778203ebc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:05:25 GMT
x-content-type-options: nosniff
age: 319203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Nov 2024 18:05:25 GMT

GET
H3 200 text04.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 942 B
977 B 11ms
9ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fa50a9f9876ac36838a64fabf2d22935d66741bf4ab9e898489a6ddd0b0e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 22:58:29 GMT
x-content-type-options: nosniff
age: 560819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 942
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 22:58:29 GMT

GET
H3 200 text05.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text05.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4b198abe4eb458d0d1e59fe765a451072fbbd413bee208240d14b579635e1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:21:51 GMT
x-content-type-options: nosniff
age: 59017
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2584
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 18:21:51 GMT

GET
H3 200 schatten.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 2 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/schatten.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cad184993c8dd48fef0eaf48298f4f83956c6b6d79447ac5c5750b65bbf43ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 22:22:44 GMT
x-content-type-options: nosniff
age: 303764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Nov 2024 22:22:44 GMT

GET
H3 200 hi04.jpg
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 34 KB
34 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/hi04.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b28ea51ba99efae71f9583808164dffa71f6da836ab1576abfe2b4c94b1634e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:58:46 GMT
x-content-type-options: nosniff
age: 528402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34543
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Nov 2024 07:58:46 GMT

GET
H3 200 text02.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 3 KB
3 KB 33ms
32ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5587570e7200dd6db9ee86b720dbd2621897a83ba3fd0270721e534b145572a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3002
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 10:45:28 GMT

GET
H3 200 text01.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/text01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cec54b1e6b86690fd4958d9941745cb1addea27a943eb41bc68a4d1130494bf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:56:57 GMT
x-content-type-options: nosniff
age: 24511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2499
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:56:57 GMT

GET
H3 200 gelb01.png
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 169 B
204 B 14ms
13ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/gelb01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53832e6f0edc37423b4cddfb548ce44545141dea7aef27877885aa4689fbe3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:41:44 GMT
x-content-type-options: nosniff
age: 68624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 169
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 15:41:44 GMT

GET
H3 200 hi02.jpg
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 62 KB
62 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/hi02.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e5f5c1c87d05652c665feee88a386c5711ff58b6e13ba1e336430eb432a50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:00:05 GMT
x-content-type-options: nosniff
age: 571523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Nov 2024 20:00:05 GMT

GET
H3 200 hi01.jpg
s0.2mdn.net/sadbundle/729354386462554019/ Frame 4EE1 36 KB
36 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/729354386462554019/hi01.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfd5e09833a25ffe4d589d31872226c593ead71f5e26aab06172a02c5baa5b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/729354386462554019/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 17:39:15 GMT
x-content-type-options: nosniff
age: 234373
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36945
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 08:13:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Nov 2024 17:39:15 GMT

GET
DATA 200
OK truncated
/ Frame 4EE1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 5A38 12 B
233 B 318ms
278ms XHR
application/json 34.36.145.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.145.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.145.36.34.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.6.2 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://risu.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.6.2
content-type: application/json; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 1B58
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

24ms
24ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H3
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4048
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDzPbMnQvocvS3Hs23wZzUHfuG08%2BQSusITCtGakPdgfkFzShHCtIKu6MlLFquj%2BQHCYCmArwQtFydZqB5OAHTTw0SS%2F4pa1yIOWMFyKwPEyKyviOSgabbV54OixcsZNxkfVQQnEm1M%2BmRkOVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 823db4c7feab65ae-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 gcm
gocm.c.appier.net/ Frame 1B58 42 B
351 B 258ms
258ms Image
image/gif 172.104.105.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.105.5 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1715-5.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 10 Nov 2023 10:45:28 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 1463 12 B
73 B 300ms
278ms XHR
application/json 34.36.145.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.145.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.145.36.34.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.6.2 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://risu.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.6.2
content-type: application/json; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12

GET
H2 200 gcm
gocm.c.appier.net/ Frame 9B0A 42 B
351 B 258ms
257ms Image
image/gif 172.104.105.5
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.105.5 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1715-5.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 10 Nov 2023 10:45:28 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 9B0A
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

19ms
19ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H3
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4048
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Sd8ZqV1ZGxiEROqcappq4WCqsIKhNrZ4X2h0FxqOht2EznWuuun%2BcLqNUl5lMWYhjjVGJ52kvHXs1z0oDjW%2BRLcYKRMpBSAwH1JCYcGwp4ZUeQepd48IgLkUZk6W83dcPnhj%2B9NtJ1TKxGC%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 823db4c81ede65ae-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 1B58 975 B
764 B 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5338
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxn8IhI%2FYc3rpVHt4qJABRZ7u%2BWoiBp6h8dP8q6W4ZjbSUNI%2Fhbiab6gpDAYLdn2aw0fvIpqPxZZqxsyCnTMueBX3u3WSJdzRMUF2%2BDKh%2FprgeaxceyNm8kpCjXwDZEuzj2xXjYUEnK4faOBMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 823db4c83f1165ae-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 1B58 46 B
485 B 405ms
94ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 88061330c27cbd036b349914c8d3a9250f8a695ab9fc76a4ec612e7bf1473d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 1B58 512 B
1 KB 293ms
109ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FGxeOH&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.584111394442488&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 10:45:29 GMT
X-Width: 728
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 6478d452-a4d4-3b74-b2c1-dba949050885
X-Adtype: html
Connection: close
Content-Length: 512

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 9B0A 975 B
764 B 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5338
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vdBL%2BOnJ9Z1CSHSubGqTMxsAi1WA9u9dUdZirx0jwUHNN%2BkC6hylkpf%2Bdu0w22mkJBnkOE36mbJv3bPwwMRWe9KulTpYpAX3JcfkFbsbZVwzF%2BWKTEX2WLB96X%2FhzjlPz5EE0sVJ8LZ4ZtHtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 823db4c85f2f65ae-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 9B0A 46 B
485 B 388ms
93ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 88061330c27cbd036b349914c8d3a9250f8a695ab9fc76a4ec612e7bf1473d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 9B0A 512 B
1 KB 298ms
114ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FGxeOH&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9720096251470554&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 10:45:29 GMT
X-Width: 728
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 6478d452-a4d4-3b74-b2c1-dba949050885
X-Adtype: html
Connection: close
Content-Length: 512

