riftv.net Open in urlscan Pro
109.234.162.107 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zizouit.com/r.php?v=dD1jJmQ9MTE4MzUmbD03OTkmYz01NTMyNzU=
Effective URL:
https://riftv.net/6874.html
Submission: On April 10 via api (April 10th 2021, 12:05:40 pm UTC) from BE

Summary HTTP 195 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 40 domains to perform 195 HTTP transactions. The main IP is 109.234.162.107, located in France and belongs to O2SWITCH, FR. The main domain is riftv.net.
TLS certificate: Issued by R3 on March 15th 2021. Valid for: 3 months.

This is the only time riftv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	139.99.204.198 139.99.204.198	16276 (OVH) (OVH)
1 1	2606:4700:303... 2606:4700:3034::ac43:9685	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 37	109.234.162.107 109.234.162.107	50474 (O2SWITCH) (O2SWITCH)
19	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2620:1ec:29::19 2620:1ec:29::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f05... 2a03:2880:f053:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	192.0.78.33 192.0.78.33	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
15	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a03:2880:f05... 2a03:2880:f053:11:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	37.48.65.182 37.48.65.182	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
4	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f15... 2a03:2880:f153:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	192.0.78.23 192.0.78.23	2635 (AUTOMATTIC) (AUTOMATTIC)
1	76.223.26.175 76.223.26.175	16509 (AMAZON-02) (AMAZON-02)
1	54.230.183.89 54.230.183.89	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
1 5	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
1 2	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	51.178.130.209 51.178.130.209	16276 (OVH) (OVH)
1 1	80.158.66.20 80.158.66.20	34086 (SCZN-AS) (SCZN-AS)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	54.149.220.116 54.149.220.116	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
5	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
11	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	51.68.117.182 51.68.117.182	16276 (OVH) (OVH)
2	52.218.20.169 52.218.20.169	16509 (AMAZON-02) (AMAZON-02)
6	54.230.183.91 54.230.183.91	16509 (AMAZON-02) (AMAZON-02)
195	53

1 139.99.204.198 (Sydney, Australia) 1 redirects

ASN16276 (OVH, FR)
PTR: 198.ip-139-99-204.eu

zizouit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:9685 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

itsssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 109.234.162.107 (France) 1 redirects

ASN50474 (O2SWITCH, FR)
PTR: dinde.o2switch.net

riftv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:29::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f053:f:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.33 (United States)

ASN2635 (AUTOMATTIC, US)

jetpack.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.32 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

widgets.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f053:11:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.65.182 (Vinkeveen, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

extreme-ip-lookup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f153:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

1.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.78.23 (United States)

ASN2635 (AUTOMATTIC, US)

public-api.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.26.175 (United States)

ASN16509 (AMAZON-02, US)

de1-bid.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.183.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-89.ham50.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.63.52.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

ad20.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.178.130.209 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3169999.ip-51-178-130.eu

creative.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.mlsat02.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.158.66.20 (Germany) 1 redirects

ASN34086 (SCZN-AS, DE)

ebs08.telekom.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.220.116 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.117.182 (France)

ASN16276 (OVH, FR)

aaa.artefact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.20.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

rechtstexte.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.230.183.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-91.ham50.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	wp.com c0.wp.com stats.wp.com widgets.wp.com pixel.wp.com i0.wp.com s0.wp.com i2.wp.com i1.wp.com	306 KB
37	riftv.net 1 redirects riftv.net	263 KB
20	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	17 KB
18	google.com cse.google.com www.google.com fundingchoicesmessages.google.com clients1.google.com adservice.google.com	249 KB
16	adform.net track.adform.net s1.adform.net	124 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	161 KB
6	trustarc.com choices.trustarc.com	17 KB
6	ad-srv.net 1 redirects ad.ad-srv.net ad20.ad-srv.net	9 KB
6	clarity.ms 1 redirects www.clarity.ms c.clarity.ms	21 KB
4	gravatar.com 1.gravatar.com 0.gravatar.com	10 KB
4	wordpress.com jetpack.wordpress.com public-api.wordpress.com	13 KB
3	mlsat02.de 2 redirects creative.mlsat02.de tracking.mlsat02.de	1 KB
3	google.de www.google.de adservice.google.de	1 KB
3	bing.com 1 redirects bat.bing.com c.bing.com	9 KB
2	amazonaws.com rechtstexte.s3.amazonaws.com	86 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	758 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com	771 B
2	awin1.com 1 redirects www.awin1.com	779 B
2	googletagservices.com www.googletagservices.com	64 KB
2	facebook.com graph.facebook.com www.facebook.com	364 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	64 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	googleapis.com fonts.googleapis.com www.googleapis.com	806 B
1	artefact.com aaa.artefact.com	1 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	quantserve.com cms.quantserve.com	463 B
1	telekom.de 1 redirects ebs08.telekom.de	723 B
1	truste.com choices.truste.com	9 KB
1	adsrvr.org de1-bid.adsrvr.org	1 KB
1	googleadservices.com partner.googleadservices.com	255 B
1	extreme-ip-lookup.com extreme-ip-lookup.com	533 B
1	ampproject.org cdn.ampproject.org	6 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	itsssl.com 1 redirects itsssl.com	487 B
1	zizouit.com 1 redirects zizouit.com	349 B
195	40

	Domain	Requested by
37	riftv.net	1 redirects riftv.net c0.wp.com
19	c0.wp.com	riftv.net
11	s1.adform.net	tracking.mlsat02.de s1.adform.net riftv.net
11	s0.wp.com	jetpack.wordpress.com widgets.wp.com s0.wp.com public-api.wordpress.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	riftv.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	www.google.com	cse.google.com www.google.com riftv.net googleads.g.doubleclick.net
6	choices.trustarc.com	choices.truste.com choices.trustarc.com
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
5	track.adform.net	ad20.ad-srv.net s1.adform.net
5	ad20.ad-srv.net	1 redirects googleads.g.doubleclick.net ad20.ad-srv.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	widgets.wp.com	riftv.net c0.wp.com widgets.wp.com s0.wp.com
4	www.clarity.ms	riftv.net www.clarity.ms
3	public-api.wordpress.com	jetpack.wordpress.com s0.wp.com public-api.wordpress.com
3	0.gravatar.com	jetpack.wordpress.com 0.gravatar.com
2	rechtstexte.s3.amazonaws.com	ad20.ad-srv.net
2	i2.wp.com	riftv.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	tracking.mlsat02.de	1 redirects ad20.ad-srv.net
2	www.awin1.com	1 redirects ad20.ad-srv.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	c.clarity.ms	1 redirects riftv.net
2	pixel.wp.com	riftv.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	riftv.net connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	bat.bing.com	riftv.net
2	cse.google.com	riftv.net www.google.com
1	aaa.artefact.com	ad20.ad-srv.net
1	i1.wp.com	riftv.net
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ebs08.telekom.de	1 redirects
1	creative.mlsat02.de	1 redirects
1	ad.ad-srv.net	googleads.g.doubleclick.net
1	choices.truste.com	googleads.g.doubleclick.net
1	de1-bid.adsrvr.org	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	1.gravatar.com	jetpack.wordpress.com
1	www.google.de	riftv.net
1	www.facebook.com	connect.facebook.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	clients1.google.com	riftv.net
1	www.googleapis.com	riftv.net
1	i0.wp.com	riftv.net
1	extreme-ip-lookup.com	c0.wp.com
1	c.bing.com	1 redirects
1	graph.facebook.com	c0.wp.com
1	jetpack.wordpress.com	riftv.net
1	stats.wp.com	riftv.net
1	cdn.ampproject.org	riftv.net
1	www.googletagmanager.com	riftv.net
1	fonts.googleapis.com	riftv.net
1	maxcdn.bootstrapcdn.com	riftv.net
1	itsssl.com	1 redirects
1	zizouit.com	1 redirects
195	64

This site contains links to these domains. Also see Links.

Domain
aawsat.com
www.facebook.com
twitter.com
www.stumbleupon.com
www.linkedin.com
pinterest.com

Subject Issuer	Validity	Valid
riftv.net R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-12` - `2022-11-14`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
c.msn.com Microsoft RSA TLS CA 02	`2021-02-03` - `2022-02-03`	a year	crt.sh
t1.extreme-dm.com R3	`2021-04-01` - `2021-06-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
ad-srv.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
tracking.mlsat02.de Sectigo RSA Organization Validation Secure Server CA	`2019-09-06` - `2021-12-04`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
aaa.artefact.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.trustarc.com Go Daddy Secure Certificate Authority - G2	`2020-05-21` - `2022-07-17`	2 years	crt.sh

This page contains 21 frames:

Primary Page: https://riftv.net/6874.html
Frame ID: 8757666AB71F453376C5A8783F24A4CF
Requests: 114 HTTP requests in this frame

Frame: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Frame ID: D83903F2123DA5463AB2C2B2555B2728
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: E254D1FBA34157BD207108B753279020
Requests: 1 HTTP requests in this frame

Frame: https://widgets.wp.com/likes/master.html?ver=202114
Frame ID: 514E57EA4852038AD28B7AF99CC517DD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1618056326&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Friftv.net%2F6874.html&ea=0&flash=0&pra=5&wgl=1&dt=1618056325649&bpp=15&bdt=442&idt=165&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6937763730546&frm=20&pv=2&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=392
Frame ID: 5A756B605F613E625A4D9DCE5F55190E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=200&slotname=8558532162&adk=2944558080&adf=2036783278&pi=t.ma~as.8558532162&w=800&lmt=1618056326&tp=site_kit&psa=0&format=800x200&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=2&bdt=442&idt=224&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nnUWMFlHFW&p=https%3A//riftv.net&dtd=400
Frame ID: 04111C98D7E3DCBA9779A16C8ED645DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=100&slotname=8558532162&adk=3504691208&adf=2830473785&pi=t.ma~as.8558532162&w=720&lmt=1618056326&tp=site_kit&psa=0&format=720x100&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=1&bdt=442&idt=262&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=440&ady=403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=38nlsdWMMs&p=https%3A//riftv.net&dtd=404
Frame ID: 2BEE24957D68D42F86E5CAC4AF60D235
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=165&slotname=5932368824&adk=324297041&adf=2668279105&pi=t.ma~as.5932368824&w=660&fwrn=4&lmt=1618056326&rafmt=11&tp=site_kit&psa=0&format=660x165&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=1&bdt=442&idt=286&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bSvBd5r2Qy&p=https%3A//riftv.net&dtd=409
Frame ID: 1F26C735D44B4D13D08DBA73376C6275
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=165&slotname=5932368824&adk=324297041&adf=2932858234&pi=t.ma~as.5932368824&w=660&fwrn=4&lmt=1618056326&rafmt=11&tp=site_kit&psa=0&format=660x165&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325650&bpp=1&bdt=444&idt=417&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=2478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=HpmL7JdZ1I&p=https%3A//riftv.net&dtd=421
Frame ID: 397D809BE483E4B53D0CABB32672DA06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=100&slotname=8558532162&adk=3504691208&adf=823027770&pi=t.ma~as.8558532162&w=720&lmt=1618056326&tp=site_kit&psa=0&format=720x100&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325651&bpp=1&bdt=444&idt=441&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=440&ady=3446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AWY1B3NEJD&p=https%3A//riftv.net&dtd=444
Frame ID: C4BCAD4CE099603631050E20B60F297B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
Frame ID: 11797F5FA7DB17E8A3C2801BE3933C30
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=3782158868&adf=3906736861&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=462&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100%2C160x600&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LazL6DkuWx&p=https%3A//riftv.net&dtd=465
Frame ID: D6AD0435228D03736A74F5F1A76E506D
Requests: 1 HTTP requests in this frame

Frame: https://public-api.wordpress.com/connect/?googleplus-sign-in=https%3A%2F%2Fjetpack.wordpress.com&color_scheme=light
Frame ID: 5DD4B0D6C8A6F5D6E89F1ABF60188209
Requests: 2 HTTP requests in this frame

Frame: https://public-api.wordpress.com/wp-admin/rest-proxy/
Frame ID: 0463DCEBEBABE8572CB98B1F56B59EC6
Requests: 3 HTTP requests in this frame

Frame: https://tracking.mlsat02.de/onepixel.gif
Frame ID: B07E90D2BB18DAB92F417B7EDC3C721B
Requests: 1 HTTP requests in this frame

Frame: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Frame ID: F5CE41FAA5DF7B949CE4112F0E825880
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CAE9AEB24C1393D6293424B3FB9632A5
Requests: 9 HTTP requests in this frame

Frame: https://widgets.wp.com/likes/
Frame ID: C77B6AA17762CE561C90A443B28F4A96
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/14736/9458076/9458076.js?ADFassetID=9458076&bv=514
Frame ID: 75AFC7CE2075F5115ADC1BF0C8D6D740
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: BF0DDDF79F96FB88149ABCE8236B8F9D
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 3972C0BCEBFEF7FF07A5F2FB6F8FA340
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zizouit.com/r.php?v=dD1jJmQ9MTE4MzUmbD03OTkmYz01NTMyNzU= HTTP 302
https://itsssl.com/Z2gbS?sub1=1&sub2=11835&sub3=12318&sub4=799&sub5=553275 HTTP 301
https://riftv.net/?tierand=1 Page URL
https://riftv.net/6874.html Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Page Statistics

195
Requests

100 %
HTTPS

49 %
IPv6

40
Domains

64
Subdomains

53
IPs

9
Countries

1544 kB
Transfer

4110 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://aawsat.com/home/article/2882361/%D8%B1%D9%88%D8%B3%D9%8A%D8%A7-%D8%AA%D8%AE%D8%B7%D8%B7-%D9%84%D8%AD%D8%B6%D9%88%D8%B1-%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%D9%8A-%D8%A8%D9%86%D8%B5%D9%81-%D8%B3%D8%B9%D8%A9-%D8%A7%D9%84%D9%85%D9%84%D8%A7%D8%B9%D8%A8-%D9%88%D8%A7%D9%84%D8%AF%D9%86%D9%85%D8%A7%D8%B1%D9%83-%D8%AA%D8%B3%D9%85%D8%AD-%D8%A8%D9%8011-%D8%A3%D9%84%D9%81%D8%A7%D9%8B-%D9%81%D9%8A-%D9%83%D8%A3%D8%B3-%D8%A3%D9%85%D9%85
Title: Source link

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://wp.me/pcGQey-1MS
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D8%B1%D9%88%D8%B3%D9%8A%D8%A7+%D8%AA%D8%AE%D8%B7%D8%B7+%D9%84%D8%AD%D8%B6%D9%88%D8%B1+%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%D9%8A+%D8%A8%D9%86%D8%B5%D9%81+%D8%B3%D8%B9%D8%A9+%D8%A7%D9%84%D9%85%D9%84%D8%A7%D8%B9%D8%A8+%D9%88%D8%A7%D9%84%D8%AF%D9%86%D9%85%D8%A7%D8%B1%D9%83+%D8%AA%D8%B3%D9%85%D8%AD+%D8%A8%D9%8011+%D8%A3%D9%84%D9%81%D8%A7%D9%8B+%D9%81%D9%8A+%D9%83%D8%A3%D8%B3+%D8%A3%D9%85%D9%85+%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7&url=https://wp.me/pcGQey-1MS
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.stumbleupon.com/submit?url=https://wp.me/pcGQey-1MS&title=%D8%B1%D9%88%D8%B3%D9%8A%D8%A7+%D8%AA%D8%AE%D8%B7%D8%B7+%D9%84%D8%AD%D8%B6%D9%88%D8%B1+%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%D9%8A+%D8%A8%D9%86%D8%B5%D9%81+%D8%B3%D8%B9%D8%A9+%D8%A7%D9%84%D9%85%D9%84%D8%A7%D8%B9%D8%A8+%D9%88%D8%A7%D9%84%D8%AF%D9%86%D9%85%D8%A7%D8%B1%D9%83+%D8%AA%D8%B3%D9%85%D8%AD+%D8%A8%D9%8011+%D8%A3%D9%84%D9%81%D8%A7%D9%8B+%D9%81%D9%8A+%D9%83%D8%A3%D8%B3+%D8%A3%D9%85%D9%85+%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7
Title: Stumbleupon

