risu.io Open in urlscan Pro
2606:4700:3108::ac42:2afe Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://risu.io/6yhXT
Effective URL:
https://risu.io/
Submission: On August 23 via api (August 23rd 2023, 8:21:28 pm UTC) from US — Scanned from US

Summary HTTP 432 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 75 IPs in 5 countries across 69 domains to perform 432 HTTP transactions. The main IP is 2606:4700:3108::ac42:2afe, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.

This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 22	2606:4700:310... 2606:4700:3108::ac42:2afe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
8	34.98.102.251 34.98.102.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
43	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
4 23	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
24	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
7	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
1 10	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
14	2606:4700:20:... 2606:4700:20::681a:467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
5 14	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
4 12	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
29	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
11 19	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
16	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
4 8	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
4 8	172.105.235.90 172.105.235.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
8	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
8	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
2 2	104.68.110.253 104.68.110.253	16625 (AKAMAI-AS) (AKAMAI-AS)
4 28	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
2 2	54.159.93.151 54.159.93.151	14618 (AMAZON-AES) (AMAZON-AES)
1 1	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
4 4	2600:1f18:4e9... 2600:1f18:4e9:5a05:dd64:d7a:647:2f6e	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 4	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
4 4	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	74.121.140.211 74.121.140.211	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	54.82.254.5 54.82.254.5	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
4	34.81.191.174 34.81.191.174	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	104.104.111.6 104.104.111.6	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.200.198.128 23.200.198.128	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1 2	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
1	207.244.102.141 207.244.102.141	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4 8	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
12	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2001	15169 (GOOGLE) (GOOGLE)
4 8	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	67.220.228.202 67.220.228.202	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	130.211.28.216 130.211.28.216	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1 2	35.211.178.172 35.211.178.172	() ()
2 2	68.67.179.153 68.67.179.153	() ()
2 3	68.67.179.87 68.67.179.87	() ()
5 6	34.235.86.243 34.235.86.243	() ()
2 2	34.205.126.51 34.205.126.51	() ()
1 1	15.235.42.102 15.235.42.102	() ()
1	23.52.163.93 23.52.163.93	() ()
1	3.227.175.66 3.227.175.66	() ()
1	23.105.12.137 23.105.12.137	() ()
1	141.226.224.48 141.226.224.48	() ()
1	23.52.160.7 23.52.160.7	() ()
1 2	35.71.139.29 35.71.139.29	() ()
1	34.200.65.202 34.200.65.202	() ()
1	202.241.208.56 202.241.208.56	() ()
1	195.244.31.11 195.244.31.11	() ()
1	23.52.164.232 23.52.164.232	() ()
1 2	192.40.39.223 192.40.39.223	() ()
1	63.251.28.133 63.251.28.133	() ()
1 2	107.21.146.241 107.21.146.241	() ()
1	34.117.157.22 34.117.157.22	() ()
2 2	54.82.170.117 54.82.170.117	() ()
1	2600:1f18:ed:... 2600:1f18:ed:550f:88b9:3302:6b1:658	() ()
1	3.222.170.15 3.222.170.15	() ()
1	2620:1ec:c11:... 2620:1ec:c11::200	() ()
1	54.163.228.183 54.163.228.183	() ()
1	64.202.112.159 64.202.112.159	() ()
1	162.248.18.37 162.248.18.37	() ()
1	34.233.227.88 34.233.227.88	() ()
1 2	2600:9000:251... 2600:9000:2511:d200:1b:5138:8a40:93a1	() ()
1 2	52.200.207.228 52.200.207.228	() ()
1	108.138.128.21 108.138.128.21	() ()
432	75