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1780 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4793944929650&version=m202309260101&ct=76&x=1&cor=2705624644699179000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1780 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWlJrSd5eSW0EsQbNBh7EF3ZxsbtXdbBwhUT4eHs5mzRBx6QvAsc2Z-VmeQPgqug75Cw1-qWU8EFX2VqYT9UQNO6DTHya6jmcgmawPAL7vDwvCD8NvHf2bO6Ucup5QdoBLyy_pXur-uZf1&sai=AMfl-YS6I5dAIyg-SXipvNIbenncWNyS6i2MoLiKIyUIeTx0H35Br_ChZkQdQJHRYLrYAY-6h5p9HPuE9MbYRrkqDdRCAUCicp56yXBMI3KBuYJPczKY64pZB5FR8dcP4cVzgl1ARHTnA8ZMnxnTKnEGlg&sig=Cg0ArKJSzM308rOfoQBAEAE&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699613126937&rpt=1130&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A403 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5873853340168&version=m202309260101&ct=76&x=1&cor=11175279587433066000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE5F 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4629085880451&version=m202309260101&ct=76&x=1&cor=11685136766494650000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A403 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEx7wu0TdZWJElLtPArfQiC-15hIeg7VeIEcKSt86U5IHUMoNUbNYRUdHEBV7WHWpaScrKo5gwOfiqicXe3sYiVxAB9j6-nhFr76lCQeafmMp0JnVrZ19sLOw1bw2AK_Dil-lURrnuJMCg&sai=AMfl-YRLvlIkmGeT_jI9U6zxs6bJRKUjjCp6UonsdrpN4mk6wv9im3hELEHf1BrNBPkj2IowwDgiEq3rRjFMAM286w_Vic9LEpwD7_i4Ge-4ajEGfVzhtY4js01k-qilPrlAaSafe8PV8KdJ-ot9vDs78A&sig=Cg0ArKJSzHFZxt1xDjVPEAE&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699613126919&rpt=1192&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE5F 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnaJTwyHHOJor-emY4o1F6FKYMgBE-2SHKBEbwAmC6cI8cglBcTBYfbezTCwO8HHhvW9j1Cm5bnE7R9JSxI2SBGxNsU0tX_24esoqVTkxI-0hFbx5jetYXRsU0pC5DWhn_kVegy2ljWB8e&sai=AMfl-YR79imNuvIDHgU3usbh0CGQltCZGWmlfGuM5pXko3l0aDHiuee6ZqyMd1w5VyGeA7Qfmz94BjjAzC3ARF2v0bLYl7qYF62lGBRmmzSOjxRkaGajI2PQ4TSqKbWzyzZ3xS0QjpmnIUWB1cbb-9KscQ&sig=Cg0ArKJSzGlcRFfULkHLEAE&cid=CAQSTwDICaaNodjOiOlZ-iXal-d3k8z6MPJaOL61MSBQWfgafOp0SVt9cZJ6JBMepZjvk32uths3TBRUEk6XSDEJUW5BvA34dH3yLgxzP_bgZXYYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699613126961&rpt=1184&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Nov 2023 10:45:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame B89B 119 KB
12 KB 9ms
8ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: a2557a608ec9c6801b541eaa424bdab3e0dc5ea8406ece257c4bb7503b214575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:45:52 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 03 Nov 2023 11:17:44 GMT
server: nginx/1.12.1 (Ubuntu)
age: 68377
etag: W/"6544d6d8-1db2d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12359
expires: Fri, 10 Nov 2023 15:45:52 GMT

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame B89B 17 B
159 B 831ms
271ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 575a4bd0dbf369812d19fe8d40cb307235cb4e625f167a7ff506615e2df54186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Fri, 10 Nov 2023 10:45:30 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Sat, 11 Nov 2023 10:45:30 GMT

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 5D83 119 KB
12 KB 8ms
8ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: a2557a608ec9c6801b541eaa424bdab3e0dc5ea8406ece257c4bb7503b214575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:29:41 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 03 Nov 2023 11:17:44 GMT
server: nginx/1.12.1 (Ubuntu)
age: 69348
etag: W/"6544d6d8-1db2d"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12359
expires: Fri, 10 Nov 2023 15:29:41 GMT

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame 5D83 17 B
160 B 815ms
270ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 575a4bd0dbf369812d19fe8d40cb307235cb4e625f167a7ff506615e2df54186

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Fri, 10 Nov 2023 10:45:30 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Sat, 11 Nov 2023 10:45:30 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame D116 714 B
753 B 18ms
17ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 11020
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 823db4cacaa165ae-FRA
content-encoding: br
content-type: text/html
date: Fri, 10 Nov 2023 10:45:29 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70FJBmw11PQqE6tJ76flIR7o%2F%2Fj7t%2Bug4h6iOw5ZUoDh2Dj%2Bmy0sq7gQ%2Fg3QOFhuzhLrIqypd%2FwpglKOJsoLoMXkujwpjFLIDSnKRbZBYqV2KgcW0PJm7I%2Be4rt99pmQIzTPJ1QluwTSPTBrnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1604
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
555 B

37ms
7ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 10:45:29 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 10:45:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 9B0A 35 B
273 B 278ms
94ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 1438 714 B
751 B 20ms
19ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 11020
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 823db4cadaa465ae-FRA
content-encoding: br
content-type: text/html
date: Fri, 10 Nov 2023 10:45:29 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFDjBY7t9kdsPL%2BXsM95%2FBaquWLLT4uIL0hZrZ6b9ZQlsb4TQ1BwlN%2BfW0G%2BMLgYqDMj2EHSqOhoP1AjW6IioM6%2B7tjtBO6hVvvklipaVji41z1x9I1%2BbpDlwhZDE7wy0MIUYABWSUsNXpYd9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 1B58 35 B
273 B 287ms
104ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 66F9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
555 B