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://wp.me/pcGQey-1MS&title=%D8%B1%D9%88%D8%B3%D9%8A%D8%A7+%D8%AA%D8%AE%D8%B7%D8%B7+%D9%84%D8%AD%D8%B6%D9%88%D8%B1+%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%D9%8A+%D8%A8%D9%86%D8%B5%D9%81+%D8%B3%D8%B9%D8%A9+%D8%A7%D9%84%D9%85%D9%84%D8%A7%D8%B9%D8%A8+%D9%88%D8%A7%D9%84%D8%AF%D9%86%D9%85%D8%A7%D8%B1%D9%83+%D8%AA%D8%B3%D9%85%D8%AD+%D8%A8%D9%8011+%D8%A3%D9%84%D9%81%D8%A7%D9%8B+%D9%81%D9%8A+%D9%83%D8%A3%D8%B3+%D8%A3%D9%85%D9%85+%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7
Title: LinkedIn

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://wp.me/pcGQey-1MS&description=%D8%B1%D9%88%D8%B3%D9%8A%D8%A7+%D8%AA%D8%AE%D8%B7%D8%B7+%D9%84%D8%AD%D8%B6%D9%88%D8%B1+%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%D9%8A+%D8%A8%D9%86%D8%B5%D9%81+%D8%B3%D8%B9%D8%A9+%D8%A7%D9%84%D9%85%D9%84%D8%A7%D8%B9%D8%A8+%D9%88%D8%A7%D9%84%D8%AF%D9%86%D9%85%D8%A7%D8%B1%D9%83+%D8%AA%D8%B3%D9%85%D8%AD+%D8%A8%D9%8011+%D8%A3%D9%84%D9%81%D8%A7%D9%8B+%D9%81%D9%8A+%D9%83%D8%A3%D8%B3+%D8%A3%D9%85%D9%85+%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7&media=https://i0.wp.com/riftv.net/wp-content/uploads/2021/03/1616682242304340700.jpg?resize=480%2C268&ssl=1
Title: Pinterest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zizouit.com/r.php?v=dD1jJmQ9MTE4MzUmbD03OTkmYz01NTMyNzU= HTTP 302
https://itsssl.com/Z2gbS?sub1=1&sub2=11835&sub3=12318&sub4=799&sub5=553275 HTTP 301
https://riftv.net/?tierand=1 Page URL
https://riftv.net/6874.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://zizouit.com/r.php?v=dD1jJmQ9MTE4MzUmbD03OTkmYz01NTMyNzU= HTTP 302
https://itsssl.com/Z2gbS?sub1=1&sub2=11835&sub3=12318&sub4=799&sub5=553275 HTTP 301
https://riftv.net/?tierand=1

Request Chain 79

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=F24F0A16DF964D4CADADAD6FC522E746&RedC=c.clarity.ms&MXFR=3B566AFB9B0468C40FD47AEE9F04666A HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=F24F0A16DF964D4CADADAD6FC522E746&MUID=3B42E084012963CC2BFFF09100426255

Request Chain 85

https://riftv.net/wp-admin/admin-ajax.php HTTP 307
https://riftv.net/wp-admin/admin-ajax.php

Request Chain 140

https://ad20.ad-srv.net/request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D1cd101d0-1749-4541-b89f-a3ab47bcf960%26ag%3D18izhwm%26sfe%3D12a91486%26sig%3Dqzh02GDldJibbi5tnrW4arzZIh3Rdu8bgazBY73XN5A.%26crid%3D30v7ebq5%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Driftv.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Dao7c8g7415%26sv%3Dgoogle%26uhow%3D158%26agsa%3D%26wp%3DYHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4786732530380180%26rlangs%3Dar%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAYABAA..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-4786732530380180%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYHGUhgAC1sAIu8k6lwJ36A%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCJFSNhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEtQFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqC65r8wRQeTHuWxJLbp5p6y4vv9DgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3XGzfPirJ4DPtdmkauGe1PKmbPvw%2526client%253Dca-pub-4786732530380180%2526adurl%253D&documentReferer=https%3A%2F%2Friftv.net%2F&ancestorOrigins=https%3A%2F%2Friftv.net&random=9245748685502&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad20.ad-srv.net/request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D1cd101d0-1749-4541-b89f-a3ab47bcf960%26ag%3D18izhwm%26sfe%3D12a91486%26sig%3Dqzh02GDldJibbi5tnrW4arzZIh3Rdu8bgazBY73XN5A.%26crid%3D30v7ebq5%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Driftv.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Dao7c8g7415%26sv%3Dgoogle%26uhow%3D158%26agsa%3D%26wp%3DYHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4786732530380180%26rlangs%3Dar%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAYABAA..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-4786732530380180%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYHGUhgAC1sAIu8k6lwJ36A%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCJFSNhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEtQFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqC65r8wRQeTHuWxJLbp5p6y4vv9DgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3XGzfPirJ4DPtdmkauGe1PKmbPvw%2526client%253Dca-pub-4786732530380180%2526adurl%253D&documentReferer=https%3A%2F%2Friftv.net%2F&ancestorOrigins=https%3A%2F%2Friftv.net&random=9245748685502&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 142

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=48861800092615900003105011560020 HTTP 302
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1618056326_&cachebuster=1618056326&awv=11430_473322_1618056326_09500b11-99f5-11eb-b806-692d0272ce40 HTTP 301
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-MzI0NTA3MjY7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MTgwNTYzMjZfMDk1MDBiMTEtOTlmNS0xMWViLWI4MDYtNjkyZDAyNzJjZTQwOw..&target=https%3A%2F%2Ftracking.mlsat02.de%2Fonepixel.gif HTTP 302
https://tracking.mlsat02.de/onepixel.gif

Request Chain 147

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKgNtjCSJ1BJiwai_B-7A8Hzx1P7LXwMQvrl_VYVN46MwjHLEOT4wKSagls6Cl0VUzGVfrp0gF5nuKAJ9ZD_dDZ3sluA5aB&google_gid=CAESEImAqmDdT896-mhKf0vJ6Lc&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIapxoMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLZ050akNTSjFCSml3YWlfQi03QThIengxUDdMWHdNUXZybF9WWVZONDZNd2pITEVPVDR3S1NhZ2xzNkNsMFZVekdWZnJwMGdGNW51S0FKOVpEX2REWjNzbHVBNWFC HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXBDeE8temIzdkJIRGFNZkg3RE4xbDhkRVRNTVAwa3FMUVpqVGU5MWoyVQ==&google_push

Request Chain 148

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FGAFa4jeeRqr_DAznYiSNHU5761IE4g&google_gid=CAESEInbWNMfgomeBhKqxJ71VXA&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FGAFa4jeeRqr_DAznYiSNHU5761IE4g&google_gid=CAESEInbWNMfgomeBhKqxJ71VXA&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTAxMjA1Mjc1NDI2OTIwNDYyMzg5Mw%3D%3D&google_push=AQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FGAFa4jeeRqr_DAznYiSNHU5761IE4g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTAxMjA1Mjc1NDI2OTIwNDYyMzg5Mw%3D%3D&google_push=AQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FGAFa4jeeRqr_DAznYiSNHU5761IE4g&google_tc=

Request Chain 149

https://rtb.openx.net/sync/dds?google_gid=CAESELEK46406FgaYLUpA0fxUFY&google_cver=1&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESELEK46406FgaYLUpA0fxUFY&google_cver=1&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM&google_hm=4nMnPMhkyWw0EsZwaXgFZw==

Request Chain 150

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEO2ql8OpHdLW4o5qWXz7WhM&google_cver=1&google_push=AQvitUIvtjJyejf9utx66Bn-tIhRn4GZ99-d2JBoyIizazDTPjQtiiwfv1Y0e24PwtmgoRpurGjgEGpW9B7_hIAeOkRSI4L-vmGs HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEO2ql8OpHdLW4o5qWXz7WhM&google_cver=1&google_push=AQvitUIvtjJyejf9utx66Bn-tIhRn4GZ99-d2JBoyIizazDTPjQtiiwfv1Y0e24PwtmgoRpurGjgEGpW9B7_hIAeOkRSI4L-vmGs&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j-MG15QjRTawi9M7Z_zsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIvtjJyejf9utx66Bn-tIhRn4GZ99-d2JBoyIizazDTPjQtiiwfv1Y0e24PwtmgoRpurGjgEGpW9B7_hIAeOkRSI4L-vmGs

Request Chain 151

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJjlvRc8zpuG1v047kBhetc&google_cver=1&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQewGwuOeTETewwIKyVSDBL3s9P4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05CT1lLM0gtMVAtRFgyVA==&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQewGwuOeTETewwIKyVSDBL3s9P4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05CT1lLM0gtMVAtRFgyVA==&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQewGwuOeTETewwIKyVSDBL3s9P4&google_tc=

Request Chain 152

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_cver=1&google_push=AQvitUK4zHO1p3bebc128PNXYHkBUN_MbYg3VLZk5nyjYptO-6qmZw3vUsUISpzJTFX5mT6fGYGoZnSgObQdKQKbDE6PAV1cmkPx HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_push=AQvitUK4zHO1p3bebc128PNXYHkBUN_MbYg3VLZk5nyjYptO-6qmZw3vUsUISpzJTFX5mT6fGYGoZnSgObQdKQKbDE6PAV1cmkPx&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHGUhi0HiZQQO87fhBedlgAABIgAAAAB&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_cver=1&google_push=AQvitUK4zHO1p3bebc128PNXYHkBUN_MbYg3VLZk5nyjYptO-6qmZw3vUsUISpzJTFX5mT6fGYGoZnSgObQdKQKbDE6PAV1cmkPx

Request Chain 155

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=30417981&partnerid=473322&page=http://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2417248&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpw4zf6gu5e5632v%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1 HTTP 301
https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2417248&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpw4zf6gu5e5632v%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

195 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
riftv.net/
Redirect Chain

http://zizouit.com/r.php?v=dD1jJmQ9MTE4MzUmbD03OTkmYz01NTMyNzU=
https://itsssl.com/Z2gbS?sub1=1&sub2=11835&sub3=12318&sub4=799&sub5=553275
https://riftv.net/?tierand=1

285 B
256 B

675ms
675ms

Document
text/html

109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/?tierand=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 / PHP/7.4.16
Resource Hash: 139a591d5a410e0cef632d6ed5d0e6e5ee8566ee6e8424ce4be6564885d2a88e

Request headers

:method: GET
:authority: riftv.net
:scheme: https
:path: /?tierand=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.16
server: o2switch-PowerBoost-v3
content-encoding: br

Redirect headers

date: Sat, 10 Apr 2021 12:05:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db162ef1a05a614cef32efb6e8ffef0d51618056323; expires=Mon, 10-May-21 12:05:23 GMT; path=/; domain=.itsssl.com; HttpOnly; SameSite=Lax PHPSESSID=ivj6vr2ni313hn0lithtb0bmh1; path=/ short_Z2gbS=1; expires=Sat, 10-Apr-2021 12:35:23 GMT; Max-Age=1800; path=/; httponly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
location: https://riftv.net/?tierand=1
cf-cache-status: DYNAMIC
cf-request-id: 095d45380d0000323c41091000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8ZTvCAoS%2Bo74tmTtxwQ7jhnLcRpJv1bZVQjy20IgFpdldymJnK6NJsolRjlKb0x7c%2FVqrwHvrzUQJhex%2Fgd8eN3M5o9iBCIWS64NR%2FxwkEKyTF6lATe1"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63dbd7d348fb323c-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request 6874.html Show response
riftv.net/ 118 KB
21 KB 1129ms
1129ms Document
text/html 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 / PHP/7.4.16
Resource Hash: 0adb3d15bc04932d3ecf6dbda46f9d6ca7c530e85ac979da8521e3c7f2309a44

Request headers

:method: GET
:authority: riftv.net
:scheme: https
:path: /6874.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://riftv.net/?tierand=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/?tierand=1

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.16
x-pingback: https://riftv.net/xmlrpc.php
link: <https://riftv.net/wp-json/>; rel="https://api.w.org/", <https://riftv.net/wp-json/wp/v2/posts/6874>; rel="alternate"; type="application/json", <https://wp.me/pcGQey-1MS>; rel=shortlink
server: o2switch-PowerBoost-v3
content-encoding: br

GET
H2 200 style-rtl.min.css
c0.wp.com/c/5.7/wp-includes/css/dist/block-library/ 57 KB
8 KB 22ms
16ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/css/dist/block-library/style-rtl.min.css

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f674c4f9da41d83c179941ca7f4137454b6c10649ed41b2fa1e21f873d4bcf92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Tue, 02 Mar 2021 00:46:20 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 styles.css
riftv.net/wp-content/plugins/contact-form-7/includes/css/ 3 KB
962 B 63ms
56ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Sat, 27 Feb 2021 12:53:56 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 styles-rtl.css
riftv.net/wp-content/plugins/contact-form-7/includes/css/ 152 B
239 B 73ms
67ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Sat, 27 Feb 2021 12:53:56 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
riftv.net/wp-content/plugins/taqyeem-buttons/assets/ 4 KB
1 KB 88ms
82ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/taqyeem-buttons/assets/style.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Mon, 08 Feb 2021 01:30:56 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
riftv.net/wp-content/plugins/taqyeem/ 7 KB
2 KB 97ms
91ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/taqyeem/style.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: c36315f0037994b0a9cc8ad6d2808fa2bb73e337e8e8d475c4e334315e866808

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Mon, 08 Feb 2021 01:30:56 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 wordpress-country-selector-public.css
riftv.net/wp-content/plugins/wordpress-country-selector/public/css/ 8 KB
2 KB 112ms
106ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wordpress-country-selector/public/css/wordpress-country-selector-public.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: e54c77d5d3a8eab15a332b25b1c55d7f37b9dc22095d0a2c33ed6d2b9806a8ae

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 22:02:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bootstrap.min.css
riftv.net/wp-content/plugins/wordpress-country-selector/public/css/ 25 KB
3 KB 121ms
115ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wordpress-country-selector/public/css/bootstrap.min.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 17dd1970ecb1ac55702903b39850682c08e5480f86ceff81cc3e23c6fb5f8a1a

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 22:02:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 mapglyphs.css
riftv.net/wp-content/plugins/wordpress-country-selector/public/css/ 14 KB
2 KB 135ms
130ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wordpress-country-selector/public/css/mapglyphs.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 2171b2d88a493caaa99a48517d9ae544794d53a617af689a53560cb506bf1ec2

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 22:02:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 flag-icon.min.css
riftv.net/wp-content/plugins/wordpress-country-selector/public/css/ 33 KB
2 KB 146ms
141ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wordpress-country-selector/public/css/flag-icon.min.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 0e7946f89321598d97f23ebcaba3a79c64a2d47309dfcd10c80506840dd4fbef

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 22:02:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 19ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://riftv.net
Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617, 617, 617
age: 29758
cdn-cachedat: 2021-04-10 04:44:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 095d45406900004e258a964000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5c2da5dcaa200cdd8d0d39b33f9fd0ed
cf-ray: 63dbd7e0ae5b4e25-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 wordpress-country-selector-custom.css
riftv.net/wp-content/plugins/wordpress-country-selector/public/css/ 55 B
185 B 158ms
153ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wordpress-country-selector/public/css/wordpress-country-selector-custom.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: a233cb2f92bee6a54365c5685d29635c38f3c4916a946bd60694fae147320a4b

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Sat, 10 Apr 2021 12:05:27 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 wp-automatic.css
riftv.net/wp-content/plugins/wp-automatic/css/ 3 KB
676 B 183ms
177ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wp-automatic/css/wp-automatic.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 20:46:30 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
riftv.net/wp-content/themes/sahifa/ 187 KB
33 KB 193ms
188ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/style.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: fa71a7719465686857028151f0405063d04eed9b9a6d129384661bab45c5988d

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Mon, 04 Jan 2021 00:58:27 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 skin.css
riftv.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 7 KB
1 KB 202ms
197ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Tue, 15 Oct 2013 12:21:08 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H3-Q050 200 css
fonts.googleapis.com/ 754 B
769 B 49ms
33ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://riftv.net
Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 10 Apr 2021 11:54:40 GMT
server: ESF
date: Sat, 10 Apr 2021 12:05:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Apr 2021 12:05:25 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/9.6/_inc/social-logos/ 12 KB
8 KB 21ms
17ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/_inc/social-logos/social-logos.min.css