22 2606:4700:3108::ac42:2afe (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.102.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.102.98.34.bc.googleusercontent.com

assets.risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2607:f8b0:4006:822::2002 (United States) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:467 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:820::2004 (United States) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.210.196.208 (Fairfax, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2620:100:a001::c (United States) 11 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.36.98 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.105.235.90 (Tokyo, Japan) 4 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.34 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.68.110.253 (Santa Clara, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-110-253.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.251.40.226 (Newark, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.159.93.151 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-93-151.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.98.69.175 (New York, United States) 1 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:4e9:5a05:dd64:d7a:647:2f6e (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.175.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (Seattle, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 174.137.133.49 (United States) 4 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.254.5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-254-5.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.81.191.174 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 174.191.81.34.bc.googleusercontent.com

pmp-beacon.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.104.111.6 (Billerica, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-104-111-6.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.200.198.128 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-198-128.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.147 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.244.102.141 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

us-east-ad-track.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.43.72.97 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)

0f488de42d30060b6c98542b416b2a23.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e2109701698b8432306d571829546ef7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
38264674fc1148a6ac82d3d834810fa2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dacc0f8b0effc3813686706f4733b864.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.43.72.98 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.202 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 130.211.28.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.28.211.130.bc.googleusercontent.com

img.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (None, ) 1 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.153 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.67.179.87 (None, ) 2 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.235.86.243 (None, ) 5 redirects

ASN- ()

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.205.126.51 (None, ) 2 redirects

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.102 (None, ) 1 redirects

ASN- ()

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.163.93 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.175.66 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.137 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (None, )

ASN- ()

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.160.7 (None, )

ASN- ()

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.139.29 (None, ) 1 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.65.202 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.56 (None, )

ASN- ()

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.11 (None, )

ASN- ()

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.164.232 (None, )

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (None, ) 1 redirects

ASN- ()

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.28.133 (None, )

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.146.241 (None, ) 1 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (None, )

ASN- ()

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.170.117 (None, ) 2 redirects

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:88b9:3302:6b1:658 (None, )

ASN- ()

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.170.15 (None, )

ASN- ()

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (None, )

ASN- ()

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.228.183 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (None, )

ASN- ()

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.37 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.227.88 (None, )

ASN- ()

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2511:d200:1b:5138:8a40:93a1 (None, ) 1 redirects

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.207.228 (None, ) 1 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.21 (None, )

ASN- ()

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 0f488de42d30060b6c98542b416b2a23.safeframe.googlesyndication.com e2109701698b8432306d571829546ef7.safeframe.googlesyndication.com 38264674fc1148a6ac82d3d834810fa2.safeframe.googlesyndication.com dacc0f8b0effc3813686706f4733b864.safeframe.googlesyndication.com	685 KB
65	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210	840 KB
50	criteo.com 13 redirects gum.criteo.com — Cisco Umbrella Rank: 435 bidder.criteo.com — Cisco Umbrella Rank: 784 mug.criteo.com — Cisco Umbrella Rank: 2707 dis.criteo.com — Cisco Umbrella Rank: 626 cat.va.us.criteo.com — Cisco Umbrella Rank: 2781 ads.us.criteo.com — Cisco Umbrella Rank: 2725 widget.va.us.criteo.com — Cisco Umbrella Rank: 5684	88 KB
31	gstatic.com fonts.gstatic.com www.gstatic.com	909 KB
30	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 csm.us.criteo.net — Cisco Umbrella Rank: 2806	418 KB
30	risu.io 3 redirects risu.io assets.risu.io	1 MB
28	rubiconproject.com 12 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1075 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 617 pixel.rubiconproject.com — Cisco Umbrella Rank: 364	55 KB
23	aralego.com 5 redirects agent.aralego.com — Cisco Umbrella Rank: 259922 ads.aralego.com — Cisco Umbrella Rank: 39006 sync.aralego.com — Cisco Umbrella Rank: 2755 us-east-ad-track.aralego.com	19 KB
20	appier.net 8 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 49608 gocm.c.appier.net — Cisco Umbrella Rank: 2451 pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 361845	10 KB
15	feebee.tw img.feebee.tw — Cisco Umbrella Rank: 289743 fsa-api.feebee.tw — Cisco Umbrella Rank: 248974	169 KB
15	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 166	4 KB
14	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14741	205 KB
10	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 89702 ssl.sitemaji.com — Cisco Umbrella Rank: 236857	56 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150	598 B
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	10 KB
6	mediawallahscript.com 5 redirects partner.mediawallahscript.com	4 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 320 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071	4 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	340 KB
6	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1551	70 KB
5	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com	4 KB
5	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458 ups.analytics.yahoo.com	3 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 360	2 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	14 KB
3	feebee.com.tw fsa-api.feebee.com.tw — Cisco Umbrella Rank: 248973	13 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	211 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	smaato.net 1 redirects s.ad.smaato.net	1 KB
2	360yield.com 1 redirects ad.360yield.com	874 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	3lift.com 1 redirects eb2.3lift.com	737 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	978 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 597	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 864 r.turn.com — Cisco Umbrella Rank: 4052	869 B
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 7570	968 B
2	adkernel.com 2 redirects dsp.adkernel.com — Cisco Umbrella Rank: 6138	1 KB
2	bluevoox.com 2 redirects im.bluevoox.com — Cisco Umbrella Rank: 13661	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 877	2 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1695	2 KB
1	agkn.com aa.agkn.com	656 B
1	revcontent.com trends.revcontent.com
1	pubmatic.com simage2.pubmatic.com	578 B
1	outbrain.com sync.outbrain.com	287 B
1	postrelease.com jadserve.postrelease.com	538 B
1	bing.com c.bing.com	689 B
1	mediavine.com exchange.mediavine.com	963 B
1	ivitrack.com matching.ivitrack.com	274 B
1	stickyadstv.com ads.stickyadstv.com	618 B
1	bluekai.com tags.bluekai.com	545 B
1	omnitagjs.com visitor.omnitagjs.com	341 B
1	socdm.com tg.socdm.com	867 B
1	teads.tv criteo-sync.teads.tv	277 B
1	taboola.com sync-t1.taboola.com	231 B
1	smartadserver.com rtb-csync.smartadserver.com	687 B
1	sharethrough.com match.sharethrough.com	279 B
1	media.net contextual.media.net	792 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu	410 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 357	513 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1266	729 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4925	614 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	879 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 800	711 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 798	463 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1274	668 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 713	587 B
1	mxptint.net 1 redirects aep.mxptint.net — Cisco Umbrella Rank: 5973	788 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
432	69