39ms
7ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 Nov 2023 10:45:29 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 10 Nov 2023 10:45:29 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D116 102 KB
31 KB 126ms
84ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84b4c6b4ed0ac2a42730fb907bbe800efddd7135dde26c568f44f1b30612d26d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31193
x-xss-protection: 0
server: cafe
etag: 37 / 19671 / m202311020101 / config-hash: 1836788181091444997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:29 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1438 102 KB
31 KB 210ms
175ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70f2ba3fb9d1f11ea1369d3c519d4957fa0777a376dc6fdf7f5545f5e04637fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31192
x-xss-protection: 0
server: cafe
etag: 740 / 19671 / m202311020101 / config-hash: 1836788181091444997
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 10 Nov 2023 10:45:29 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 66F9 46 KB
13 KB 11ms
10ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 10:45:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 04:29:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63708
Connection: keep-alive
Content-Length: 13280
Expires: Sat, 11 Nov 2023 04:27:17 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1604 46 KB
13 KB 7ms
7ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Fri, 10 Nov 2023 10:45:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Nov 2023 04:29:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=63708
Connection: keep-alive
Content-Length: 13280
Expires: Sat, 11 Nov 2023 04:27:17 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1604 7 B
380 B 57ms
10ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: aca6c52e983509e86b136a052e19be23
Expires: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 66F9 7 B
380 B 55ms
10ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ Frame D116 426 KB
134 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31825
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Nov 2024 01:55:04 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D116 499 B
274 B 49ms
49ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2968537696266768&correlator=1462066494843848&eid=31079524&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1699613129631&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=m03ripdytjv6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2098710185.1699613130&ga_sid=1699613130&ga_hid=1106981262&ga_fc=false&dlt=1699613129428&idt=184&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f80902a1946317184c4e6f0eae60ed9b1496afc720d2b0258846ec6ad56b5ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
463a07c21df07ab36101f57534fbea4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6F3F 6 KB
3 KB 106ms
41ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://463a07c21df07ab36101f57534fbea4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:29 GMT
expires: Sat, 09 Nov 2024 10:45:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ Frame 1438 426 KB
133 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31825
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 09 Nov 2024 01:55:04 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1438 499 B
275 B 52ms
52ms Fetch
text/plain 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1326947860529608&correlator=1769832510500422&eid=31079520%2C31079521%2C31079524&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1699613129730&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=uv9zfdbxo8nl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=753364601.1699613130&ga_sid=1699613130&ga_hid=313794489&ga_fc=false&dlt=1699613129436&idt=287&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56b410c098567e42da9da7e4fa6c498dee7e0c1c1ffef3c0aedab933eb4a715e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
acbe510194847689608d8664d47963d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 00E2 6 KB
3 KB 57ms
42ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://acbe510194847689608d8664d47963d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:29 GMT
expires: Sat, 09 Nov 2024 10:45:29 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D116 16 KB
12 KB 56ms
55ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3922679a6682b9939228faf9c7d8b768744abc763eb20d718fa4780854af4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12432
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1438 16 KB
12 KB 55ms
54ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eb93299ab9c851a6e3762779d16b9cdce0ceed7d142980d5ad807e3ba02ae49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12275
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D116 17 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 10:45:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1438 17 KB
6 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 10:45:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC9D 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:28 GMT
expires: Sat, 09 Nov 2024 05:44:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A514 829 B
560 B 26ms
26ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aff1cc8560367ba98aa34710f89a14934ba535e0c505b492740e0307b5feb1b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NId_uJ21RX-nj6kcx73c0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NId_uJ21RX-nj6kcx73c0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:29 GMT
expires: Fri, 10 Nov 2023 10:45:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame EC9D 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 05:44:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A514 0
0 40ms
40ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=2968537696266768&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 990C 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 05:44:28 GMT
expires: Sat, 09 Nov 2024 05:44:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 65B1 829 B
558 B 26ms
25ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1fd1c74a5cbeef353488b4d105cc02933a2281d06d030206258cd35ebeb36a17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zoctoMjMhYgdI3P1sDeQdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zoctoMjMhYgdI3P1sDeQdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Nov 2023 10:45:29 GMT
expires: Fri, 10 Nov 2023 10:45:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 990C 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:44:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 05:44:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 65B1 0
0 41ms
41ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=1326947860529608&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC9D 0
10 B 14ms
13ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FW2v9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 990C 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?joMVag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 5D83 5 KB
4 KB 559ms
282ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=eu
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 67da4eb584926ec3303180c03c0e120d7d5109673f68f5f8eeb1e238bb02b638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame B89B 5 KB
4 KB 560ms
285ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=eu
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2c383b679c8dd063fb0d6631bb24e783909ec73ad8e6f14fcce7d376920374af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D116 0
0 44ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=2968537696266768&bg=!KCulK2TNAAZxrfrxUa07ADQBe5WfOJE66WGB7FUFV-pcRyedm4L7cdGEGEhcW1YcJ07JSoVPvbLR4ZIY3_uy96EnU1MhAgAAAMBSAAAABmgBB5kC6f1iP6vUTNJRTzlC8dkpDUY_X6YxbMAy1yPchatcja0z4HJ_BQeN2aKiTPHsmFgfdilg5yQpQQD5xIX8BbQf_FI3un9oLhkRXKZNxpw4aIErcIrskwuTtz5nG6LQAqQ-DyzxC0NLt3xEE7zdg_GmsJF3ukmu1MUsQenaI7D__6yslvAcaMezOlbXmEG_Nt29hXwWC_dRYZy8cfxjdcs4EZu-6BOlL9Zz899ibPMnrWL7cSj9MAG629jjdcrQq9e7_ke0oyi88elETdH48KAdUAJQtvtt4U050Lki1guT8B0RdY-N1dCJZDVbsXVlbXu8I9gsnjmP3kcbm47T2U2pC1fgwBf6xQcFJXPvAm58DN_yzqv9ijxNOZ915u8NQ7zVIb67Zq6hFmwj7_-j0JSjBEk87OiPwqnCm7fde2pEKmymEK65Rq_QbDx-ab8XEXFjiozYlBBfYMAlx7WNvYDGKn0hGkB5XlqDjw5E1v59QrmvM1Q2a8C2osF7poA0_BYXzcVP_7lpLnMft096IVXenC5noATwGioZXVjbyN4PHM4IH4zKw_Q6RR00pham-CdPHx9c6p5RiS6m-FbUEptj9CJ0WBQ36zwqo371B4nI5OJ2scOqbS3z_RZ4rubEw0QvaJm1uA2lMJGMWwIt_xWETfpRhJqykrc4E1G1aT12kltqUBfDlJXcpEuxuwk5vtamy-4iwxgCacifkx50nTxg-vGm1uh8jFIcSaJz0h5YpzkEwOo6OktaXnVLtj1ZoVlJpQ8CaxKLmL4hyPaBLtuYwxFMejpGEzu6taRNvOrYZN6WOVSY5KhpP8Jzk2tsIMy15OfGE2dB95BWLAsKsCICjiL2wpRPS1Qqs-QAQOqBWcFlWa1r4Xu1b-GHT0PqwcOb9PZd3pRFNUOp30bXwt1SIeE-XtA8ONlzDjKPyIH0fsB-kVZNi9LQ5hLBAH07sij33mhTU24_I7B72rHOnSzQBbts9ZzhXFykg88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1438 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=1326947860529608&bg=!wMOlw4zNAAZxrfrxUa07ADQBe5WfOOSyAEdc1QB1RUi8DUFHyiL5e2li2Qiw6sxmrUsnu7RrVOnE1frOHSZTm2EEoqCyAgAAAJhSAAAABGgBBwoAkW1Jf752cK7olET1Eh3rZ3oqSfeH36IT3NNBoTMjXOmNED_wkU_GBE5EhpxRKwC6S1EoZCipQIAne_yrjObTA9U9gveqpbTGk20ZMJWUfmbTPy2lcjP4Zs_RWdslWFJ1GIsNahXMLTlZnWuG4IyahvS6auxxMYIEtIJ7fCKo-Cu55z-ZZHG9ucUOU06feGYZ1hCZAugGYB-vqPcP1P_z255pNTzzmUQ_JBUg5gWbFHVUOFPD2-uvJ6uuuE0eMEBoqU92myhkZYyiNJ-dQ-_2_ncvUM8oCpez2NVGtra4dCfyDgILETbGHhRf7zmKECEBwjbI_wrzJO-fyJRrs2dxfQqlVlnqE09-LTo3t_o2dLSbfZa3xOfrHdjopW78yTs9MAYoxDSApuSmH0xIa1ivAM_olVqDNxwD-RDk-T1_OQ0uvoWKvmKbo6l62ejBU7I-tdJTGldz-_CI6Fn5hrSi-vxg9XDWSx64zrKyMjR2VNzfmIBNOFNrgztQweILSm4b7wrxii6op-JpXQT1jBE6XDQnWyrxUiSHRk-EgnnsdQyastSDpOhU_Txo3hCA2d4C-j4Rpg6UIivlxelEiXo3vagi75koY_2zo-DIyhEjg75s5dwy2vUuetu30Qq47-EssxTgJJp8tbEGaqsoST_IqrZJwGiq7OabGNzw4a2cj1q9Js1GOnd8KSviYm8TVRIhUr7brZjoQApmb5Nx_sOwWWkMcb4JzjMWvjl8-vlJYk1w6bwsEpV0xlUHsB9yaPBKAP0GvXRgSomkPCLU4eWKO4DU8ddyu1JMlNI8kJagNwtnXrOZzcxesxu26B2W7ncnZEFrEl2900-oPGZrp7LmthZv_d5khwlnLoMG_XJk4L6fkhNEIJO1tAkE3wn-F2EVx1qq7O3Ngwndt3gHymZqVCHA-IB2WbyUhScCUYdxBSqRkq45u4Bp5nM16LOML9zhIu4BVyyflmwm9JRAQLuZcE2E5nqPrs-qzz24B1W0mLp6jsDQWxLZZWIEhX7LuvHFgy6C68skgtwQfD_vMQu5c_aajjrssCiaQAP6eNGgET9YKNLcjedIF58CeusU3WjDaVKRw7vDZ8uIv21qVrMSCWTWlZNnECOhbMU4UBXkKEasAXUzBi8oGKafiWgv5YPNs7iXjeYP9U83eIPMn3YVPHRX_uqWANBksNcR0go
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 2332 70 KB
5 KB 37ms
18ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 702365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdLO0xbs1sm4AwqO2wXLYzDahmTxEaeuLKn%2BxY%2FNXgQvdW2utvd306UiqZc0xh6uI9dii1MUlfWek46z7toOaY%2BvGnX1Uyko%2FAEUx2vkEI5jLWYmYt9wHTycK8NNtA9D6MCGiChOQKlprQXDzvdGq1va"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 823db4d32b2d5bf5-FRA
expires: Wed, 30 Oct 2024 10:45:30 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame 2332 7 KB
3 KB 8ms
8ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 6d5b85075be31a49205b7ff4298609dc5aa508a56775579d3370a33ecdbc64be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 17:09:02 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 03 Nov 2023 10:28:12 GMT
server: nginx/1.12.1 (Ubuntu)
age: 63388
etag: W/"6544cb3c-1bed"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Fri, 10 Nov 2023 17:09:02 GMT