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 jetpack-rtl.css
c0.wp.com/p/jetpack/9.6/css/ 76 KB
13 KB 22ms
17ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/css/jetpack-rtl.css

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cc9433903c15a631554b5a893c7c45fa86889623eeb38e950009972007c1a678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 16:59:40 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 soccer-info-front.css
riftv.net/wp-content/plugins/soccer-info/css/ 12 KB
2 KB 223ms
219ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/soccer-info/css/soccer-info-front.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 6488dfa2efd57445f30050510665ebb17f4345c2c62214f88e408a82154e276e

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Mon, 04 Jan 2021 00:03:47 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/9.6/_inc/build/related-posts/ 6 KB
2 KB 22ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/_inc/build/related-posts/related-posts.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/jquery/ 87 KB
30 KB 22ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/jquery/ 11 KB
4 KB 22ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 tie.js Show response
riftv.net/wp-content/plugins/taqyeem/js/ 3 KB
938 B 230ms
226ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/taqyeem/js/tie.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 4a3dffcac967f4ac5383c60720a8ed58838b13622b3cad8f9f6070fc1ec5b7dc

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Mon, 08 Feb 2021 01:30:56 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main-front.js Show response
riftv.net/wp-content/plugins/wp-automatic/js/ 1017 B
465 B 242ms
238ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wp-automatic/js/main-front.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 20:46:30 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-186817945-1

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1066ea9e2eb130d071635999290d29ddbdd63b989968c24558502ea6fb6e38dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39123
x-xss-protection: 0
expires: Sat, 10 Apr 2021 12:05:25 GMT

GET
H2 200 rtl.css
riftv.net/wp-content/themes/sahifa/ 15 KB
3 KB 222ms
219ms Stylesheet
text/css 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/rtl.css
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 19d2ad6077a3d0c5d62dc53aafe8c19320ff6d3417d10047bf3961a401b93804

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Mon, 04 Jan 2021 00:54:17 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: text/css

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 20 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2a2ed3e5194416efdec40b3c4660942b3cd0eb34743415e99aa52e9e08f5b3a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6456
x-xss-protection: 0
server: sffe
date: Sat, 10 Apr 2021 12:05:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "6239adb081b099b6"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Apr 2021 12:05:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48426
x-xss-protection: 0
server: cafe
etag: 9073347465432709909
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 10 Apr 2021 12:05:25 GMT

GET
H2 200 logo.png
riftv.net/wp-content/uploads/2020/03/ 9 KB
10 KB 118ms
117ms Image
image/png 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riftv.net/wp-content/uploads/2020/03/logo.png
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 0900bdcff7db451e0212fa06f7005ae84ece8c649502680b89d234844b3462f5

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Fri, 01 Jan 2021 14:25:17 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 9644
content-type: image/png

GET
H2 200 cse.js Show response
cse.google.com/ 7 KB
3 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=a1a3017674846fb0b

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

43f36313620dbe5eac12f35b0d0646fbd690982358788d4d3546102e6eca35d7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2839
x-xss-protection: 0
expires: Sat, 10 Apr 2021 12:05:25 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.6/_inc/build/photon/ 758 B
400 B 16ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/_inc/build/photon/photon.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 wp-polyfill.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/dist/vendor/ 97 KB
32 KB 16ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/dist/vendor/wp-polyfill.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Mon, 29 Jun 2020 11:50:29 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 hooks.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/dist/ 7 KB
2 KB 20ms
15ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/dist/hooks.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 i18n.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/dist/ 10 KB
4 KB 20ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/dist/i18n.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 lodash.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/dist/vendor/ 71 KB
25 KB 22ms
17ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/dist/vendor/lodash.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Sat, 11 Jul 2020 00:36:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 url.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/dist/ 8 KB
3 KB 22ms
17ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/dist/url.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 api-fetch.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/dist/ 12 KB
3 KB 19ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/dist/api-fetch.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 index.js Show response
riftv.net/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 56ms
52ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Sat, 27 Feb 2021 12:53:56 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
riftv.net/wp-content/plugins/wordpress-country-selector/public/js/ 36 KB
9 KB 68ms
64ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wordpress-country-selector/public/js/bootstrap.min.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 22:02:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wordpress-country-selector-public.js Show response
riftv.net/wp-content/plugins/wordpress-country-selector/public/js/ 10 KB
3 KB 82ms
78ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/wordpress-country-selector/public/js/wordpress-country-selector-public.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: c12d1114e1bd16813cd098b11947baaac48f2e2869c4de797bc82db21bf978e2

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 22:02:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tie-scripts.js Show response
riftv.net/wp-content/themes/sahifa/js/ 72 KB
20 KB 101ms
97ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/js/tie-scripts.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Wed, 22 Jan 2020 10:34:05 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ilightbox.packed.js Show response
riftv.net/wp-content/themes/sahifa/js/ 78 KB
23 KB 98ms
98ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Wed, 22 Jan 2020 11:03:01 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 intersectionobserver-polyfill.min.js Show response
riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 51ms
51ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 20:32:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 lazy-images.min.js Show response
riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
1 KB 62ms
61ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 09 Apr 2021 20:32:41 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/ 3 KB
1 KB 21ms
15ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/comment-reply.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.7/wp-includes/js/ 1 KB
694 B 20ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7/wp-includes/js/wp-embed.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 search.js Show response
riftv.net/wp-content/themes/sahifa/js/ 15 KB
3 KB 74ms
74ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/js/search.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Sat, 10 Jan 2015 17:13:04 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 postmessage.min.js Show response
c0.wp.com/p/jetpack/9.6/_inc/build/ 6 KB
3 KB 19ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/_inc/build/postmessage.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

672e29b030b9b17c9cc70beb24af4c41eaf8ce9a0491c655ab9a1c88ab287021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 jquery.jetpack-resize.min.js Show response
c0.wp.com/p/jetpack/9.6/_inc/build/ 3 KB
1023 B 19ms
17ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/_inc/build/jquery.jetpack-resize.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

265c34f4c62e6423e270cecb0c422b735dfb0f18cea04c2ac343b6f22106661e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 queuehandler.min.js Show response
c0.wp.com/p/jetpack/9.6/_inc/build/likes/ 6 KB
2 KB 20ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/_inc/build/likes/queuehandler.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ed9451e768c2d762d3d158e05ebed9bd87cdbf6aeb885b3c55e25e8c909ec6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 float-left-right.js Show response
riftv.net/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/ 2 KB
728 B 75ms
75ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/float-left-right.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 6f39a51cbd3417ed486fbda716dd7d465043816e86b1602858e120106b522a41

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Fri, 01 Jan 2021 23:03:37 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/9.6/_inc/build/sharedaddy/ 12 KB
3 KB 18ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 16:25:48 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Sun, 10 Apr 2022 12:05:25 GMT

GET
H2 200 e-202114.js Show response
stats.wp.com/ 9 KB
3 KB 19ms
19ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202114.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 27 Mar 2022 23:55:36 GMT

GET
H2 200 wp-emoji-release.min.js Show response
riftv.net/wp-includes/js/ 14 KB
4 KB 79ms
79ms Script
application/javascript 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: br
last-modified: Wed, 03 Feb 2021 22:29:11 GMT
server: o2switch-PowerBoost-v3
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ 29 KB
9 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:24 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref: Ref A: 8D94EC1B4B8E4AC99F42DD3F4244BD81 Ref B: FRAEDGE1416 Ref C: 2021-04-10T12:05:25Z
etag: "0c77652ec27d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8885

GET
H2 200 5an5bh4hes Show response
www.clarity.ms/tag/ 866 B
1015 B 121ms
121ms Script
application/x-javascript 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/5an5bh4hes
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: f7eb62aed12355683de9dacb77eb5967283e92c58485bcf275d54b18ae033f71

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0hZRxYAAAAADK3PtAQ7tKQqAl7YQ3hOx6TE9OMjFFREdFMTUxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1

GET
H2 200 body-bg14.png
riftv.net/wp-content/themes/sahifa/images/patterns/ 9 KB
9 KB 118ms
116ms Image
image/png 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riftv.net/wp-content/themes/sahifa/images/patterns/body-bg14.png
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: ba28785b1df012b9e66f0e3e6e9000c1a8eb5b7471f3f5341c3e75cccfcc35bc

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Sat, 08 Sep 2012 12:31:22 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 8860
content-type: image/png

GET
H2 200 fontawesome-webfont.woff2
riftv.net/wp-content/themes/sahifa/fonts/fontawesome/ 70 KB
70 KB 111ms
111ms Font
font/woff2 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://riftv.net
Referer: https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Fri, 13 May 2016 08:44:26 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 71896
content-type: font/woff2

GET
H3-Q050 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://riftv.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
age: 93708
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H2 200 home.png
riftv.net/wp-content/themes/sahifa/images/ 1022 B
1 KB 129ms
128ms Image
image/png 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riftv.net/wp-content/themes/sahifa/images/home.png
Requested by: Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

Referer: https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Sat, 31 Jan 2015 13:15:38 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 1022
content-type: image/png

GET
H2 200 BebasNeue-webfont.woff
riftv.net/wp-content/themes/sahifa/fonts/BebasNeue/ 20 KB
20 KB 127ms
127ms Font
font/woff 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://riftv.net/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by: Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

Origin: https://riftv.net
Referer: https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Sat, 14 Feb 2015 20:13:40 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 19996
content-type: font/woff

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 34ms
34ms Script
application/x-javascript 2a03:2880:f053:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f053:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45464451933351fc02cfdb29b86e221f650c48d217ae187748d908a2a0900e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jU0/BHJ8SytGv7fN3828aA==
cross-origin-resource-policy: cross-origin
expires: Sat, 10 Apr 2021 12:07:37 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: bj0TvA95Mc+0Ua/YOAQtmiLC2qtsKtihw4GMpnMZOJtxxMbI6+AiFy5l3rdSDNl/j1LreZqvw4co1Bv2Wj6OzA==
x-fb-trip-id: 1679558926
x-fb-content-md5: 69b1acc95ce1bf4c268d07773f60cd7a
date: Sat, 10 Apr 2021 12:05:25 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "1dad86472f3ccfd368e953e0ce1392dc"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 / Show response
jetpack.wordpress.com/jetpack-comment/ Frame D839 28 KB
9 KB 296ms
295ms Document
text/html 192.0.78.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.33 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

060c3a6fec48233d2bbcede9aa22702e00ae75b19be4f4311697a1d1ebfa9865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: jetpack.wordpress.com
:scheme: https
:path: /jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

server: nginx
date: Sat, 10 Apr 2021 12:05:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: gzip
x-ac: 4.ams _dfw
strict-transport-security: max-age=15552000

GET
H2 200 stripe.png
riftv.net/wp-content/themes/sahifa/images/ 93 B
223 B 100ms
100ms Image
image/png 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riftv.net/wp-content/themes/sahifa/images/stripe.png
Requested by: Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS: dinde.o2switch.net
Software: o2switch-PowerBoost-v3 /
Resource Hash: 23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Referer: https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Sat, 08 Sep 2012 12:24:44 GMT
server: o2switch-PowerBoost-v3
accept-ranges: bytes
content-length: 93
content-type: image/png

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Origin: https://riftv.net
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/ 220 KB
82 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=riftv.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b87470bc66e7f23461d8bd68544f5121de03a222b3b15c16856680a7e12d1f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83997
x-xss-protection: 0
server: cafe
etag: 7180967950194097686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Apr 2021 12:05:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame E254 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210406/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmvYN3OBG1O2nAFj356DNVHSJ2jiP_K6CF0-OB_3YYQzeksHKWaCELxiStFb9M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Apr 2021 14:15:42 GMT
expires: Fri, 23 Apr 2021 14:15:42 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 78583
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186817945-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 986
date: Sat, 10 Apr 2021 11:48:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Sat, 10 Apr 2021 13:48:59 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 275 KB
90 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=a1a3017674846fb0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 07:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 188657
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92401
x-xss-protection: 0
expires: Fri, 08 Apr 2022 07:41:08 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=a1a3017674846fb0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 07:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 188657
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Fri, 08 Apr 2022 07:41:08 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=a1a3017674846fb0b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 2880
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
expires: Sat, 10 Apr 2021 12:07:25 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 209 KB
62 KB 31ms
31ms Script
application/x-javascript 2a03:2880:f053:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=f523f1c166af06a840804944e8c7f5bd&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f053:f:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bcc5ba176249db2c878c30034b5b0e6a868efc98f149395fd81ef814605fc05c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://riftv.net
Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Qn2hJMHE5NypmOoQr79tmQ==
cross-origin-resource-policy: cross-origin
expires: Sun, 10 Apr 2022 10:47:31 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62969
x-fb-rlafr: 0
x-fb-debug: LCgehCq/yUKfwy1VwL4H1BnZ9QHSode6vyQOoC16yL3+ydBgud/FaLXvj917YZg0ninQuSSXkno87poK1Xt41w==
x-fb-trip-id: 1679558926
x-fb-content-md5: 34b502f7ac6d6a3026b6167cb6cf1008
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 10 Apr 2021 12:05:25 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8b7a0bce9b6eeb56b230301f75396a5a"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 master.html Show response
widgets.wp.com/likes/ Frame 514E 3 KB
1 KB 270ms
269ms Document
text/html 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.wp.com/likes/master.html?ver=202114
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 3737b9545ee44941fe97194d2b912493c5985ed768b2e80148f2c9c4837131cc

Request headers

:method: GET
:authority: widgets.wp.com
:scheme: https
:path: /likes/master.html?ver=202114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

server: nginx
date: Sat, 10 Apr 2021 12:05:25 GMT
content-type: text/html
last-modified: Tue, 16 Mar 2021 23:50:17 GMT
vary: Accept-Encoding
etag: W/"60514439-a6a"
content-encoding: gzip
x-ac: 4.ams _dfw
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT ams 1

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 22ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6&blog=187526598&post=6874&tz=0&srv=riftv.net&host=riftv.net&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&fcp=1538&rand=0.630125529712207
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 6874.html Show response
riftv.net/ 6 KB
6 KB 1157ms
1156ms XHR
application/json 109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL

https://riftv.net/6874.html?relatedposts=1

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6/_inc/build/related-posts/related-posts.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.234.162.107 , France, ASN50474 (O2SWITCH, FR),

Reverse DNS

dinde.o2switch.net

Software

o2switch-PowerBoost-v3 / PHP/7.4.16

Resource Hash

f1546a046e1858997abd918a7a060f8ab233a227d3d5224ba654ac4e0c2f5d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with: XMLHttpRequest

Response headers

date: Sat, 10 Apr 2021 12:05:28 GMT
x-content-type-options: nosniff
server: o2switch-PowerBoost-v3
x-powered-by: PHP/7.4.16
x-pingback: https://riftv.net/xmlrpc.php
content-type: application/json; charset=utf-8

GET
H2 200 / Show response
graph.facebook.com/ 244 B
364 B 63ms
63ms Script
text/javascript 2a03:2880:f053:11:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Friftv.net%2F6874.html

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6/_inc/build/sharedaddy/sharing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f053:11:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0354a743b5668576065ecf7ff2d12d05ac6733f636f0fa64fccb9db2b52978e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003604919
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 183
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ZzKo489oZZU7CD0CqLU4vcOQ/P+jCLd07+SaGKhAKPkScVcT3Kn3BX+gG3z2VuULBhYVyz4ZIh+a88zdVlD/Wg==
x-fb-trace-id: GiCrc49cjGn
date: Sat, 10 Apr 2021 12:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: ADBQzrrU_kffsLSWjJbFa5F
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 20ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.9187984723035509
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.10/ 45 KB
19 KB 103ms
102ms Script
application/javascript 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/5an5bh4hes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: br
etag: "1d72c83154636e0"
last-modified: Thu, 08 Apr 2021 14:25:54 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0hZRxYAAAAABcNOwQ4z10TIabwURrGqeSTE9OMjFFREdFMTUxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=F24F0A16DF964D4CADADAD6FC522E746&RedC=c.clarity.ms&MXFR=3B566AFB9B0468C40FD47AEE9F04666A
https://c.clarity.ms/c.gif?CtsSyncId=F24F0A16DF964D4CADADAD6FC522E746&MUID=3B42E084012963CC2BFFF09100426255