	Domain	Requested by
39	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
37	pagead2.googlesyndication.com	risu.io pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com securepubads.g.doubleclick.net
29	static.criteo.net	agent.aralego.com static.criteo.net ads.aralego.com risu.io
28	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net eus.rubiconproject.com
24	www.gstatic.com	www.recaptcha.net www.gstatic.com googleads.g.doubleclick.net
23	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
22	risu.io	3 redirects risu.io assets.risu.io static.cloudflareinsights.com
19	gum.criteo.com	11 redirects static.criteo.net
16	bidder.criteo.com	static.criteo.net
14	www.google.com	5 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
14	cdn.aralego.net	agent.aralego.com risu.io ads.aralego.com
12	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
12	ads.aralego.com	4 redirects agent.aralego.com ads.aralego.com
9	img.feebee.tw	ad.sitemaji.com
9	sync.aralego.com	ads.aralego.com eus.rubiconproject.com
9	fonts.googleapis.com	risu.io assets.risu.io googleads.g.doubleclick.net
8	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com risu.io
8	token.rubiconproject.com	4 redirects eus.rubiconproject.com
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com
8	www.googleadservices.com
8	mug.criteo.com
8	gocm.c.appier.net	4 redirects risu.io ad2.apx.appier.net
8	ad2.apx.appier.net	4 redirects risu.io
8	assets.risu.io	risu.io assets.risu.io
7	ad.sitemaji.com	assets.risu.io risu.io ad.sitemaji.com
7	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
6	partner.mediawallahscript.com	5 redirects
6	fsa-api.feebee.tw	risu.io
6	www.googletagservices.com	googleads.g.doubleclick.net
6	www.recaptcha.net	risu.io www.gstatic.com www.recaptcha.net
4	secure-assets.rubiconproject.com	4 redirects
4	pmp-beacon.apx.appier.net	ad2.apx.appier.net
4	match.adsrvr.org	4 redirects
4	pr-bh.ybp.yahoo.com	4 redirects
3	secure.adnxs.com	2 redirects
3	cdnjs.cloudflare.com	ad.sitemaji.com
3	fsa-api.feebee.com.tw	ad.sitemaji.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	ssl.sitemaji.com	ad.sitemaji.com
3	dis.criteo.com	1 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	risu.io www.googletagmanager.com www.google-analytics.com
2	dpm.demdex.net	1 redirects
2	s.ad.smaato.net	1 redirects
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	ib.adnxs.com	2 redirects
2	x.bidswitch.net	1 redirects
2	cat.va.us.criteo.com	1 redirects risu.io
2	c1.adform.net	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	dsp.adkernel.com	2 redirects
2	im.bluevoox.com	2 redirects
2	pm.w55c.net	2 redirects
2	px.owneriq.net	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
1	aa.agkn.com
1	trends.revcontent.com	risu.io
1	simage2.pubmatic.com	risu.io
1	sync.outbrain.com	risu.io
1	jadserve.postrelease.com	risu.io
1	c.bing.com	risu.io
1	exchange.mediavine.com	risu.io
1	i6.liadm.com
1	matching.ivitrack.com	risu.io
1	ads.stickyadstv.com	risu.io
1	tags.bluekai.com
1	visitor.omnitagjs.com	risu.io
1	tg.socdm.com	risu.io
1	ups.analytics.yahoo.com	risu.io
1	criteo-sync.teads.tv	risu.io
1	sync-t1.taboola.com	risu.io
1	rtb-csync.smartadserver.com	risu.io
1	match.sharethrough.com	risu.io
1	contextual.media.net	risu.io
1	ws.rqtrk.eu	1 redirects
1	csm.us.criteo.net	risu.io
1	widget.va.us.criteo.com	risu.io
1	px.ads.linkedin.com	eus.rubiconproject.com
1	dacc0f8b0effc3813686706f4733b864.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	38264674fc1148a6ac82d3d834810fa2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	e2109701698b8432306d571829546ef7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	0f488de42d30060b6c98542b416b2a23.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	us-east-ad-track.aralego.com
1	ads.us.criteo.com	risu.io
1	odr.mookie1.com	1 redirects
1	fksnk.com	1 redirects
1	sync.mathtag.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ums.acuityplatform.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	aep.mxptint.net	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	agent.aralego.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	risu.io
432	103