GET
H2 200 aHR0cHM6Ly9vZy5tb21vc2hvcC5jb20udHcvMTY5Mjk0MTUxOS9nb29kc2ltZy8wMDExLzc4MS8zMDEvMTE3ODEzMDFfUi5qcGc.jpg
img.feebee.tw/i/QYYD3Wlfsf-s75LF1MNcbkZpES0d3OnfzSpcx8YlLCc/372/ Frame 2332 36 KB
37 KB 515ms
438ms Image
image/jpeg 130.211.28.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/QYYD3Wlfsf-s75LF1MNcbkZpES0d3OnfzSpcx8YlLCc/372/aHR0cHM6Ly9vZy5tb21vc2hvcC5jb20udHcvMTY5Mjk0MTUxOS9nb29kc2ltZy8wMDExLzc4MS8zMDEvMTE3ODEzMDFfUi5qcGc.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 25136278acab9c28cdf91ced98b87885c541a60398aa1d9cd674c03bf16996ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="11781301_R.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37374
x-request-id: 4leR94Nf1bA5mYjxpsLM-

GET aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS03cmJrdy1sbGJnNHRsdTg5NWViYw.jpg
img.feebee.tw/i/BQ93XKrPbj-yyomo0sdLmgmwMUNMMZ2Y0hS_QhvshuI/372/ Frame 2332 0
0

GET
H2 200 aHR0cHM6Ly9jcy1kLmVjaW1nLnR3L2l0ZW1zL0RZQVoxQkE5MDBCSjBFVi8wMDAwMDFfMTYyNTIwNDIzNi5qcGc.jpg
img.feebee.tw/i/PnFNY-6TZv-ROe8k_LTyrG19ALQtQ73H4IAAhxa858M/372/ Frame 2332 15 KB
15 KB 662ms
585ms Image
image/jpeg 130.211.28.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/PnFNY-6TZv-ROe8k_LTyrG19ALQtQ73H4IAAhxa858M/372/aHR0cHM6Ly9jcy1kLmVjaW1nLnR3L2l0ZW1zL0RZQVoxQkE5MDBCSjBFVi8wMDAwMDFfMTYyNTIwNDIzNi5qcGc.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: a30ca8ec83690d0e326fe56bf32905e479fe659e6bdfadf34898f0d5362b3215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="000001_1625204236.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15018
x-request-id: rMf7YMt8qeYSSuqN1yRaZ

GET
H2 200 xuZK_TIcZZLU6wsUm2YS8CvtTesf_Fmkk0tCMverTbccvuf0RjXOMTV6wipJ7Kpw8SiQWbGXvmOEr8t-ut9gsKiPgT6eEzuUi5pUD0jabCNKRzG9LFptb9XtD1jxSqhl_PhzHGqXcGddop_q6MTTXpBuqTXQaUs8MnLWAIaLrVw2jYRPkS3nyrES6EVoqWYoe0BKL...
fsa-api.feebee.tw/maji/v2/view/ Frame 5D83 842 B
922 B 389ms
272ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/xuZK_TIcZZLU6wsUm2YS8CvtTesf_Fmkk0tCMverTbccvuf0RjXOMTV6wipJ7Kpw8SiQWbGXvmOEr8t-ut9gsKiPgT6eEzuUi5pUD0jabCNKRzG9LFptb9XtD1jxSqhl_PhzHGqXcGddop_q6MTTXpBuqTXQaUs8MnLWAIaLrVw2jYRPkS3nyrES6EVoqWYoe0BKLOHt5-XU5PbhRj8lyg79db8_YcLwYtLMwczz5aHRrXoHsfCSj14HkNtJfno-pRWkDBkT6D4PsHVPXPJL-kN8H2JkfAQXevHAN8pMUgCqdwrRhcgmT4ZoL36SWcaRjcb2sxIwtBtwfNYAxrV1RN8xg.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame B536 70 KB
4 KB 29ms
19ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 702365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU%2FDaGFmkxWuEpU0%2Fr4chHG4jjm5vQigWEwCHKLK0%2FWwFAGSDpOV32Na9bE26lVFetHqXT%2FzbS1EVIjB5cuWLuH2krxv9DeRrOy0%2FCbGfDW4cHg%2Bt5xAY0VLHhCDx1cHldJji2Nza8%2BSLPmBufXifo4Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 823db4d32b335bf5-FRA
expires: Wed, 30 Oct 2024 10:45:30 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame B536 7 KB
3 KB 9ms
8ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 6d5b85075be31a49205b7ff4298609dc5aa508a56775579d3370a33ecdbc64be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 14:02:14 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 03 Nov 2023 10:28:11 GMT
server: nginx/1.12.1 (Ubuntu)
age: 74596
etag: W/"6544cb3b-1bed"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Fri, 10 Nov 2023 14:02:14 GMT