42 B
158 B

32ms
31ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=F24F0A16DF964D4CADADAD6FC522E746&MUID=3B42E084012963CC2BFFF09100426255
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:25 GMT
last-modified: Tue, 23 Feb 2021 19:11:50 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "506f5bd17ad71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:24 GMT
x-msedge-ref: Ref A: 5ADD7C1601CD4C3392CACB562F64540E Ref B: FRAEDGE1416 Ref C: 2021-04-10T12:05:25Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=F24F0A16DF964D4CADADAD6FC522E746&MUID=3B42E084012963CC2BFFF09100426255
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
extreme-ip-lookup.com/json/ 386 B
533 B 20ms
19ms XHR
application/json 37.48.65.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://extreme-ip-lookup.com/json/
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.48.65.182 Vinkeveen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: ba68aba7d0bb29ff7c5ec6e88c0d947845b32f0c424288787750d2e7b4fb64f6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 10 Apr 2021 11:59:29 GMT
cache-control: max-age=3600
server: nginx
access-control-allow-headers: *
content-length: 386
content-type: application/json; charset=utf-8;

GET
H2 204 0
bat.bing.com/action/ 0
189 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17550016&Ver=2&mid=7aafb969-a473-4817-a1b6-48623de6dc14&sid=08c46cf099f511ebb0d03bdee40d9513&vid=08c49bf099f511eb949539cae127accb&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=%D8%B1%D9%88%D8%B3%D9%8A%D8%A7%20%D8%AA%D8%AE%D8%B7%D8%B7%20%D9%84%D8%AD%D8%B6%D9%88%D8%B1%20%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%D9%8A%20%D8%A8%D9%86%D8%B5%D9%81%20%D8%B3%D8%B9%D8%A9%20%D8%A7%D9%84%D9%85%D9%84%D8%A7%D8%B9%D8%A8%20%D9%88%D8%A7%D9%84%D8%AF%D9%86%D9%85%D8%A7%D8%B1%D9%83%20%D8%AA%D8%B3%D9%85%D8%AD%20%D8%A8%D9%8011%20%D8%A3%D9%84%D9%81%D8%A7%D9%8B%20%D9%81%D9%8A%20%D9%83%D8%A3%D8%B3%20%D8%A3%D9%85%D9%85%20%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7%20%7C%20RIFTV&p=https%3A%2F%2Friftv.net%2F6874.html&r=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&lt=1780&evt=pageLoad&msclkid=N&sv=1&rn=27288
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 10 Apr 2021 12:05:24 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 89EC01F70BD34FC5B91823F87C164439 Ref B: FRAEDGE1416 Ref C: 2021-04-10T12:05:25Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-4786732530380180 Show response
fundingchoicesmessages.google.com/i/ 83 KB
31 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4786732530380180?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=riftv.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

614d1875cc87d0dc2cc94d61348a280821f1953e278648e4b1a9263efde1319c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2qYljPWHhX+nqRoGPYpjLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-2qYljPWHhX+nqRoGPYpjLQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-2qYljPWHhX+nqRoGPYpjLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-2qYljPWHhX+nqRoGPYpjLQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1616682242304340700.jpg
i0.wp.com/riftv.net/wp-content/uploads/2021/03/ 17 KB
18 KB 48ms
48ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/riftv.net/wp-content/uploads/2021/03/1616682242304340700.jpg?resize=480%2C268&ssl=1

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d44b51597d658d0bc1309de428d6e6c75e44cb6cf7caaf9877f1402c4e2b0797

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS ams 3
date: Sat, 10 Apr 2021 12:05:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Apr 2021 12:05:25 GMT
server: nginx
etag: "584f29fc0767455b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://riftv.net/wp-content/uploads/2021/03/1616682242304340700.jpg>; rel="canonical"
content-length: 17762
expires: Tue, 11 Apr 2023 00:05:25 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
81 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=762496064&t=pageview&_s=1&dl=https%3A%2F%2Friftv.net%2F6874.html&ul=en-us&de=UTF-8&dt=%D8%B1%D9%88%D8%B3%D9%8A%D8%A7%20%D8%AA%D8%AE%D8%B7%D8%B7%20%D9%84%D8%AD%D8%B6%D9%88%D8%B1%20%D8%AC%D9%85%D8%A7%D9%87%D9%8A%D8%B1%D9%8A%20%D8%A8%D9%86%D8%B5%D9%81%20%D8%B3%D8%B9%D8%A9%20%D8%A7%D9%84%D9%85%D9%84%D8%A7%D8%B9%D8%A8%20%D9%88%D8%A7%D9%84%D8%AF%D9%86%D9%85%D8%A7%D8%B1%D9%83%20%D8%AA%D8%B3%D9%85%D8%AD%20%D8%A8%D9%8011%20%D8%A3%D9%84%D9%81%D8%A7%D9%8B%20%D9%81%D9%8A%20%D9%83%D8%A3%D8%B3%20%D8%A3%D9%85%D9%85%20%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7%20%7C%20RIFTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACUABBAAAAC~&jid=1761606398&gjid=589086157&cid=990642254.1618056326&tid=UA-186817945-1&_gid=912128471.1618056326&_r=1&did=dZTNiMT&gtm=2ou3v0&z=775704335

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://riftv.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2

200

admin-ajax.php Show response
riftv.net/wp-admin/
Redirect Chain

https://riftv.net/wp-admin/admin-ajax.php
https://riftv.net/wp-admin/admin-ajax.php

1 KB
725 B

890ms
889ms

XHR
text/html

109.234.162.107
O2SWITCH

General

Check archive.org

Show headers Download Go to

Full URL

https://riftv.net/wp-admin/admin-ajax.php

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

109.234.162.107 , France, ASN50474 (O2SWITCH, FR),

Reverse DNS

dinde.o2switch.net

Software

o2switch-PowerBoost-v3 / PHP/7.4.16

Resource Hash

f2d4142bec96dcd299d31600ace0f041d949e963b2b3514554529c93ea999a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://riftv.net/6874.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:28 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
server: o2switch-PowerBoost-v3
x-powered-by: PHP/7.4.16
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://riftv.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

location: https://riftv.net/wp-admin/admin-ajax.php
date: Sat, 10 Apr 2021 12:05:27 GMT
cache-control: private, max-age=0, no-cache
server: o2switch-PowerBoost-v3
content-type: text/html; charset=utf-8
expires: Mon, 01 Jan 2000 01:01:42 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 179 KB
62 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d96ef88e00064317393fdc155b8e716435b273c45350be6cbb36835c289f280d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "6427100822216740265"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 10 Apr 2021 12:05:25 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 208943
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 208943
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1512
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
37 B 6ms
5ms Image
text/plain 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
37 B 6ms
6ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: riftv.net
URL: https://riftv.net/6874.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:25 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-186817945-1&cid=990642254.1618056326&jid=1761606398&gjid=589086157&_gid=912128471.1618056326&_u=IGBACUAABAAAAC~&z=1994152826

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Apr 2021 12:05:25 GMT
content-type: text/plain
access-control-allow-origin: https://riftv.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 69ms
68ms Fetch
text/plain 2a03:2880:f153:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=464488616916650&input_token&origin=1&redirect_uri=https%3A%2F%2Friftv.net%2F6874.html&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js?hash=f523f1c166af06a840804944e8c7f5bd&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f153:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XqsZxVTqTGMpdFlaCX7RlBQwQ9fnws8tEgdZ2HgW7Bz2RGvH9j1UtxFcFD/YtaneZNgzCb3ZzLFGp2lfy1AqBA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 10 Apr 2021 12:05:25 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://riftv.net
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 59ms
44ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-186817945-1&cid=990642254.1618056326&jid=1761606398&_u=IGBACUAABAAAAC~&z=425627033

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-186817945-1&cid=990642254.1618056326&jid=1761606398&_u=IGBACUAABAAAAC~&z=425627033

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame D839 116 KB
38 KB 78ms
76ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyFzUsKgDAMBNALGUsRFBfiWfxESWlTTVvU21vBhTtXAzMPRh0bTJ4jclQmKOdHsggpoAxr7oB48aUJhcqOeLJpxvBAsyeU643SEf8icLTKEPGLP89iI2zizytvvet0rZtKV3XTmhuZOjuR
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: d6c7e1525f67594789b962fc678ef9d3afa0416fd762ff4277388cfbd9334bd2

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 21:48:08 GMT
server: nginx
etag: W/"60663f98-1cf93"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Fri, 01 Apr 2022 21:48:12 GMT

GET
H2 200 style-rtl.css
s0.wp.com/wp-content/mu-plugins/highlander-comments/rtl/ Frame D839 19 KB
3 KB 18ms
17ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/rtl/style-rtl.css?m=1522184747h&cssminify=yes
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: adaa124e240c4f5777ba8cb1e77f0a86c39cbfb14bb784bb1346caf359b80b8a

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
etag: W/"5abab2a4-5d66"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Thu, 03 Feb 2022 04:36:25 GMT

GET
H2 200 rtl.css
s0.wp.com/wp-content/themes/pub/twentyten/ Frame D839 3 KB
1020 B 18ms
17ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/themes/pub/twentyten/rtl.css?m=1610459589
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 6b4ac4cfed0a2cd4d18e4a3c26b3516259eef6be0beecbd178aa137a28fc26f5

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
etag: W/"5ffdb1ea-11d8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Wed, 12 Jan 2022 14:28:03 GMT

GET
H2 200 ad516503a11cd5ca435acc9bb6523536
1.gravatar.com/avatar/ Frame D839 556 B
610 B 6ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ae82e42491a7de3c5d3df779e9600e5191708025e8c46102ccfa7026df735d64

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Sat, 10 Apr 2021 12:05:26 GMT
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="ad516503a11cd5ca435acc9bb6523536.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25>; rel="canonical"
content-length: 556
expires: Sat, 10 Apr 2021 12:10:26 GMT

GET
H2 200 gprofiles.js Show response
0.gravatar.com/js/ Frame D839 23 KB
7 KB 6ms
5ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/js/gprofiles.js?ver=202114y
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 15:50:36 GMT
server: nginx
etag: W/"5e8609cc-5dea"
content-type: application/javascript
cache-control: max-age=604800
expires: Sat, 17 Apr 2021 12:05:26 GMT

GET
H2 200 wpgroho.js Show response
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/ Frame D839 868 B
469 B 24ms
23ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 9a90398fe43db7f3effe146858ff7f8c16d1402a2d28090223edd0c50da27087

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
etag: W/"5ffc31a9-465"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Tue, 11 Jan 2022 11:08:28 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame D839 42 KB
11 KB 54ms
53ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1573483029j
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 4a82bed4d069950b1f5e43cdfb5b107eee29ee9e60b6363543b3f3ee58e0f558

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:37:22 GMT
server: nginx
etag: W/"5dc97222-a830"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Wed, 10 Nov 2021 14:37:26 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame D839 46 KB
12 KB 47ms
46ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJyFjt0OwiAMRl9IqFPjz4XxUQwbdZYBQwou+vT2Qi+Mybxqm37ntDAl1Y2xYCzgGNLIJSCz6VE7XsD31t0q5se7aIp3wulvzGFJphtURqbnjzVUlXztKTJ4GpBBoIpXE63HPBM2NlBUrckQDBfM0qmS5Q5/IIqdr1aM8pGMGFq0WqA56UAcsKi1XsJZeLiMOUj+FI7Ntlk1h91+s3Mv59hxSg==
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: b465b9a0b1f996d176c94cf0fcea5c782a5c69453f797f48e3b6afdb8a344dd5

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Mon, 01 Feb 2021 16:44:18 GMT
server: nginx
etag: W/"60182fe2-b93b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Wed, 23 Mar 2022 14:38:44 GMT

GET
H2 200 wp-emoji-release.min.js Show response
s0.wp.com/wp-includes/js/ Frame D839 14 KB
5 KB 47ms
46ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1612197847h&ver=5.7.1-RC1-50691
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
etag: W/"60182fe2-3795"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Fri, 08 Apr 2022 09:06:04 GMT

POST
H3-Q050 204 AGSKWxWME6qNW7oICBGPHgZC1A0tANsgEcGP2SmiueIcZioH1T-2kt652vk96T4XBz4yg7wgScdF08I3qQjptAvbBQ== Show response
fundingchoicesmessages.google.com/l/ 0
830 B 52ms
19ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWME6qNW7oICBGPHgZC1A0tANsgEcGP2SmiueIcZioH1T-2kt652vk96T4XBz4yg7wgScdF08I3qQjptAvbBQ==?pvid=43F55A97-5A11-4C85-8AB3-381263E1483E&anonid=5D3DCDFB-6042-493B-A94F-C2BFD3AB516F

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.YUjkjesoJec.es5.O/d=1/ct=zgms/rs=AJlcJMxjDkCu6KolvhcrdnEDiAADzy6X-Q/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-21wbWqJCAvg9L+WteAhipQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-21wbWqJCAvg9L+WteAhipQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://riftv.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-21wbWqJCAvg9L+WteAhipQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-21wbWqJCAvg9L+WteAhipQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxVAORckSi_EZGKcbarN0m59Phnc3-IgDnmQg3VTsqPaRYLW1bLDYAG-exl5xHS8Xj2L6NxC7w2xLCDKCXyRmQ== Show response
fundingchoicesmessages.google.com/f/ 57 KB
23 KB 68ms
54ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAORckSi_EZGKcbarN0m59Phnc3-IgDnmQg3VTsqPaRYLW1bLDYAG-exl5xHS8Xj2L6NxC7w2xLCDKCXyRmQ==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE4MDU2MzI2LDI3MDAwMDAwXSwiNDNGNTVBOTctNUExMS00Qzg1LThBQjMtMzgxMjYzRTE0ODNFIiwiNUQzRENERkItNjA0Mi00OTNCLUE5NEYtQzJCRkQzQUI1MTZGIixudWxsLFtudWxsLFs3XV1d

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6c18c43b0c0dee2deb26a16671c45969de2490d422e664519dce00eb3282234

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d58+gH8B0bE5GeuFun8F9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-d58+gH8B0bE5GeuFun8F9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-d58+gH8B0bE5GeuFun8F9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-d58+gH8B0bE5GeuFun8F9w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
255 B 60ms
59ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=riftv.net&callback=_gfp_s_&client=ca-pub-4786732530380180

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

d217e062e2bd8147718c543ba687e96b6aedd2f17fc479f4a71c4cdc3c8b990b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=riftv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=riftv.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 39ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Friftv.net%2F6874.html&tn=DIV&cls=background-cover&ign=false

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A75 7 KB
1 KB 58ms
58ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1618056326&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Friftv.net%2F6874.html&ea=0&flash=0&pra=5&wgl=1&dt=1618056325649&bpp=15&bdt=442&idt=165&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6937763730546&frm=20&pv=2&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4ab071d28d44b01ddf0011a635da335dac0adc840e820aee5f08b8e36b5936f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1618056326&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Friftv.net%2F6874.html&ea=0&flash=0&pra=5&wgl=1&dt=1618056325649&bpp=15&bdt=442&idt=165&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6937763730546&frm=20&pv=2&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=392
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 866
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 12:20:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0411 405 B
372 B 124ms
123ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=200&slotname=8558532162&adk=2944558080&adf=2036783278&pi=t.ma~as.8558532162&w=800&lmt=1618056326&tp=site_kit&psa=0&format=800x200&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=2&bdt=442&idt=224&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nnUWMFlHFW&p=https%3A//riftv.net&dtd=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dee9be0840b9ad3852a82474d4f151ff6d1206f28560a0fa4ad90cc10df18cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=200&slotname=8558532162&adk=2944558080&adf=2036783278&pi=t.ma~as.8558532162&w=800&lmt=1618056326&tp=site_kit&psa=0&format=800x200&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=2&bdt=442&idt=224&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=295&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=nnUWMFlHFW&p=https%3A//riftv.net&dtd=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 12:20:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BEE 405 B
375 B 98ms
98ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=100&slotname=8558532162&adk=3504691208&adf=2830473785&pi=t.ma~as.8558532162&w=720&lmt=1618056326&tp=site_kit&psa=0&format=720x100&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=1&bdt=442&idt=262&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=440&ady=403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=38nlsdWMMs&p=https%3A//riftv.net&dtd=404