GET
H2 200 aHR0cHM6Ly9vZy5tb21vc2hvcC5jb20udHcvMTY5MjYzNTEwNS9nb29kc2ltZy8wMDA2LzE2Mi81NjQvNjE2MjU2NF9SLmpwZw.jpg
img.feebee.tw/i/2GJe2qZVirGXRsHvMqvcuZTXdbA_6C2ViSfquVX-5bE/372/ Frame B536 9 KB
9 KB 536ms
468ms Image
image/jpeg 130.211.28.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/2GJe2qZVirGXRsHvMqvcuZTXdbA_6C2ViSfquVX-5bE/372/aHR0cHM6Ly9vZy5tb21vc2hvcC5jb20udHcvMTY5MjYzNTEwNS9nb29kc2ltZy8wMDA2LzE2Mi81NjQvNjE2MjU2NF9SLmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 36962dd4a828e4237eae306a000debfc8fafc46ad87d0f980e1830c524ffe6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="6162564_R.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8819
x-request-id: qR3AWWSzxKLxhasI2CKJf

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS85NDE5ZDM1Mjg3YmViY2ExYjBhNjBlZjE1YjY3OGQ2ZA.jpg
img.feebee.tw/i/V_uVMLc_TT2GstN_W_HQV4ukeCRZ-jWx2BfC_hX8D6c/372/ Frame B536 13 KB
13 KB 516ms
448ms Image
image/jpeg 130.211.28.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/V_uVMLc_TT2GstN_W_HQV4ukeCRZ-jWx2BfC_hX8D6c/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS85NDE5ZDM1Mjg3YmViY2ExYjBhNjBlZjE1YjY3OGQ2ZA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 819dc8d5293f59002f73c2820ccc06bcecbc0f0979090e4973759930272b8191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="9419d35287bebca1b0a60ef15b678d6d.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13381
x-request-id: 7X3Ku6m1WRdaL-f-spZ7H

GET
H2 200 aHR0cHM6Ly9jcy1kLmVjaW1nLnR3L2l0ZW1zL0RIQUJCMEE5MDBHRDhMVC8wMDAwMDFfMTY4NTI2Mzc4Ny5qcGc.jpg
img.feebee.tw/i/eWwPqtR9ylmyurtKTmrqJAcYQ8xiMM2ypES8n_H5Yvw/372/ Frame B536 25 KB
25 KB 661ms
594ms Image
image/jpeg 130.211.28.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/eWwPqtR9ylmyurtKTmrqJAcYQ8xiMM2ypES8n_H5Yvw/372/aHR0cHM6Ly9jcy1kLmVjaW1nLnR3L2l0ZW1zL0RIQUJCMEE5MDBHRDhMVC8wMDAwMDFfMTY4NTI2Mzc4Ny5qcGc.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 2caddbc3052deccaae9cdf162671d2b8d53f9159518da4c243d402c07b2ef48d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="000001_1685263787.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25175
x-request-id: yFOCxgKXSMZn2hZ1_deAo

GET
H2 200 xuZfYyJ5pLEhCDulvUkrThOoPRDrX05Jo2PPXnVYhi9LpqijaUmxMV5MrxNXWJpL6f643U1hpI1OfCkvF20-hAxY7a4h6EMlniNGrG6E8-bVeCfy2p3EBQOZum811jhC984wyRjGHHlY-EBk1yQx8RxbcnqjzZf-ASb6QNSFo3OJvwBuzIsRws2j_2L-WSotqpP36...
fsa-api.feebee.tw/maji/v2/view/ Frame B89B 842 B
922 B 378ms
272ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/xuZfYyJ5pLEhCDulvUkrThOoPRDrX05Jo2PPXnVYhi9LpqijaUmxMV5MrxNXWJpL6f643U1hpI1OfCkvF20-hAxY7a4h6EMlniNGrG6E8-bVeCfy2p3EBQOZum811jhC984wyRjGHHlY-EBk1yQx8RxbcnqjzZf-ASb6QNSFo3OJvwBuzIsRws2j_2L-WSotqpP368zmHI55Xpkl2H1Tm1aZMPTIy_OTTHMGE8WvrOtWYQtaWj9LhWAZUGanMnqAhgnc0L8SWHQnqXnhVjbLYVBYiTb10fWwC1qYGCD4JlzB-RQYEObxn1b3QeJL8O-zRZ1armfppDQW7-8wWNSkZoYvw.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:30 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 5 KB
3 KB 8ms
6ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/6d7052ff6df13eae564657f4b45cc79a.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:53:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:53:44 GMT

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/12807486595921873393/fonts/ Frame D0C6 172 KB
75 KB 9ms
7ms Font
font/ttf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/fonts/ibm_plex_sans_700_normal.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:53:49 GMT

GET
H3 200 94b8e4ecff73b8a16c70e2331be84df9.png
s0.2mdn.net/sadbundle/12807486595921873393/media/ Frame D0C6 4 KB
4 KB 9ms
9ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12807486595921873393/media/94b8e4ecff73b8a16c70e2331be84df9.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

015b7e58f0c92c52619b207ea31059ade01dd99e1329e98cb2695fa1f324dbb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12807486595921873393/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 05:43:07 GMT
x-content-type-options: nosniff
age: 18144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3688
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 10:16:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 05:43:07 GMT