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a7bcbc78f60fdf43941e9b6280a9af1eb9058c7bddcfa1f0f4ea71f9ec53383

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=100&slotname=8558532162&adk=3504691208&adf=2830473785&pi=t.ma~as.8558532162&w=720&lmt=1618056326&tp=site_kit&psa=0&format=720x100&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=1&bdt=442&idt=262&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=440&ady=403&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=38nlsdWMMs&p=https%3A//riftv.net&dtd=404
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 12:20:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F26 405 B
374 B 72ms
72ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=165&slotname=5932368824&adk=324297041&adf=2668279105&pi=t.ma~as.5932368824&w=660&fwrn=4&lmt=1618056326&rafmt=11&tp=site_kit&psa=0&format=660x165&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=1&bdt=442&idt=286&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bSvBd5r2Qy&p=https%3A//riftv.net&dtd=409

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f2985e97a6d4c902ab86bd3005e6972da9bcc75662e426272f1c1a01542b000

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=165&slotname=5932368824&adk=324297041&adf=2668279105&pi=t.ma~as.5932368824&w=660&fwrn=4&lmt=1618056326&rafmt=11&tp=site_kit&psa=0&format=660x165&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325649&bpp=1&bdt=442&idt=286&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=bSvBd5r2Qy&p=https%3A//riftv.net&dtd=409
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 12:20:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988871915048"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28262
x-xss-protection: 0
expires: Sat, 10 Apr 2021 12:05:26 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 397D 405 B
371 B 76ms
76ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=165&slotname=5932368824&adk=324297041&adf=2932858234&pi=t.ma~as.5932368824&w=660&fwrn=4&lmt=1618056326&rafmt=11&tp=site_kit&psa=0&format=660x165&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325650&bpp=1&bdt=444&idt=417&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=2478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=HpmL7JdZ1I&p=https%3A//riftv.net&dtd=421

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e85caec82dc230afc883f5a22472775a31888def74121b32597951652bd66496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=165&slotname=5932368824&adk=324297041&adf=2932858234&pi=t.ma~as.5932368824&w=660&fwrn=4&lmt=1618056326&rafmt=11&tp=site_kit&psa=0&format=660x165&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325650&bpp=1&bdt=444&idt=417&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=302&ady=2478&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=HpmL7JdZ1I&p=https%3A//riftv.net&dtd=421
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 12:20:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4BC 405 B
371 B 85ms
84ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=100&slotname=8558532162&adk=3504691208&adf=823027770&pi=t.ma~as.8558532162&w=720&lmt=1618056326&tp=site_kit&psa=0&format=720x100&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325651&bpp=1&bdt=444&idt=441&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=440&ady=3446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AWY1B3NEJD&p=https%3A//riftv.net&dtd=444

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d608c49107628801921760522ffe01318e493e70da2d92954127ead74f293f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=100&slotname=8558532162&adk=3504691208&adf=823027770&pi=t.ma~as.8558532162&w=720&lmt=1618056326&tp=site_kit&psa=0&format=720x100&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325651&bpp=1&bdt=444&idt=441&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=440&ady=3446&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=AWY1B3NEJD&p=https%3A//riftv.net&dtd=444
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 10-Apr-2021 12:20:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1179 15 KB
7 KB 146ms
146ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1f37398b9205c00eb9457e1df6a19834d3871de0803eb2d877f0b61df5d12a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 7109
x-xss-protection: 0
set-cookie: IDE=AHWqTUn3udWKxpZi9KkGxN_ImFfQuUwSqvfcn6rTsKgDJapigkoVjxcWX3n_c-57Ng8; expires=Thu, 05-May-2022 12:05:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
777 B 42ms
28ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=riftv.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
531 B 43ms
29ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=riftv.net

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6AD 405 B
413 B 139ms
139ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=3782158868&adf=3906736861&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=462&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100%2C160x600&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LazL6DkuWx&p=https%3A//riftv.net&dtd=465

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91ad22bec844e2424ea783fc03ef53a4e954e5d94759f2515a50c157182d71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=3782158868&adf=3906736861&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=462&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100%2C160x600&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=118&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&fsb=1&xpc=LazL6DkuWx&p=https%3A//riftv.net&dtd=465
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 10 Apr 2021 12:05:26 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUmbQ-2TxHT5L-_exhXE9SLfNADry8tMu1SLZk7tVVgQq7UDxZ9oVKo7ff2c95g; expires=Thu, 05-May-2022 12:05:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: private

GET
H2 200 / Show response
s0.wp.com/_static/ Frame 514E 114 KB
29 KB 63ms
63ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/jed/jed.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js,/wp-content/js/rlt-proxy.js?m=20210317
Requested by: Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202114
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 8b8c5d5416df54da07faeab6bf039f652735cca2e2ed4b6e8842b55368520d01

Request headers

Referer: https://widgets.wp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 21:39:27 GMT
server: nginx
etag: W/"6051258f-1c97b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Wed, 16 Mar 2022 21:49:05 GMT

POST
H3-Q050 204 AGSKWxX0vH5ltAltRORy9w7R9uPbws0QPH6jWu4LI2x78OPy1s0Es-B7j0-iPQCzE9bkbBMosCj53yGS9uNfKsxel4JKTt_AaK8mDA4uuW8oSE7lDLG14GF9hwXSlfRkZgtaxl3auUqDMWJpHXOY8ruJGxl06ZXYK3irENsx8yW3ixANw0eujL_a54Vsxjs= Show response
fundingchoicesmessages.google.com/l/ 0
514 B 21ms
21ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxX0vH5ltAltRORy9w7R9uPbws0QPH6jWu4LI2x78OPy1s0Es-B7j0-iPQCzE9bkbBMosCj53yGS9uNfKsxel4JKTt_AaK8mDA4uuW8oSE7lDLG14GF9hwXSlfRkZgtaxl3auUqDMWJpHXOY8ruJGxl06ZXYK3irENsx8yW3ixANw0eujL_a54Vsxjs=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.8adm0E1XrxM.es5.O/d=1/ct=zgms/rs=AJlcJMz_PNTojAtUOiBMQtxgEvhOt_BwZg/m=iabccpawebsignalscript

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vk7kqvsP2bDsm1sCTlmrMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Vk7kqvsP2bDsm1sCTlmrMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://riftv.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Vk7kqvsP2bDsm1sCTlmrMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Vk7kqvsP2bDsm1sCTlmrMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxX0vH5ltAltRORy9w7R9uPbws0QPH6jWu4LI2x78OPy1s0Es-B7j0-iPQCzE9bkbBMosCj53yGS9uNfKsxel4JKTt_AaK8mDA4uuW8oSE7lDLG14GF9hwXSlfRkZgtaxl3auUqDMWJpHXOY8ruJGxl06ZXYK3irENsx8yW3ixANw0eujL_a54Vsxjs= Show response
fundingchoicesmessages.google.com/l/ 0
336 B 22ms
21ms XHR
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-joQ9HOkVBYn85yVyzu96Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-joQ9HOkVBYn85yVyzu96Rg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://riftv.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-joQ9HOkVBYn85yVyzu96Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-joQ9HOkVBYn85yVyzu96Rg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxX86UIfx3q3kzooTIA4ytFDN4PwYXu_KpFVgUnaAWaUz5vr8Bwt4XgLtahCiKN3-Gk-nsPTKpkZlsRhUsjpNBJOMf8igMFSxlh3-iuI3BKLOEnxC3veULR95uly0sXB8BOY5lJrZ5UZKFXSIAHQAqBs1oEgl-Eupi_6YaLqKvRzAux3D3oJmIVF5fw= Show response
fundingchoicesmessages.google.com/f/ 63 KB
24 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX86UIfx3q3kzooTIA4ytFDN4PwYXu_KpFVgUnaAWaUz5vr8Bwt4XgLtahCiKN3-Gk-nsPTKpkZlsRhUsjpNBJOMf8igMFSxlh3-iuI3BKLOEnxC3veULR95uly0sXB8BOY5lJrZ5UZKFXSIAHQAqBs1oEgl-Eupi_6YaLqKvRzAux3D3oJmIVF5fw=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE4MDU2MzI2LDE2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXV0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0385981c59a265215a741fc661ac87994884f4883ef283d774b3f55b69d40ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bwP+bRyjV2he6XBu61V1cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bwP+bRyjV2he6XBu61V1cQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-bwP+bRyjV2he6XBu61V1cQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bwP+bRyjV2he6XBu61V1cQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
public-api.wordpress.com/connect/ Frame 5DD4 2 KB
947 B 211ms
211ms Document
text/html 192.0.78.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/connect/?googleplus-sign-in=https%3A%2F%2Fjetpack.wordpress.com&color_scheme=light

Requested by

Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=187526598&postid=6874&comment_registration=0&require_name_email=1&stc_enabled=0&stb_enabled=0&show_avatars=1&avatar_default=mystery&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=ary&jetpack_version=9.6&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=81ead947d75168bd5777e5225718b846b179c6f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.23 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6574c03ef34c869d4a560674a171cfdeceb77589d59b7d073a95eebdb733a827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: public-api.wordpress.com
:scheme: https
:path: /connect/?googleplus-sign-in=https%3A%2F%2Fjetpack.wordpress.com&color_scheme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://jetpack.wordpress.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://jetpack.wordpress.com/

Response headers

server: nginx
date: Sat, 10 Apr 2021 12:05:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
content-encoding: gzip
x-ac: 2.ams _dfw
strict-transport-security: max-age=15552000

GET
H2 200 button-back.gif
s0.wp.com/wp-content/mu-plugins/highlander-comments/images/ Frame D839 1 KB
1 KB 16ms
16ms Image
image/gif 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/images/button-back.gif
Requested by: Host: s0.wp.com
URL: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/rtl/style-rtl.css?m=1522184747h&cssminify=yes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35

Request headers

Referer: https://s0.wp.com/wp-content/mu-plugins/highlander-comments/rtl/style-rtl.css?m=1522184747h&cssminify=yes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
x-ac: 4.ams _dfw
last-modified: Sat, 31 Dec 2016 05:45:43 GMT
server: nginx
etag: "58674607-4d0"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 1232
expires: Thu, 03 Feb 2022 04:33:12 GMT

GET
H2 200 / Show response
public-api.wordpress.com/wp-admin/rest-proxy/ Frame 0463 8 KB
3 KB 152ms
152ms Document
text/html 192.0.78.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/wp-admin/rest-proxy/

Requested by

Host: s0.wp.com
URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/jed/jed.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js,/wp-content/js/rlt-proxy.js?m=20210317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.23 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d1a44cca98246c0470f23e07e9a137911363cb0a47c40f9975ccb51a2ee9c4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: public-api.wordpress.com
:scheme: https
:path: /wp-admin/rest-proxy/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.wp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.wp.com/

Response headers

server: nginx
date: Sat, 10 Apr 2021 12:05:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
set-cookie: wp_api=+; expires=Fri, 10-Apr-2020 12:05:26 GMT; Max-Age=0; path=/wp-admin/rest-proxy/; domain=public-api.wordpress.com; secure; SameSite=None wp_api_sec=+; expires=Fri, 10-Apr-2020 12:05:26 GMT; Max-Age=0; path=/; domain=public-api.wordpress.com; secure; HttpOnly; SameSite=None
content-encoding: gzip
x-ac: 2.ams _dfw
strict-transport-security: max-age=15552000

GET
H2 200 hovercard.min.css
0.gravatar.com/dist/css/ Frame D839 8 KB
2 KB 6ms
5ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/dist/css/hovercard.min.css?ver=202114y
Requested by: Host: 0.gravatar.com
URL: https://0.gravatar.com/js/gprofiles.js?ver=202114y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 15:57:10 GMT
server: nginx
etag: W/"5fac09d6-1e86"
content-type: text/css
cache-control: max-age=604800
expires: Sat, 17 Apr 2021 12:05:26 GMT

GET
H2 200 services.min.css
0.gravatar.com/dist/css/ Frame D839 3 KB
550 B 6ms
6ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/dist/css/services.min.css?ver=202114y
Requested by: Host: 0.gravatar.com
URL: https://0.gravatar.com/js/gprofiles.js?ver=202114y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
cache-control: max-age=604800
expires: Sat, 17 Apr 2021 12:05:26 GMT

GET
H/1.1 200
OK google
de1-bid.adsrvr.org/bid/feedback/ Frame 1179 807 B
1 KB 74ms
24ms Image
image/gif 76.223.26.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=1cd101d0-1749-4541-b89f-a3ab47bcf960&crid=30v7ebq5&wp=YHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw&aid=1&wpc=USD&sfe=12a91486&puid=CAESEMZjPti-EM0yWETP2PTLIwQ&tdid=&pid=xnw5wf7&ag=18izhwm&adv=jh293ro&sig=1ewO14ZqQwb16ysX7pfoN-2bCjCMrjU6HIHmgib9uN_k.&bp=0.142811409203&cf=1043467&fq=0&td_s=riftv.net&rcats=&mcat=&mste=&mfld=2&mssi=None&mfsi=ao7c8g7415&uhow=158&agsa=&rgco=Germany&rgre=&rgme=&rgci=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=ar&mlang=&svpid=pub-4786732530380180&did=&rcxt=Other&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&mdl=Chrome%20-%20Windows&c=OAFQAYABAA..&dur=&durs=UJSBm-&crrelr=&pcm=1&grdc=CAEYASABKAFAAUgC&said=YHGUhgAC1sAIu8k6lwJ36A%3D%3D&auct=2&im=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
server: Kestrel
transfer-encoding: chunked
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: must-revalidate, no-cache
connection: close
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 1179 27 KB
9 KB 155ms
29ms Script
text/javascript 54.230.183.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_30v7ebq5&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-89.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: b0371dd591fbb606206cb73eac81211a618bf60d20b6a4d5c3119fd3e78c72e9

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 05:59:52 GMT
content-encoding: gzip
server: nginx
age: 21934
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 10c4b217f06a5ef1c22d0afa78f63d92.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: CC27mDaqP_Zj6qM2ARDs9BnI31i0JPkbNIy_mRqJUiWgjOaNBPlJuA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 1179 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 12:04:14 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1179 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617988883687958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36710
x-xss-protection: 0
expires: Sat, 10 Apr 2021 12:05:26 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 1179 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Apr 2021 12:03:34 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 1179 0
0 16ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzpw-Na72CAT3IflV90g4aKMsjjOhmtDKbg-veG2K36HMg6mcGaAWSWdnGSNgBtJr5fqah6Xox4OUceesxsY_tDI-W_w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1179 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmBLAhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEsgFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqGy7o17X9w22E4VfrC1oIhMDgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwBshcYChYSFHB1Yi00Nzg2NzMyNTMwMzgwMTgw&sigh=pPeE6OU249Q&tpd=AGWhJmvKVh_gPkyQqcoJetb872_SdtKRpB5HyQJHl3X0Da0WmQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 10 Apr 2021 12:05:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK arl38b4ubw1v Show response
ad.ad-srv.net/zone/ Frame 1179 11 KB
4 KB 97ms
32ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/arl38b4ubw1v?subid=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D1cd101d0-1749-4541-b89f-a3ab47bcf960%26ag%3D18izhwm%26sfe%3D12a91486%26sig%3Dqzh02GDldJibbi5tnrW4arzZIh3Rdu8bgazBY73XN5A.%26crid%3D30v7ebq5%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Driftv.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Dao7c8g7415%26sv%3Dgoogle%26uhow%3D158%26agsa%3D%26wp%3DYHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4786732530380180%26rlangs%3Dar%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAYABAA..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-4786732530380180%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYHGUhgAC1sAIu8k6lwJ36A%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCJFSNhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEtQFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqC65r8wRQeTHuWxJLbp5p6y4vv9DgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3XGzfPirJ4DPtdmkauGe1PKmbPvw%2526client%253Dca-pub-4786732530380180%2526adurl%253D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: cef58b7fd89897df2a1758470623de13b8a933e598dcafd638559642f1dd180e

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 12:05:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3626
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 googleplus-sign-in.js Show response
s0.wp.com/wp-content/js/ Frame 5DD4 11 KB
4 KB 16ms
16ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/googleplus-sign-in.js?m=1551752381h
Requested by: Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/connect/?googleplus-sign-in=https%3A%2F%2Fjetpack.wordpress.com&color_scheme=light
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 83f49a60c7b81bab4b8b2ffd154c069fdde45e0ec303ce85ede59495844f919a

Request headers

Referer: https://public-api.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
etag: W/"5c7ddce7-4290"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Fri, 04 Mar 2022 02:20:30 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame 0463 22 KB
5 KB 20ms
19ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/rlt-proxy.js?m=20210316
Requested by: Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/wp-admin/rest-proxy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 15514b26b2548f8ff4520fd08fd8d2b7007a1a34461429baa32daac08d916f16

Request headers

Referer: https://public-api.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 17:39:21 GMT
server: nginx
etag: W/"6050ed49-5765"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Wed, 16 Mar 2022 17:39:26 GMT

GET
H/1.1

200
OK

request.php Show response
ad20.ad-srv.net/ Frame 1179
Redirect Chain

https://ad20.ad-srv.net/request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
https://ad20.ad-srv.net/request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...

2 KB
1 KB

107ms
52ms

Script
application/x-javascript

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D1cd101d0-1749-4541-b89f-a3ab47bcf960%26ag%3D18izhwm%26sfe%3D12a91486%26sig%3Dqzh02GDldJibbi5tnrW4arzZIh3Rdu8bgazBY73XN5A.%26crid%3D30v7ebq5%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Driftv.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Dao7c8g7415%26sv%3Dgoogle%26uhow%3D158%26agsa%3D%26wp%3DYHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4786732530380180%26rlangs%3Dar%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAYABAA..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-4786732530380180%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYHGUhgAC1sAIu8k6lwJ36A%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCJFSNhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEtQFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqC65r8wRQeTHuWxJLbp5p6y4vv9DgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3XGzfPirJ4DPtdmkauGe1PKmbPvw%2526client%253Dca-pub-4786732530380180%2526adurl%253D&documentReferer=https%3A%2F%2Friftv.net%2F&ancestorOrigins=https%3A%2F%2Friftv.net&random=9245748685502&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=600&slotname=8558532162&adk=2890641935&adf=3417979923&pi=t.ma~as.8558532162&w=160&lmt=1618056326&tp=site_kit&psa=0&format=160x600&url=https%3A%2F%2Friftv.net%2F6874.html&flash=0&wgl=1&dt=1618056325652&bpp=1&bdt=445&idt=453&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C800x200%2C720x100%2C660x165%2C660x165%2C720x100&nras=1&correlator=6937763730546&frm=20&pv=1&ga_vid=990642254.1618056326&ga_sid=1618056326&ga_hid=762496064&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1323&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C31060047%2C44739387&oid=3&pvsid=2040739200470787&ref=https%3A%2F%2Friftv.net%2F%3Ftierand%3D1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=TjhCPbw0i8&p=https%3A//riftv.net&dtd=457
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 2e38e51f8c6ae7d9e4ae4c12ca3c23c864615fc5580e6c2c3d8d7e3dd845cf52

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 12:05:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 48861800092615900003105011560020
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 718
Expires: Sat, 10 Apr 2021 13:05:26 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 12:05:26 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D1cd101d0-1749-4541-b89f-a3ab47bcf960%26ag%3D18izhwm%26sfe%3D12a91486%26sig%3Dqzh02GDldJibbi5tnrW4arzZIh3Rdu8bgazBY73XN5A.%26crid%3D30v7ebq5%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Driftv.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Dao7c8g7415%26sv%3Dgoogle%26uhow%3D158%26agsa%3D%26wp%3DYHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4786732530380180%26rlangs%3Dar%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAYABAA..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-4786732530380180%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYHGUhgAC1sAIu8k6lwJ36A%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCJFSNhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEtQFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqC65r8wRQeTHuWxJLbp5p6y4vv9DgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3XGzfPirJ4DPtdmkauGe1PKmbPvw%2526client%253Dca-pub-4786732530380180%2526adurl%253D&documentReferer=https%3A%2F%2Friftv.net%2F&ancestorOrigins=https%3A%2F%2Friftv.net&random=9245748685502&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sat, 10 Apr 2021 13:05:26 +0200

GET
H2 200 batch Show response
public-api.wordpress.com/rest/v1/ Frame 0463 547 B
375 B 242ms
242ms XHR
application/json 192.0.78.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/rest/v1/batch?http_envelope=1&urls[]=/me&urls[]=/sites/187526598/posts/6874/likes&urls[]=/sites/187526598/posts/6874/reblogs/mine

Requested by

Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/wp-admin/rest-proxy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.23 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

381e5b092749ead3791c9f54da77db4be509205bd0c119cb9c466e0236951d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public-api.wordpress.com/wp-admin/rest-proxy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-hacker: Oh, Awesome: Opossum
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, must-revalidate, max-age=0
x-ac: 2.ams _dfw
strict-transport-security: max-age=15552000
host-header: WordPress.com
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

onepixel.gif Show response
tracking.mlsat02.de/ Frame B07E
Redirect Chain

https://www.awin1.com/cshow.php?s=2419055&v=11430&q=366416&r=473322&pref1=48861800092615900003105011560020
https://creative.mlsat02.de/telekom/aff/ads_media.php?b=1&pvfn=1&dlid=2055&partnerid=473322&zanpid=11430_473322_1618056326_&cachebuster=1618056326&awv=11430_473322_1618056326_09500b11-99f5-11eb-b80...
https://ebs08.telekom.de/affiliates/view.php?network=B1049&mlid=pv-MzI0NTA3MjY7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MTgwNTYzMjZfMDk1MDBiMTEtOTlmNS0xMWViLWI4MDYtNjkyZDAyNz...
https://tracking.mlsat02.de/onepixel.gif

43 B
129 B

35ms
34ms

Document
image/gif

51.178.130.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.mlsat02.de/onepixel.gif
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D1cd101d0-1749-4541-b89f-a3ab47bcf960%26ag%3D18izhwm%26sfe%3D12a91486%26sig%3Dqzh02GDldJibbi5tnrW4arzZIh3Rdu8bgazBY73XN5A.%26crid%3D30v7ebq5%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Driftv.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Dao7c8g7415%26sv%3Dgoogle%26uhow%3D158%26agsa%3D%26wp%3DYHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4786732530380180%26rlangs%3Dar%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAYABAA..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-4786732530380180%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYHGUhgAC1sAIu8k6lwJ36A%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCJFSNhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEtQFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqC65r8wRQeTHuWxJLbp5p6y4vv9DgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3XGzfPirJ4DPtdmkauGe1PKmbPvw%2526client%253Dca-pub-4786732530380180%2526adurl%253D&documentReferer=https%3A%2F%2Friftv.net%2F&ancestorOrigins=https%3A%2F%2Friftv.net&random=9245748685502&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.130.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3169999.ip-51-178-130.eu
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

:method: GET
:authority: tracking.mlsat02.de
:scheme: https
:path: /onepixel.gif
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

server: nginx
date: Sat, 10 Apr 2021 12:05:27 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

Date: Sat, 10 Apr 2021 12:05:26 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
P3P: CP="NOI CUR OUR STP"
Location: https://tracking.mlsat02.de/onepixel.gif
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Content-Length: 20
Content-Type: text/html; charset=utf-8
Set-Cookie: viewvpnr=MetaPeople|pv-MzI0NTA3MjY7OTA4Y2JhZGI3MjQ5NzFjYzkwMTJjZWQ3NjcyNzZjYzg7MTE0MzBfNDczMzIyXzE2MTgwNTYzMjZfMDk1MDBiMTEtOTlmNS0xMWViLWI4MDYtNjkyZDAyNzJjZTQwOw..|VB1049|59814|59814|1-1105148698||4001780; Expires=Tue, 13 Apr 2021 12:05:27 GMT; Path=/; Domain=.telekom.de; Secure; SameSite=None
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK request_content.php Show response
ad20.ad-srv.net/ Frame F5CE 2 KB
1 KB 86ms
27ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request.php?zone=arl38b4ubw1v&nw=11&renderingType=javascript&namespace=2d3381ce84&subid=&uid=74b1100c2c3a9495&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D1cd101d0-1749-4541-b89f-a3ab47bcf960%26ag%3D18izhwm%26sfe%3D12a91486%26sig%3Dqzh02GDldJibbi5tnrW4arzZIh3Rdu8bgazBY73XN5A.%26crid%3D30v7ebq5%26cf%3D1043467%26fq%3D0%26t%3D1%26td_s%3Driftv.net%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D2%26mssi%3DNone%26mfsi%3Dao7c8g7415%26sv%3Dgoogle%26uhow%3D158%26agsa%3D%26wp%3DYHGUhgAB_iUK5VxDAAt88O-NZnhP2XK_GziRuw%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-4786732530380180%26rlangs%3Dar%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAYABAA..%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D%26svscid%3Dpub-4786732530380180%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYHGUhgAC1sAIu8k6lwJ36A%253D%253D%26auct%3D2%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253Dl%2526ai%253DCJFSNhpRxYKX8B8O4lQfw-a3AD92V5bdcloKgjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi00Nzg2NzMyNTMwMzgwMTgwoAHahvPoA8gBCagDAaoEtQFP0PQyjDVamNw9sxooMAbNxYwdofKddZquKjnsfSdeWSTVVPM0mHAlfgw6SqxNfyB8tSfKRUqGhFJh41B8ZVO_Jz_sClPFa23ipxOo0j97Dt-OvmBLIf9B8Sg0XTTTyTYC9Ly0JItNLZgNtRK7a5LxRbX-jDv5xekzfpMA6m15_lRwLPv_aOlgQa90qsvh1Qgovr3smhLIDtW4-JufFQ6tqC65r8wRQeTHuWxJLbp5p6y4vv9DgAbUpcPShYaZyxWgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwBuAwB%2526num%253D1%2526sig%253DAOD64_3XGzfPirJ4DPtdmkauGe1PKmbPvw%2526client%253Dca-pub-4786732530380180%2526adurl%253D&documentReferer=https%3A%2F%2Friftv.net%2F&ancestorOrigins=https%3A%2F%2Friftv.net&random=9245748685502&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: a6dad40ecc8e304954459611f43bd1f37fe71c8ffaf40e3e9e39aa8409710997

Request headers

Host: ad20.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: pwzdy6wsn8n7_uid=5e1b09e3412a4b70
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Sat, 10 Apr 2021 12:05:26 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 10 Apr 2021 13:05:26 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1002
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CAE9 1 KB
864 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Apr 2021 16:59:40 GMT
expires: Sat, 10 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 68746
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1179 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 982de30b274c177d9d27b0545660192d34bfffb1e0ee3681d0cf2440a0508479

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame CAE9 35 B
463 B 26ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIWG081564U3FlnuOr1H1c&google_cver=1&google_push=AQvitUIjobMVLY1fjLIztogvzsgcsEeSeHSXqL_nyKg9zWCkYWs9FEQZOuY_nOoaPrI5lKe-JOK1_6aF_kpJN0cKjHllYvXGhSN9

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CAE9
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUKgNtjCSJ1BJiwai_B-7A8Hzx1P7LXwMQvrl_VYVN46MwjHLEOT4wKSagls6Cl0VUzGVfrp0gF5nuKAJ9ZD_dDZ3sluA5aB&google_gid=CAESEImAqmDdT896-mhKf0vJ6Lc&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIapxoMGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVLZ050akNTSjFCSml3YWlfQi03QThIengxUDdMWHdNUXZybF9WWVZONDZNd2pITEVPVDR3S1NhZ2xzNkNsMFZVekdWZnJwMGdGNW51S0FKOV...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXBDeE8temIzdkJIRGFNZkg3RE4xbDhkRVRNTVAwa3FMUVpqVGU5MWoyVQ==&google_push

170 B
224 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXBDeE8temIzdkJIRGFNZkg3RE4xbDhkRVRNTVAwa3FMUVpqVGU5MWoyVQ==&google_push

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Apr 2021 12:05:26 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwRXBDeE8temIzdkJIRGFNZkg3RE4xbDhkRVRNTVAwa3FMUVpqVGU5MWoyVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CAE9
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIXiNvM...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIXiNvM...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTAxMjA1Mjc1NDI2OTIwNDYyMzg5Mw%3D%3D&google_push=AQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FG...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTAxMjA1Mjc1NDI2OTIwNDYyMzg5Mw%3D%3D&google_push=AQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FG...

170 B
213 B

38ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTAxMjA1Mjc1NDI2OTIwNDYyMzg5Mw%3D%3D&google_push=AQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FGAFa4jeeRqr_DAznYiSNHU5761IE4g&google_tc=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MTAxMjA1Mjc1NDI2OTIwNDYyMzg5Mw%3D%3D&google_push=AQvitUIXiNvMw85opO7biXMfeCwXL-rsiTjEU6nL-NeoI50GvLd48AYkb4Ak7JbDNI_9FGAFa4jeeRqr_DAznYiSNHU5761IE4g&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CAE9
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESELEK46406FgaYLUpA0fxUFY&google_cver=1&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM
https://rtb.openx.net/sync/dds?google_gid=CAESELEK46406FgaYLUpA0fxUFY&google_cver=1&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM&google_hm=4nMnPMhkyWw0EsZwaXgFZw==

170 B
190 B

34ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM&google_hm=4nMnPMhkyWw0EsZwaXgFZw==

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKQzyt6ug3CgzT0JWyx2QdzU-EOZt0h7vQGY_el2mNLEBR1FTeJvwiVstft0tTbQLebl7C7AxvqYodIKG3dltKuzyeYToM&google_hm=4nMnPMhkyWw0EsZwaXgFZw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: vdml3acm60guqvv8m12ji8kps7p3mr52

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CAE9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j-MG15QjRTawi9M7Z_zsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j-MG15QjRTawi9M7Z_zsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIvtjJyejf9utx66Bn-tIhRn4GZ99-d2JBoyIizazDTPjQtiiwfv1Y0e24PwtmgoRpurGjgEGpW9B7_hIAeOkRSI4L-vmGs

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j-MG15QjRTawi9M7Z_zsog%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIvtjJyejf9utx66Bn-tIhRn4GZ99-d2JBoyIizazDTPjQtiiwfv1Y0e24PwtmgoRpurGjgEGpW9B7_hIAeOkRSI4L-vmGs
Date: Sat, 10 Apr 2021 12:05:25 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CAE9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJjlvRc8zpuG1v047kBhetc&google_cver=1&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05CT1lLM0gtMVAtRFgyVA==&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQewGwuOeTETewwIKyVSDBL3s9P4
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05CT1lLM0gtMVAtRFgyVA==&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQewGwuOeTETewwIKyVSDBL3s9P4&...

170 B
190 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05CT1lLM0gtMVAtRFgyVA==&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQewGwuOeTETewwIKyVSDBL3s9P4&google_tc=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05CT1lLM0gtMVAtRFgyVA==&google_push=AQvitUKalveFZ0Kc4KRxJ6qeCszbw3wcSqJIs3mn4EWyylVcpOlubHtNqPGpURVMI6-6IDcZFQewGwuOeTETewwIKyVSDBL3s9P4&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 416
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame CAE9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHGUhi0HiZQQO87fhBedlgAABIgAAAAB&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_cver=1&google_push=AQvitUK4zHO1p3bebc128PNXYHkBUN_MbYg3V...

170 B
190 B

37ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHGUhi0HiZQQO87fhBedlgAABIgAAAAB&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_cver=1&google_push=AQvitUK4zHO1p3bebc128PNXYHkBUN_MbYg3VLZk5nyjYptO-6qmZw3vUsUISpzJTFX5mT6fGYGoZnSgObQdKQKbDE6PAV1cmkPx

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Apr 2021 12:05:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHGUhi0HiZQQO87fhBedlgAABIgAAAAB&google_gid=CAESEKtccH3AJzf6iO668Xhsk0o&google_cver=1&google_push=AQvitUK4zHO1p3bebc128PNXYHkBUN_MbYg3VLZk5nyjYptO-6qmZw3vUsUISpzJTFX5mT6fGYGoZnSgObQdKQKbDE6PAV1cmkPx
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Sat, 10 Apr 2021 12:05:26 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CAE9 0
50 B 33ms
31ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JT5cStuRBEjnxtUTEM241h2BMse787lXM2RvWTNCGVBs8GTn_Ipg1v_fXGL9davRBaIx0P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:26 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 / Show response
widgets.wp.com/likes/ Frame C77B 126 B
157 B 16ms
16ms Document
text/html 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.wp.com/likes/
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 6c79541d416470cf6276c0fe3e41528c51c823d125a45a1678355897fe9f3dc3

Request headers

:method: GET
:authority: widgets.wp.com
:scheme: https
:path: /likes/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

server: nginx
date: Sat, 10 Apr 2021 12:05:26 GMT
content-type: text/html
content-length: 126
last-modified: Sat, 23 Dec 2017 00:24:47 GMT
etag: "5a3da24f-7e"
x-ac: 4.ams _dfw
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT ams 1
accept-ranges: bytes

GET
H2

200

/ Show response
track.adform.net/adfscript/ Frame F5CE
Redirect Chain

https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=30417981&partnerid=473322&page=http://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2417248&p=https%3A%2F%2Fa...
https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=...