GET
H2 200 xuZO13KVF2PCNqimonKgngQEGB6DGzX01JQs-GgqEm8prMS4Qdl3LNTqUbNd5UUS0S4suBIILfn2qrV4-j5bspmqvxMUCn5ghrqAGvH5t0DAORmx7y4I283wl9F63LpXHpSEgSaLz5yck5OJLyb2C6JqyLBMhp3Cz84C5mZOxdntQYO7GIXmPFbvspZ3NHuEjX_KS...
fsa-api.feebee.tw/maji/v2/beacon/ Frame B536 842 B
922 B 283ms
282ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/xuZO13KVF2PCNqimonKgngQEGB6DGzX01JQs-GgqEm8prMS4Qdl3LNTqUbNd5UUS0S4suBIILfn2qrV4-j5bspmqvxMUCn5ghrqAGvH5t0DAORmx7y4I283wl9F63LpXHpSEgSaLz5yck5OJLyb2C6JqyLBMhp3Cz84C5mZOxdntQYO7GIXmPFbvspZ3NHuEjX_KSCWIzdKkNjH1rY90NFD27V46ChpUPS9D0gcrnzPINpoqTa6MVTTLLoy02LTFkeGXGvh8dKTrqSpEp2kaf-2-gTtVbQGWRP1yYDOrwb6TkWEqRv276iMUQmhxzmbA1unNIksXt7us1xvsI8D1vp5c2RkTZssNUgsEkk6tpd1X0nroKBuy1KioFn2xJ06vMOZRahQvEt2BHLFTFE89SCQvByYJ5XNlITC6k9o0MA6VAqhuZ3D-k3445zZvUabeiQQxxr89WmVKkCCiHUzGalPGg.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 xuZyoZSYfP80RLLtSORAQNPww70ZO2nK-kum0z6pYEefcC3dd4eaR15iDXcCY_FCe7ezV4pckaO8NS09ToeLF_u2ZakhFRU8_2Tnqej6JVHQavZ_nUssmNqKDeI-5I3jRvQUR3qqugcrhp4Ksrie_Ga-unWFKSCcs206CFGdIGlanOspb3xreu_a0aWgG2fW_mL6m...
fsa-api.feebee.tw/maji/v2/beacon/ Frame B536 842 B
922 B 280ms
279ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/xuZyoZSYfP80RLLtSORAQNPww70ZO2nK-kum0z6pYEefcC3dd4eaR15iDXcCY_FCe7ezV4pckaO8NS09ToeLF_u2ZakhFRU8_2Tnqej6JVHQavZ_nUssmNqKDeI-5I3jRvQUR3qqugcrhp4Ksrie_Ga-unWFKSCcs206CFGdIGlanOspb3xreu_a0aWgG2fW_mL6mMfEtfWSWyi2XISbwQ4NLCGtHS3jVNc_-RTdUo9uQ17P1EwSd1U9MF7B7Gw5dekkkyrDYNFmUY7aXv4dsBznZJa8KWZFLSrFg_Uuks_QJkJ1mRrOlksH1gCK9bs2-IiZsJb5Yny2uZHq15HQDChj6vDrF_6Uodd9bFAOTGp9ZyQ5_qkmh4sL4hTKctGNHKdgoYUNszCh9QcfVwwBU1Pcg.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 xuZO7tezt-wnNYTffVe106g63hSiXXhQVA-vXRKIMTwy5SSL1SRHrNKjN-HONNas3WnYAP5oQp5q2z3G989EF3sXgSZXQBxYOlVQi3DqHD3T1hx4UD6GRYn0Q3SQJM6aY7_Ai5JiXDsmegCOq9XAZzQSmRqFKefFmQQb6sC2ert1a9gGyBoEuouKsI5bea-Nu-wBy...
fsa-api.feebee.tw/maji/v2/beacon/ Frame B536 842 B
922 B 282ms
281ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/xuZO7tezt-wnNYTffVe106g63hSiXXhQVA-vXRKIMTwy5SSL1SRHrNKjN-HONNas3WnYAP5oQp5q2z3G989EF3sXgSZXQBxYOlVQi3DqHD3T1hx4UD6GRYn0Q3SQJM6aY7_Ai5JiXDsmegCOq9XAZzQSmRqFKefFmQQb6sC2ert1a9gGyBoEuouKsI5bea-Nu-wByGHA9SK-FneYonI3yEXhtF93kDRuUlDxz727uv74AqqOSbQXoSm71zVaw9xRNdY9m8qQV4Lo6Pw_BDTe6Xinc1HWp1dMH6V4dmbrFi2a9U0OBgaleHXhbxvkX6WPXXzfgGV7P-R33wJLoCwNCn0FyB7-NYfR8lM8GQkPRld2AFeTWyr8wiKyQ8yMphOMlbumBM5ff9po2YJ-NLcR3AY098PS4FXCWepUJyNrUxvVU4.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 xuZK7V5tVcORgcZNB7a13aXxnZNLIBwauHc1xWb4c3TT44lK5mY88ZSDLXD0LDMbE5P-NIiwnNRBlywY8hZCy32OF5YrumIbJRGoo4Em24Bf4Ua31Y7ljxsz28xCl2jYZPpuBV05xQOBUXaZdiujMjmmePUBBXzq9zIuX2G1XgSNtCqvCrr0mFT2yNUtB9xrmGzxZ...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 2332 842 B
922 B 281ms
280ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/xuZK7V5tVcORgcZNB7a13aXxnZNLIBwauHc1xWb4c3TT44lK5mY88ZSDLXD0LDMbE5P-NIiwnNRBlywY8hZCy32OF5YrumIbJRGoo4Em24Bf4Ua31Y7ljxsz28xCl2jYZPpuBV05xQOBUXaZdiujMjmmePUBBXzq9zIuX2G1XgSNtCqvCrr0mFT2yNUtB9xrmGzxZIcimaeeaFPWbhY7sHRoJCTfoCuXelCtrlQ3mC18v9ECL537Yzm1BAGFGV0tRYHvTk-FDgrtSIM0cyNcyFt9jQChuSeWqlM_N89aThwE3HEyKdLgh61tUmH37gdeQqX9kNtJWU8LfvEwCHv13tHZxvWOa9Q_05W6e6y_P2yTYe3rWcZYZxbXCgbPVqleHYY1G5sQL0o3RRFYK_VGVOBMLINIQ7Bn0aHqgQKuMDWX_zcv1HHKHBirUYMXViqZVp2mqoKi1_WI6Q0MxdIw70LVw.gif
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 xuZKI70_edxzqoD3NyrSElw6fhhAwiMXCvtVnAbyU5F50O1Eu9i5wU7iH0v01k1lvTQBfVkpnchXzMfxpqXj63PdsLY8ev0zwwHkVbtooQKmge18X898th4DuWgGjUhE5SFeApMzXbHCJ8ptw4TQLf7w5WFHpv5e8zZs9gPXAQwSm30a3NZYfguEsim3TC7j5bBmJ...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 2332 842 B
922 B 280ms
280ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/xuZKI70_edxzqoD3NyrSElw6fhhAwiMXCvtVnAbyU5F50O1Eu9i5wU7iH0v01k1lvTQBfVkpnchXzMfxpqXj63PdsLY8ev0zwwHkVbtooQKmge18X898th4DuWgGjUhE5SFeApMzXbHCJ8ptw4TQLf7w5WFHpv5e8zZs9gPXAQwSm30a3NZYfguEsim3TC7j5bBmJK5uIczMMOLPOIjpnL2W8867p01_Z3Y72f5m6Ax975HhhBqJM1ApxCRiSeGy-WFQRPEsZFN0oUC-gcRXLzROg5mEcFl0PeJgUEFPFgZcFtBXr8scsg8DUzZY7nkxc250OUrom3QSu9hJ9x2kU6QiMO2009WlSsg4OCbcxrTAbOmSCf1YR776IVzCousQA4geiqGsi3XtaHo6NHXyrHDfA.gif
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 xuZnQRd6IEpMgq57_hz6wSBRDKGA-D_YUbZso7WzIzOoDXhMJBqI5QBJOmqjQ6iWRrMuorxkY_Q__H7qyp5t1b75_KgL0MHkzOXPQutA734Y6MhuLaM2l2M7YykEf_iZdZLLG8Wo-9yZN2wFjeb3DaUSRaOMmE_cZy1gweNETGZgz1z0-pDFDuIuTabL8m8aINwFL...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 2332 842 B
922 B 279ms
278ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/xuZnQRd6IEpMgq57_hz6wSBRDKGA-D_YUbZso7WzIzOoDXhMJBqI5QBJOmqjQ6iWRrMuorxkY_Q__H7qyp5t1b75_KgL0MHkzOXPQutA734Y6MhuLaM2l2M7YykEf_iZdZLLG8Wo-9yZN2wFjeb3DaUSRaOMmE_cZy1gweNETGZgz1z0-pDFDuIuTabL8m8aINwFLe_wb9M06nxS06ohHkVR4zdrU797qyU_M1EkYcuB9GmdhN9viqcwDjebQecrBRVoSfAFP-XXl9dmvkEumNpRzS-NeSi9NjMn6-u31H5WoggtGDfNH8UGn32ekR3iVrvMaaXBlymdiKoA-v8C1oavv_ziDKPETRvNkfG8C0WuQpqrWrPjA-sjLKXyVNmwsQtlH3KiPYE5gpLLygQQMPq0FkWKq-TtKz5q3XcvJ-IlEA.gif
Requested by: Host: risu.io
URL: https://risu.io/GxeOH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 10:45:31 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.feebee.tw
URL: https://img.feebee.tw/i/BQ93XKrPbj-yyomo0sdLmgmwMUNMMZ2Y0hS_QhvshuI/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS03cmJrdy1sbGJnNHRsdTg5NWViYw.jpg