1 KB
1 KB

90ms
29ms

Script
text/javascript

37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2417248&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpw4zf6gu5e5632v%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__

Requested by

Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0f72b261b626abc96e38055fdf21c0b3344073c9f5db816117b49bad9822cbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 826
expires: -1

Redirect headers

location: https://track.adform.net/adfscript/?bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2417248&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpw4zf6gu5e5632v%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__
pragma: no-cache
date: Sat, 10 Apr 2021 12:05:26 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F5CE 0
0 53ms
49ms Image
text/html 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2417248&v=11430&q=361931&r=473322
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame F5CE 0
150 B 81ms
27ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=48861800092615900003105011560020&a=b528b03b&vb=m
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 12:05:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 style.css
widgets.wp.com/likes/ Frame C77B 4 KB
1 KB 16ms
16ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.wp.com/likes/style.css
Requested by: Host: widgets.wp.com
URL: https://widgets.wp.com/likes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f8291c2dfd40b03e80064b0606e575b596426592287554a2a985f70430f8a230

Request headers

Referer: https://widgets.wp.com/likes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
etag: W/"5a3da259-12d7"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-ac: 4.ams _dfw
timing-allow-origin: *
expires: Thu, 03 Feb 2022 04:33:04 GMT

GET
H2 404 ary.json Show response
widgets.wp.com/languages/ Frame 514E 0
49 B 16ms
16ms XHR
text/html 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.wp.com/languages/ary.json?ver=202114
Requested by: Host: s0.wp.com
URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/jed/jed.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js,/wp-content/js/rlt-proxy.js?m=20210317
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.wp.com/likes/master.html?ver=202114
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-ac: 4.ams _dfw
timing-allow-origin: *

GET
H2 200 1617297711152395800.jpg
i2.wp.com/riftv.net/wp-content/uploads/2021/04/ 9 KB
9 KB 45ms
43ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/riftv.net/wp-content/uploads/2021/04/1617297711152395800.jpg?fit=480%2C268&ssl=1&resize=350%2C200

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

cd0e21ec46b120197b137257c2a715501d7e538d193e2ad799cdffaa8d38b17b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS ams 2
date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Apr 2021 12:05:26 GMT
server: nginx
etag: "a9502b0730a8fb4d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://riftv.net/wp-content/uploads/2021/04/1617297711152395800.jpg>; rel="canonical"
content-length: 8846
expires: Tue, 11 Apr 2023 00:05:26 GMT

GET
H2 200 1614957669198437700.jpg
i1.wp.com/riftv.net/wp-content/uploads/2021/03/ 16 KB
16 KB 42ms
40ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/riftv.net/wp-content/uploads/2021/03/1614957669198437700.jpg?fit=480%2C254&ssl=1&resize=350%2C200

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ba4e08f6f8104f8735e3532cb7882c9272829c5f4d16028271309e8207ad52a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS ams 1
date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Apr 2021 12:05:26 GMT
server: nginx
etag: "49346f9b14049076"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://riftv.net/wp-content/uploads/2021/03/1614957669198437700.jpg>; rel="canonical"
content-length: 16242
expires: Tue, 11 Apr 2023 00:05:26 GMT

GET
H2 200 default-featured-image.jpg
i2.wp.com/riftv.net/wp-content/uploads/2021/01/ 4 KB
4 KB 18ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/riftv.net/wp-content/uploads/2021/01/default-featured-image.jpg?fit=480%2C254&ssl=1&resize=350%2C200

Requested by

Host: riftv.net
URL: https://riftv.net/6874.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

4afe2f23ff7fd35fb473b9ed093a5389c3ddab07e0ed36f3608d87b4e49d4169

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 8
date: Sat, 10 Apr 2021 12:05:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 22:17:26 GMT
server: nginx
etag: "a6e90d3fe7668809"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://riftv.net/wp-content/uploads/2021/01/default-featured-image.jpg>; rel="canonical"
content-length: 3822
expires: Sun, 09 Apr 2023 10:17:26 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://riftv.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
age: 93709
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
expires: Sat, 09 Apr 2022 10:03:37 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/622/s1.adform.net/ Frame F5CE 35 KB
16 KB 111ms
50ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Requested by: Host: tracking.mlsat02.de
URL: https://tracking.mlsat02.de/telekom/aff/ads.php?t=skript&dlid=2055&bn=30417981&partnerid=473322&page=http://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2417248&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpw4zf6gu5e5632v%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 11 Apr 2021 15:24:31 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame F5CE 7 KB
3 KB 31ms
31ms Script
text/javascript 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=30417981;extVars=468753|1|affiliate%20postview;trackpixel=https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=__ADFCREID__&tg=__ADFBANGROUP1__&ckurl=1;crdrvar=page;crdrurl=https://www.awin1.com/awclick.php?mid=11430&id=473322&gid=361931&linkid=2417248&p=https%3A%2F%2Fad20.ad-srv.net%2Fc%2Fpw4zf6gu5e5632v%3Ftprd%3Dhttps%3A%2F%2Ftracking.mlsat02.de%2Ftelekom%2Faff%2Fads.php%3Fdlid%3D2055%26c%3D1&tg=__ADFBANGROUP1__;js=1;adfxid=1x;8380;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Friftv.net

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4b90ce99b44e7ec1b86997ce59f879f3d93bd0e32c6922a1ce4e536d8af2065e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2569
expires: -1

GET
H/1.1 200
OK 908cbadb724971cc9012ced767276cc8
aaa.artefact.com/trck/eview/ Frame F5CE 0
1 KB 171ms
55ms Image
text/html 51.68.117.182
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaa.artefact.com/trck/eview/908cbadb724971cc9012ced767276cc8?ext_publisher_id=473322&b=1&no=1&ctid=44250774&tg=Triple%20Play&ckurl=1
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.68.117.182 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PHP/7.2.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 12:05:27 GMT
Content-Encoding: gzip
X-Powered-By: PHP/7.2.26
X-IPLB-Instance: 36560
Transfer-Encoding: chunked
Pragma: no-cache
Server: nginx
X-IPLB-Request-ID: B9D4AB43:245A_334475B6:01BB_60719487_1EF771C:21FB0
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame F5CE 90 KB
39 KB 35ms
35ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 09:15:30 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sun, 11 Apr 2021 15:35:16 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame F5CE 35 B
469 B 29ms
29ms Other
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=30417981&csi=nvHl-QeBIxwC7XPNsuG3lBWtLxO1n_N8oY3GZW0g-YnrygPkIxxfk9SyIZQkBhNfjAJG0Nr8AUt2piou-sfyu96vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad20.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 9458076.js Show response
s1.adform.net/Banners/Elements/Files/14736/9458076/ Frame 75AF 31 KB
12 KB 37ms
37ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/9458076.js?ADFassetID=9458076&bv=514

Requested by

Host: riftv.net
URL: https://riftv.net/?tierand=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fbc6843702510c2af36bcb361bf9dce136957a68a5c634411f4af81c0c979d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 07:52:19 GMT
server: nginx
etag: W/"6062d8b3-7a8e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 75AF 30 KB
13 KB 31ms
31ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=622
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Oct 2020 12:11:56 GMT
server: nginx
etag: W/"5f84480c-78ab"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 bg.jpg
s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/ Frame 75AF 4 KB
4 KB 32ms
31ms Image
image/jpeg 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/bg.jpg

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

58126b76b0f793069c855bb15af960250a6356b2b69a615f02c95e20c15d7dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Tue, 30 Mar 2021 07:52:14 GMT
server: nginx
etag: "6062d8ae-f27"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 3879

GET
H2 200 160x600_Dreiklang_TV_1.png
s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/ Frame 75AF 30 KB
30 KB 34ms
33ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/160x600_Dreiklang_TV_1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c130abd7632fa9d0e67bdbdf56a32a5b97ecde211270c6446ed7a3ed3cdb46e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Tue, 30 Mar 2021 07:52:19 GMT
server: nginx
etag: "6062d8b3-78b5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 30901

GET
H2 200 streak1.png
s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/ Frame 75AF 256 B
552 B 38ms
37ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/streak1.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e6ee5ff6ef94fb0e86e634324eebf22fc024f09b0ee97131d05d56c908eff299

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Tue, 30 Mar 2021 07:52:14 GMT
server: nginx
etag: "6062d8ae-100"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 256

GET
H2 200 streak1_2_2.png
s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/ Frame 75AF 253 B
549 B 39ms
38ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/streak1_2_2.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c2f64843f34cb34e72227a897079de47b8fe042f90158ff071bc21d412e2705f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Tue, 30 Mar 2021 07:52:14 GMT
server: nginx
etag: "6062d8ae-fd"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 253

GET
H2 200 streak3.png
s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/ Frame 75AF 226 B
522 B 39ms
38ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/streak3.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8c28bf3471f93d5c34d32a918210370c27900d11e11b774a26400a1625235066

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Tue, 30 Mar 2021 07:52:19 GMT
server: nginx
etag: "6062d8b3-e2"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 226

GET
H2 200 streak4.png
s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/ Frame 75AF 223 B
519 B 29ms
28ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/streak4.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4c1d79ec50cbbc56b931ae4590ad7a24269859c11e88426e9a43e739df105bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Tue, 30 Mar 2021 07:52:14 GMT
server: nginx
etag: "6062d8ae-df"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 223

GET
H2 200 TVNOW.png
s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/ Frame 75AF 634 B
930 B 29ms
29ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/14736/9458076/bvpath_514/TVNOW.png

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/load/v/0.0.204/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3e77f534599d4ff9ac4ab5d5af3f9edabed85d75e736ec2358840a316ef3eb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
last-modified: Tue, 30 Mar 2021 07:52:14 GMT
server: nginx
etag: "6062d8ae-27a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 634

GET
H/1.1 200
OK TeleNeoWeb-ExtraBold.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 75AF 43 KB
43 KB 140ms
39ms Font
application/font-woff 52.218.20.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-ExtraBold.woff
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.20.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9

Request headers

Origin: https://ad20.ad-srv.net
Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 12:05:28 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:49 GMT
Server: AmazonS3
x-amz-request-id: 6811E79G47ETQHAD
ETag: "d7f0b1ef39025154e8517b4aa705d0bc"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43544
x-amz-id-2: FikT0E6OzRZvi59PyHkcFoWYAGNQGZRwZ84KhQVfgMIQvUmYGH7BwQU3G8zdlLJLUH4lfq/q6lM=

GET
H/1.1 200
OK TeleNeoWeb-Regular.woff
rechtstexte.s3.amazonaws.com/files/TeleNeo/ Frame 75AF 42 KB
43 KB 145ms
41ms Font
application/font-woff 52.218.20.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rechtstexte.s3.amazonaws.com/files/TeleNeo/TeleNeoWeb-Regular.woff
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.20.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03

Request headers

Origin: https://ad20.ad-srv.net
Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 12:05:28 GMT
Last-Modified: Thu, 18 Jun 2020 07:55:53 GMT
Server: AmazonS3
x-amz-request-id: 6811RFVQ48710VEA
ETag: "41b43bece8523c4d26acc3b30d11019f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 43468
x-amz-id-2: Sbic7zHSxR9ShaOy8yfV9WopRaDUIQ4M/TcegreuNJa7MEpd5A2k7jW/A25PextDztLwYGy+OoI=

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 18ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92032f09226b1444ad03467d93c50741965f74cb15c8645f00688468b664e581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6557
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 12:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 10 Apr 2021 12:05:27 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame BF0D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://riftv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://riftv.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 10 Apr 2021 09:56:44 GMT
expires: Sun, 10 Apr 2022 09:56:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7723
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js Show response
pagead2.googlesyndication.com/bg/ Frame BF0D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 11:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 3401
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sun, 10 Apr 2022 11:08:46 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1179 42 B
89 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucB6qA0DKdPfqKarplL1QpPGZDz-tYSZxoIeMrJ-yY--dHDIbai0g61-mjnuUSK1WBhaDwmb8yZbUZ0n249NL-iDnBrdJ1&sig=Cg0ArKJSzDOq457oWo3FEAE&cid=CAASF-RossW5s6NsGIA5E6qU7VghitWx8LlZ&id=osdim&mcvt=1011&p=0,1323,600,1483&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2890641935&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618056326110&dlt=172&rpt=32&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=2040739200470787&bg=!DQ6lDkrNAAY56aLOOek7ACkAdvg8WrizGZ4qlVwbCg3zySE9ATRkVwnfvxTdmOsx6Fuyz4uAGNtK-gIAAABMUgAAAAtoAQcKAFO-0a4D4uvPqVEYOnsuCJDvgqFIKTsMjbaW1p4ZIh1EfMtPbUu8UjeM0BqwiEDyJzVhYIOizBxmK8aT7jgQf5uCw28tKD_S9JNjcOUIbkufS3zw7pkByFzWh6ikqNpM41rbasL4-0qnWlWespKH6WR1wTDOTBmjH-ppbAkznbS8eQywEjCsNQEfwpVeF-9SQxQ4QU0qGcP_1fc6hiZto05v5UN5K47dDQP0cYSC26iiwdWL7X7710nsFP5_AbrGXQF34EpKuwRtnCnTVH5ufxFcr6d8JZViy6skILsHFEyI9YNJWWJyVnKMjbYoPyomzQ04__OP1eAvyVcVRZU5XkoH3XrtgtycXOPP8cZJxTNaD2Z44IO35Cwk-VFWLdVpJ9hQeiMAHk4z3TCPHJrMPZWZ8cQ20UAnYbCE9ocLMnYWG3rbzzeFv3j_1QxgQC6OnYQwHGVTf6mX0BW15WSZQjyeveUT9__ntlxU6ic-fgLCGD_RCNJq_INUulzcn1LwsGIY6y8CF2AXkzHxm-iFeJ3prg8p3Tt7CaVLLgmTu7GpQ3A6ohRC-GcCo2AxdRQfRNjQp4uqI69MdyFHWS2z7upwOrEJ5Gfv3m0h7NSx3TlcIyZdiPnaPk_-rgYSBzsLvoU4JNyKaL0Did8sY2zQIF1R6y2eZbwpcgo9HlgjXnzqFF1UjxC_MoTkSNSN-IR8k29WKVtW3xCUUyy8h8fVMw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad20.ad-srv.net/ Frame F5CE 0
150 B 82ms
28ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad20.ad-srv.net/viewability?s=48861800092615900003105011560020&a=b528b03b&vb=v
Requested by: Host: ad20.ad-srv.net
URL: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad20.ad-srv.net/request_content.php?s=48861800092615900003105011560020&a=5e751475
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Apr 2021 12:05:27 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 1179 6 KB
3 KB 179ms
127ms Script
text/javascript 54.230.183.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_30v7ebq5&w=160&h=600&c=tradedesk01cont1&js=pmw1&base=te-clr1-585ea168-e4b2-4eed-bfa9-673611480ccd&sid=0
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_30v7ebq5&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-91.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 1856378a20d3d7a49cf1847870f4772bb8097c4b897d7a2b47d934f78b6b9d4b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:28 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: HAM50-C3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 2386
x-amz-cf-id: MyovFo2fFfCIkZvi1fo6d9_18gvzoH5ub8CeGCUuPiDSW3icbdz3nw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 1179 38 KB
11 KB 89ms
37ms Script
text/javascript 54.230.183.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_30v7ebq5&w=160&h=600&c=tradedesk01cont1&js=pmw2
Requested by: Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=w7o3m1g_18izhwm_30v7ebq5&c=tradedesk01cont1&js=pmw0&w=160&h=600&sid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-91.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Apr 2021 13:47:53 GMT
content-encoding: gzip
server: nginx
age: 80255
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
via: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: k6o7PX-GkNW6im8vw9HFj1YAkGtfXIjWNydxix8ctaPo6dqTjYsOcg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 1179 43 B
382 B 198ms
146ms Image
image/gif 54.230.183.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_30v7ebq5&w=160&h=600&c=f6ec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.183.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-91.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:28 GMT
via: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: HAM50-C3
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: U4QGgmbonChIlczleifwUkNk1Ldyn7DRmc4PzxcZKGSAzK8vkSSp3g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 1179 287 B
631 B 22ms
22ms Image
image/png 54.230.183.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/get?name=admarker-icon-tr.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.183.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-91.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Mar 2021 21:15:24 GMT
via: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
server: nginx
age: 1867804
x-frame-options: ALLOWALL
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C3
content-length: 287
x-amz-cf-id: K-TILFX7tsR3_xv8CruxH1fjxEEbpUT8VErnGdOKhjV9zdCjqz6WxA==
expires: Sun, 18 Apr 2021 21:15:24 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 3972 287 B
630 B 23ms
23ms Image
image/png 54.230.183.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/get?name=admarker-icon-tr.png