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
risu.io/	1970-01-21 01:42:53	Name: ahoy_visitor Value: 661562b7-d837-4be8-93b4-5c144a97737e
risu.io/	1970-01-20 16:06:53	Name: ahoy_visit Value: 7bfbfb48-9ff3-408e-a010-3b9c363904aa
risu.io/	1969-12-31 23:59:59	Name: _risu_session Value: gkzr%2FIdQ5rG%2FZo4sWyic2EmxfVrfqAayQeidJv4hd9OdiiYDCMYtsAXVi3vY4cxP6YKO7iXqepeFGW3mIPV4ygFLNyj8yqVa3CKnRNPgr%2BLpW7Z8K5%2FUiUIYiDSWNvsVynhFoFVB%2FlsjRLI5JjybKEktN3ttBnNMRByBV0s%2BfpfnupUCZZsw--e%2BZPuyViRqP2Boz2--alCReG8qvdFki1WEzw7h4w%3D%3D
.risu.io/	1970-01-20 16:06:54	Name: __cf_bm Value: 0JmUuFf.f1iuH3vH0bX1aisocipihSdRQSCvzQdO3Mk-1699613125-0-AaVyp4ix2EmOzS+Paf7Q2WqCCpVetzOJd2CGMYNKXDumgOmSCFfp2yX2DJoFw782k0X15ex0H4gz3J3wF9Qj9ao=
risu.io/	1969-12-31 23:59:59	Name: prefers-color-scheme Value: light
.risu.io/	1970-01-21 00:52:29	Name: cf_clearance Value: HmeMoK8dq0nTET0ejyNRSxakw5tSKbym9hIwi5Qeak0-1699613126-0-1-67c90492.568f467.d5fc1d78-0.2.1699613126
.risu.io/	1970-01-20 16:08:19	Name: _gid Value: GA1.2.1407952902.1699613126
.risu.io/	1970-01-20 16:06:53	Name: _gat_UA-146086888-1 Value: 1
.risu.io/	1970-01-21 01:42:53	Name: _ga_H814P3QJ03 Value: GS1.1.1699613126.1.0.1699613126.0.0.0
.risu.io/	1970-01-21 01:42:53	Name: _ga Value: GA1.1.1998497156.1699613126
.risu.io/	1970-01-21 01:42:53	Name: _ga_ZH634PL121 Value: GS1.2.1699613126.1.0.1699613126.60.0.0
.doubleclick.net/	1970-01-21 01:28:29	Name: IDE Value: AHWqTUlR90cSX5eeZdnet1pwiyPaI0mAz8SIAyH1UMY6Kn3iOrItJCkqsQjqidEa
.casalemedia.com/	1970-01-20 18:16:29	Name: CMPS Value: 5131
.adnxs.com/	1970-01-20 18:16:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb>w839o!@wnfH8K6pQK`!5=E<L5?%MjQ.vGYA/cjYf1H!4/Q/5iH6:W?[1C5-RVl@bpRzqF1`b_Y.)JY?
.adnxs.com/	1970-01-20 18:16:29	Name: uuid2 Value: 3119676738328450967
.risu.io/	1970-01-21 01:28:29	Name: __gads Value: ID=c2ae8be1d25862b9:T=1699613126:RT=1699613126:S=ALNI_MZYjrwphxlOWDt5fHDXUp3qM0nbeg
.risu.io/	1970-01-21 01:28:29	Name: __gpi Value: UID=00000cbf724a086a:T=1699613126:RT=1699613126:S=ALNI_MZzMSK_QYdDRcd7Bweku20dR1f4lA
.doubleclick.net/	1970-01-20 20:26:05	Name: APC Value: AfxxVi6NhgLSbXlCkKdl2wSJ-p6jUiQgxSK4eKyzhBzLWAumfmBSlQ
.casalemedia.com/	1970-01-21 00:52:29	Name: CMID Value: ZU4Jx-4pDnhs0OtsqJfktgAA
.casalemedia.com/	1970-01-20 18:16:29	Name: CMPRO Value: 1125
.aralego.com/	1970-01-21 00:52:29	Name: sspid Value: 6478d452-a4d4-3b74-b2c1-dba949050885
.c.appier.net/	1970-01-21 00:53:55	Name: _auid Value: TX36vtnWC0KRnUQXyAlOZQ
.aralego.com/	1970-01-21 00:52:29	Name: euconsent-v2 Value:

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s0.2mdn.net/sadbundle/729354386462554019/null Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/sadbundle/729354386462554019/null Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

463a07c21df07ab36101f57534fbea4b.safeframe.googlesyndication.com
acbe510194847689608d8664d47963d9.safeframe.googlesyndication.com
ad.sitemaji.com
ad2.apx.appier.net
ads.aralego.com
agent.aralego.com
assets.risu.io
cdn.aralego.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.feebee.tw
pagead2.googlesyndication.com
pmp-beacon.apx.appier.net
region1.analytics.google.com
region1.google-analytics.com
risu.io
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssl.sitemaji.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
img.feebee.tw
104.18.36.155
130.211.28.216
142.250.185.162
142.250.186.162
162.210.196.208
172.104.105.5
192.96.203.13
2001:4860:4802:32::36
2001:4860:4802:34::178
23.56.202.187
2606:4700:20::681a:567
2606:4700:3108::ac42:2afe
2606:4700::6810:3965
2606:4700::6811:180e
2a00:1450:4001:801::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9a
34.36.145.36
34.98.102.251
35.186.215.140
35.190.36.98
37.252.172.123
60.199.208.47
69.173.144.139
95.101.149.233
00b7155ea2828d60d5678296a90f526fdc09a36c91f53c4ee3e77dea4150049f
015b7e58f0c92c52619b207ea31059ade01dd99e1329e98cb2695fa1f324dbb4
021ca83a9619a0b6c5da3685a023e6d54e8f91c503a11c5ba9c06e5c77ce48c6
0acf78c4b7b8e70c1e761fb49119db7238bf7c9a3806f3f69a1936b40daac9e2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c464c8fe534e1979c2656dfc7f5849499c7829f23d55e9f348baa52fa2eaf93
0fa50a9f9876ac36838a64fabf2d22935d66741bf4ab9e898489a6ddd0b0e980
114b61a7b9891f23037c62608f0290f61e6634390630f4720fb7ac0dbecf6f9d
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
13ba2997ea62a564075f4e9d586d98c0f2662d6f23042e5f39366b2f27f320a9
15162abc2e01cbd18b8ecb56e788150403851c99079664e362eadd776a770b7f
1535347cab84b2b7431d22f29c356f5906552f565f5aa49d0e6922a5d0a4d5c9
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cebfc4ab45f90266355449c663ad187e1e79100bf680515be3c8e4555b8cef9
1fd1c74a5cbeef353488b4d105cc02933a2281d06d030206258cd35ebeb36a17
21fea726c9b91bd4334ecdb0e7cf8169294dbc21b8f0f3afe974ed3a43fc625d
2476eb5a8eb10a8f3d717f89faa3d3722febb85afe82943c8bfe732eb1709125
25136278acab9c28cdf91ced98b87885c541a60398aa1d9cd674c03bf16996ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b989bbf4d86e37bd1d88708d9302ce9bbe88877bbdeab20d963043d4c572cab
2c383b679c8dd063fb0d6631bb24e783909ec73ad8e6f14fcce7d376920374af
2caddbc3052deccaae9cdf162671d2b8d53f9159518da4c243d402c07b2ef48d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
34a2387cabcf0b797d4d19fd2e86739c84c8645f93c79bddaf7420e92daf9e51
35d16f915b6dc9c6a619f60e6bb768c5226e12242caa7ce24e7946b6c0a57a39
36962dd4a828e4237eae306a000debfc8fafc46ad87d0f980e1830c524ffe6b9
374dc66429a5d3fabb947be8b237a02f525595f5a9c3170e4a755e86a89a2edf
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ee8611e642c73ec01d376c8a6a9dc2ab03584ef80b06eec374768979cd9f5b
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c34c89b92ba7a6222f549d56196466135bdbef47e2b1b06545b994b9f96cc4a
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
50e483322a23da4e946c6b02e63aff894ed0327bc5eebb492028be2a236adba5
53239b56a68056e1e657ac5fdba34ebd12f87f32174edc7b61feb454476580a8
53832e6f0edc37423b4cddfb548ce44545141dea7aef27877885aa4689fbe3a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b410c098567e42da9da7e4fa6c498dee7e0c1c1ffef3c0aedab933eb4a715e
575a4bd0dbf369812d19fe8d40cb307235cb4e625f167a7ff506615e2df54186
57e5f5c1c87d05652c665feee88a386c5711ff58b6e13ba1e336430eb432a50b
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
67da4eb584926ec3303180c03c0e120d7d5109673f68f5f8eeb1e238bb02b638
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6cad184993c8dd48fef0eaf48298f4f83956c6b6d79447ac5c5750b65bbf43ee
6d5b85075be31a49205b7ff4298609dc5aa508a56775579d3370a33ecdbc64be
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
70f2ba3fb9d1f11ea1369d3c519d4957fa0777a376dc6fdf7f5545f5e04637fc
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
819dc8d5293f59002f73c2820ccc06bcecbc0f0979090e4973759930272b8191
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
83a65f93d72a5269c2a062899bf5c8de7851468f034d321470d46fdaa99d15ae
84b4c6b4ed0ac2a42730fb907bbe800efddd7135dde26c568f44f1b30612d26d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304
88061330c27cbd036b349914c8d3a9250f8a695ab9fc76a4ec612e7bf1473d2e
8855e9a5f81c83b2a5b857532ad5ee058e5d7460a5e1bdaca11f565ca6f60d38
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9508013aa8cb5143b32e62558f116c06a909d285eace78f4fe2b0a1f3e84fb83
9516c9e4923a17a9a9bdbeda814a5b9522c455d0ef3668186a7fe227be49fbf1
9b28ea51ba99efae71f9583808164dffa71f6da836ab1576abfe2b4c94b1634e
9d0878cc351649089c5981efecd967dca5e21701d976d1ad63514ce8a67d6e88
9eb93299ab9c851a6e3762779d16b9cdce0ceed7d142980d5ad807e3ba02ae49
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a2557a608ec9c6801b541eaa424bdab3e0dc5ea8406ece257c4bb7503b214575
a297b1fbbd53656da9795bda28f1e1be926abc5dd87ca817f374c3819626772b
a30ca8ec83690d0e326fe56bf32905e479fe659e6bdfadf34898f0d5362b3215
a50758777c1addf4e6065bc1e8f72ca90064f67370b3fb1e1e6566f2f5a948c4
a5587570e7200dd6db9ee86b720dbd2621897a83ba3fd0270721e534b145572a
a6bfef4edb0b84cebfd0f28e7cbcfb82c2db6b9d21687c717ff31ff0d9118eac
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
aff1cc8560367ba98aa34710f89a14934ba535e0c505b492740e0307b5feb1b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b716155bcd3e9ec506d6d1bc441367b61e964c7a2002d4cd84a986ecc0286282
b717cd062372a49b58c92a0a4c79590dfc3643ab12ee70a6661969d4e74a2ee7
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c
c09d6f1fea7d0ab9cf3527b9854cfd80cb5d3b01eba9c254fc48192c9ca27442
c3b501e618ae2242cd022c7e54b30c244911d18ab5afd3c502690d263db86a9d
c3bed79bd0370efad282dacf28000306e1fe3761d481baaebd1cdf9de42b412e
c92db80711bd551f6cb7dca98dfeaee3b704f52348b783e74a1c04577a198e2e
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cec54b1e6b86690fd4958d9941745cb1addea27a943eb41bc68a4d1130494bf0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd5e09833a25ffe4d589d31872226c593ead71f5e26aab06172a02c5baa5b6b
d19251dbfceb3195a12ab6b2dd2ad544c70ecfa8b6e97033b1aec932ed20e5f3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de82811734c6c2ea38f64be7a51240f21d9d3eb40884692044d8ae82fa003dd7
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b198abe4eb458d0d1e59fe765a451072fbbd413bee208240d14b579635e1f2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30dce9d7769c59e56c7ce97d78a66aea21d226f5eafe9e21ac73ee56f75a04f
f3922679a6682b9939228faf9c7d8b768744abc763eb20d718fa4780854af4a2
f628a9bad4f015f8e7e75c249bb0a00a40ec41023899166f53c5fc778203ebc3
f80095344b8dcee063e8d5200c86136bfe79bba3ec5f7517b9e7309ab0ce94d1
f80902a1946317184c4e6f0eae60ed9b1496afc720d2b0258846ec6ad56b5ed6
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fc147e2313a2a7e95834f454403e4603e4f66df8f5914b807197ddeea560630e

risu.io Open in urlscan Pro 2606:4700:3108::ac42:2afe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

260 Requests

92 %HTTPS

53 %IPv6

22 Domains

40 Subdomains

34 IPs

6 Countries

3272 kBTransfer

8580 kBSize

23 Cookies

3 Outgoing links

Redirected requests

260 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

risu.io Open in urlscan Pro
2606:4700:3108::ac42:2afe Public Scan

Screenshot
Live screenshot

Full Image

260
Requests

92 %
HTTPS

53 %
IPv6

22
Domains

40
Subdomains

34
IPs

6
Countries

3272 kB
Transfer

8580 kB
Size

23
Cookies

260 HTTP transactions
5 data transactions