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=w7o3m1g_18izhwm_30v7ebq5&w=160&h=600&c=tradedesk01cont1&js=pmw2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.183.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-91.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Mar 2021 21:15:24 GMT
via: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
server: nginx
age: 1867804
x-frame-options: ALLOWALL
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C3
content-length: 287
x-amz-cf-id: JGBn33xz1Lb1_ic7VlyYm4l4lQbdm0APK4RUSxAUnGBOF9jC5jgMaA==
expires: Sun, 18 Apr 2021 21:15:24 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 3972 739 B
1 KB 23ms
23ms Image
image/png 54.230.183.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/get?name=admarker-full-tr.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.183.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-91.ham50.r.cloudfront.net

Software

nginx /

Resource Hash

093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Mar 2021 23:07:28 GMT
via: 1.1 dea2813e25126efeee924db05c094a40.cloudfront.net (CloudFront)
server: nginx
age: 910680
x-frame-options: ALLOWALL
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: HAM50-C3
content-length: 739
x-amz-cf-id: Ynj-iCVo3Qu_xGpNlSdKOIOBnEVFMWGMtmaupOKtv_GF9AgkYT6kOg==
expires: Thu, 29 Apr 2021 23:07:28 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame F5CE 35 B
469 B 29ms
29ms Other
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5574873224031820028@@30417981,8575121194544812521,100|1194|0|0|0|0|0|0|0||60|1|||||1|0|0|5Idc3j5dy15cPlakbYq96UBRl-64TcWUdV5MoMnUHc9JcI-lt7zgAIm3nyX34Xgm0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:28 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad20.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
156 B 113ms
113ms XHR
text/plain 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.10/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 12:05:28 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://riftv.net
access-control-allow-credentials: true
x-azure-ref: 0iJRxYAAAAACTmyWtgSXeRYlcccxy/ttaTE9OMjFFREdFMTUxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
content-length: 11
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
165 B 167ms
113ms XHR
text/plain 2620:1ec:29::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.10/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:29::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://riftv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 10 Apr 2021 12:05:31 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://riftv.net
access-control-allow-credentials: true
x-azure-ref: 0jJRxYAAAAAAKeDpeKijQRqwY8UdnyU1DTE9OMjFFREdFMTUxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 /
track.adform.net/serving/unload/ Frame F5CE 35 B
469 B 30ms
29ms Other
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5574873224031820028@@30417981,8575121194544812521,100|4693|0|0|0|0|0|0|0||234|1|||||1|0|0|5Idc3j5dy15cPlakbYq96UBRl-64TcWUdV5MoMnUHc9JcI-lt7zgAIm3nyX34Xgm0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/622/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ad20.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 10 Apr 2021 12:05:32 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ad20.ad-srv.net
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.7/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://s0.wp.com/_static/??-eJyFzUsKgDAMBNALGUsRFBfiWfxESWlTTVvU21vBhTtXAzMPRh0bTJ4jclQmKOdHsggpoAxr7oB48aUJhcqOeLJpxvBAsyeU643SEf8icLTKEPGLP89iI2zizytvvet0rZtKV3XTmhuZOjuR(Line 386) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
1.gravatar.com
aaa.artefact.com
ad.ad-srv.net
ad20.ad-srv.net
adservice.google.com
adservice.google.de
bat.bing.com
c.bing.com
c.clarity.ms
c0.wp.com
cdn.ampproject.org
choices.trustarc.com
choices.truste.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creative.mlsat02.de
cse.google.com
de1-bid.adsrvr.org
e.dlx.addthis.com
ebs08.telekom.de
extreme-ip-lookup.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
graph.facebook.com
i0.wp.com
i1.wp.com
i2.wp.com
id.rlcdn.com
image6.pubmatic.com
itsssl.com
jetpack.wordpress.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
public-api.wordpress.com
rechtstexte.s3.amazonaws.com
riftv.net
rtb.openx.net
s0.wp.com
s1.adform.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
track.adform.net
tracking.mlsat02.de
widgets.wp.com
www.awin1.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
zizouit.com
104.111.239.217
109.234.162.107
138.201.135.164
139.99.204.198
142.250.185.194
142.250.186.162
178.63.52.121
184.30.20.241
185.64.189.115
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
192.0.78.23
192.0.78.33
216.58.212.162
2606:4700:3034::ac43:9685
2606:4700::6812:acf
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:29::19
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:400c:c1b::9c
2a03:2880:f053:11:face:b00c:0:2
2a03:2880:f053:f:face:b00c:0:3
2a03:2880:f153:82:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
35.227.252.103
35.244.174.68
37.157.4.24
37.157.5.73
37.48.65.182
51.178.130.209
51.68.117.182
52.142.114.2
52.218.20.169
54.149.220.116
54.230.183.89
54.230.183.91
69.173.144.165
76.223.26.175
80.158.66.20
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0354a743b5668576065ecf7ff2d12d05ac6733f636f0fa64fccb9db2b52978e9
0537669aaa954e27dbb5ed8201e1369547377a96106027ed3bb356048665f672
060c3a6fec48233d2bbcede9aa22702e00ae75b19be4f4311697a1d1ebfa9865
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9
0900bdcff7db451e0212fa06f7005ae84ece8c649502680b89d234844b3462f5
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0adb3d15bc04932d3ecf6dbda46f9d6ca7c530e85ac979da8521e3c7f2309a44
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0dab369eac5fd3a06420395d02d292bc3e3ab0bf62add857c72804fd9f4edd35
0e7946f89321598d97f23ebcaba3a79c64a2d47309dfcd10c80506840dd4fbef
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f72b261b626abc96e38055fdf21c0b3344073c9f5db816117b49bad9822cbab
1066ea9e2eb130d071635999290d29ddbdd63b989968c24558502ea6fb6e38dd
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
139a591d5a410e0cef632d6ed5d0e6e5ee8566ee6e8424ce4be6564885d2a88e
15514b26b2548f8ff4520fd08fd8d2b7007a1a34461429baa32daac08d916f16
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
17dd1970ecb1ac55702903b39850682c08e5480f86ceff81cc3e23c6fb5f8a1a
1856378a20d3d7a49cf1847870f4772bb8097c4b897d7a2b47d934f78b6b9d4b
19d2ad6077a3d0c5d62dc53aafe8c19320ff6d3417d10047bf3961a401b93804
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
1fef7a46a32609d5704fa770e930a73ecefd399e367bf8a2d0b6e18292126bef
2171b2d88a493caaa99a48517d9ae544794d53a617af689a53560cb506bf1ec2
21a9753c3327bf6348a1e76b45a2a620694f77283564c6728068467cf1b3868b
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
265c34f4c62e6423e270cecb0c422b735dfb0f18cea04c2ac343b6f22106661e
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
287f314b8fb0641d8cc175a81e55f99fd27cd504babb7f9e03d86782ec12a4f9
2a7a5a103d7d2d395f95fabbcbce1e975df8fee2226795a2a9880d99a3cf6cbe
2e38e51f8c6ae7d9e4ae4c12ca3c23c864615fc5580e6c2c3d8d7e3dd845cf52
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3737b9545ee44941fe97194d2b912493c5985ed768b2e80148f2c9c4837131cc
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
381e5b092749ead3791c9f54da77db4be509205bd0c119cb9c466e0236951d25
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e77f534599d4ff9ac4ab5d5af3f9edabed85d75e736ec2358840a316ef3eb14
43f36313620dbe5eac12f35b0d0646fbd690982358788d4d3546102e6eca35d7
45464451933351fc02cfdb29b86e221f650c48d217ae187748d908a2a0900e94
4a3dffcac967f4ac5383c60720a8ed58838b13622b3cad8f9f6070fc1ec5b7dc
4a7bcbc78f60fdf43941e9b6280a9af1eb9058c7bddcfa1f0f4ea71f9ec53383
4a82bed4d069950b1f5e43cdfb5b107eee29ee9e60b6363543b3f3ee58e0f558
4afe2f23ff7fd35fb473b9ed093a5389c3ddab07e0ed36f3608d87b4e49d4169
4b90ce99b44e7ec1b86997ce59f879f3d93bd0e32c6922a1ce4e536d8af2065e
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c1d79ec50cbbc56b931ae4590ad7a24269859c11e88426e9a43e739df105bcd
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
58126b76b0f793069c855bb15af960250a6356b2b69a615f02c95e20c15d7dc4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
614d1875cc87d0dc2cc94d61348a280821f1953e278648e4b1a9263efde1319c
6488dfa2efd57445f30050510665ebb17f4345c2c62214f88e408a82154e276e
6574c03ef34c869d4a560674a171cfdeceb77589d59b7d073a95eebdb733a827
672e29b030b9b17c9cc70beb24af4c41eaf8ce9a0491c655ab9a1c88ab287021
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b4ac4cfed0a2cd4d18e4a3c26b3516259eef6be0beecbd178aa137a28fc26f5
6c79541d416470cf6276c0fe3e41528c51c823d125a45a1678355897fe9f3dc3
6d608c49107628801921760522ffe01318e493e70da2d92954127ead74f293f8
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
6f39a51cbd3417ed486fbda716dd7d465043816e86b1602858e120106b522a41
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f1f37398b9205c00eb9457e1df6a19834d3871de0803eb2d877f0b61df5d12a
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f49a60c7b81bab4b8b2ffd154c069fdde45e0ec303ce85ede59495844f919a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
8b8c5d5416df54da07faeab6bf039f652735cca2e2ed4b6e8842b55368520d01
8c28bf3471f93d5c34d32a918210370c27900d11e11b774a26400a1625235066
92032f09226b1444ad03467d93c50741965f74cb15c8645f00688468b664e581
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
982de30b274c177d9d27b0545660192d34bfffb1e0ee3681d0cf2440a0508479
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a90398fe43db7f3effe146858ff7f8c16d1402a2d28090223edd0c50da27087
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b87470bc66e7f23461d8bd68544f5121de03a222b3b15c16856680a7e12d1f9
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9dee9be0840b9ad3852a82474d4f151ff6d1206f28560a0fa4ad90cc10df18cf
9f2985e97a6d4c902ab86bd3005e6972da9bcc75662e426272f1c1a01542b000
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a233cb2f92bee6a54365c5685d29635c38f3c4916a946bd60694fae147320a4b
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a6dad40ecc8e304954459611f43bd1f37fe71c8ffaf40e3e9e39aa8409710997
a91ad22bec844e2424ea783fc03ef53a4e954e5d94759f2515a50c157182d71c
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
adaa124e240c4f5777ba8cb1e77f0a86c39cbfb14bb784bb1346caf359b80b8a
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
ae82e42491a7de3c5d3df779e9600e5191708025e8c46102ccfa7026df735d64
b0371dd591fbb606206cb73eac81211a618bf60d20b6a4d5c3119fd3e78c72e9
b465b9a0b1f996d176c94cf0fcea5c782a5c69453f797f48e3b6afdb8a344dd5
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
ba28785b1df012b9e66f0e3e6e9000c1a8eb5b7471f3f5341c3e75cccfcc35bc
ba4e08f6f8104f8735e3532cb7882c9272829c5f4d16028271309e8207ad52a4
ba68aba7d0bb29ff7c5ec6e88c0d947845b32f0c424288787750d2e7b4fb64f6
bcc5ba176249db2c878c30034b5b0e6a868efc98f149395fd81ef814605fc05c
bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
c12d1114e1bd16813cd098b11947baaac48f2e2869c4de797bc82db21bf978e2
c130abd7632fa9d0e67bdbdf56a32a5b97ecde211270c6446ed7a3ed3cdb46e7
c2f64843f34cb34e72227a897079de47b8fe042f90158ff071bc21d412e2705f
c36315f0037994b0a9cc8ad6d2808fa2bb73e337e8e8d475c4e334315e866808
c4ab071d28d44b01ddf0011a635da335dac0adc840e820aee5f08b8e36b5936f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cc9433903c15a631554b5a893c7c45fa86889623eeb38e950009972007c1a678
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
cd0e21ec46b120197b137257c2a715501d7e538d193e2ad799cdffaa8d38b17b
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cef58b7fd89897df2a1758470623de13b8a933e598dcafd638559642f1dd180e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0385981c59a265215a741fc661ac87994884f4883ef283d774b3f55b69d40ee
d1a44cca98246c0470f23e07e9a137911363cb0a47c40f9975ccb51a2ee9c4c6
d217e062e2bd8147718c543ba687e96b6aedd2f17fc479f4a71c4cdc3c8b990b
d25a37b3070f33f86862bce97206a8f3f403e23ba39c7c8cd8c2f96266f19f03
d2a2ed3e5194416efdec40b3c4660942b3cd0eb34743415e99aa52e9e08f5b3a
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d3759299ce00e3bac2782faf02d6f1962e5c88b04e9682224f5852d0c86b6480
d44b51597d658d0bc1309de428d6e6c75e44cb6cf7caaf9877f1402c4e2b0797
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca
d6c7e1525f67594789b962fc678ef9d3afa0416fd762ff4277388cfbd9334bd2
d96ef88e00064317393fdc155b8e716435b273c45350be6cbb36835c289f280d
d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54c77d5d3a8eab15a332b25b1c55d7f37b9dc22095d0a2c33ed6d2b9806a8ae
e6c18c43b0c0dee2deb26a16671c45969de2490d422e664519dce00eb3282234
e6ee5ff6ef94fb0e86e634324eebf22fc024f09b0ee97131d05d56c908eff299
e85caec82dc230afc883f5a22472775a31888def74121b32597951652bd66496
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1
ed9451e768c2d762d3d158e05ebed9bd87cdbf6aeb885b3c55e25e8c909ec6da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1546a046e1858997abd918a7a060f8ab233a227d3d5224ba654ac4e0c2f5d8c
f2d4142bec96dcd299d31600ace0f041d949e963b2b3514554529c93ea999a44
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f674c4f9da41d83c179941ca7f4137454b6c10649ed41b2fa1e21f873d4bcf92
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7eb62aed12355683de9dacb77eb5967283e92c58485bcf275d54b18ae033f71
f8291c2dfd40b03e80064b0606e575b596426592287554a2a985f70430f8a230
f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a
fa71a7719465686857028151f0405063d04eed9b9a6d129384661bab45c5988d
fbc6843702510c2af36bcb361bf9dce136957a68a5c634411f4af81c0c979d5e
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc

riftv.net Open in urlscan Pro 109.234.162.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

195 Requests

100 %HTTPS

49 %IPv6

40 Domains

64 Subdomains

53 IPs

9 Countries

1544 kBTransfer

4110 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

195 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

riftv.net Open in urlscan Pro
109.234.162.107 Public Scan

Screenshot
Live screenshot

Full Image

195
Requests

100 %
HTTPS

49 %
IPv6

40
Domains

64
Subdomains

53
IPs

9
Countries

1544 kB
Transfer

4110 kB
Size

0
Cookies

195 HTTP transactions
3 data transactions