This site contains links to these domains. Also see Links.

Domain
docs.risu.io
pqina.nl
lin.ee
m.me
docs.google.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-26` - `2024-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
assets.risu.io GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
pmp-beacon.apx.appier.net GTS CA 1P5	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.c.appier.net GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2023-10-13`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh

This page contains 76 frames:

Primary Page: https://risu.io/
Frame ID: 7AE0C736880C52271C026C5FED5C3CD2
Requests: 56 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 6539EF7795B84A32B2CC050334E73819
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html
Frame ID: 977EF411466DC3B38512B2B74EC3B83A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692858067&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822066565&bpp=13&bdt=804&idt=743&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2195860126897&frm=20&pv=2&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=808
Frame ID: 1AA991F5FCC837B310DF47A6AE56C5CD
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=2vyopuxijjq
Frame ID: 3DA6314EEECBBF69F44FC393C8A20B05
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=6jl7tz4xqat2
Frame ID: 7C594C38E28D76E619017A17BB10718C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 115705211A4338BA8575BC8D0F83DA4B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A7D80CF9190F080AD1A81E03A947362
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=9&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0&nras=2&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VjBFOOt75Z&p=https%3A//risu.io&dtd=33
Frame ID: FD9241D67A80557D32760CBD8BA6AC0C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=2&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1xSVnw8Xoa&p=https%3A//risu.io&dtd=60
Frame ID: AC626EA76420A7EAA6D606E8352CAD15
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=1&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QlrNEY8dZQ&p=https%3A//risu.io&dtd=76
Frame ID: F42840DD599A0E1ADA530FD94F35BDDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88
Frame ID: 1504E3E97FBCABA4BC6466131272EB81
Requests: 20 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 2D787FC0FBF3A8A2E2E93246C8AE940C
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 0142A87C99AC893488E4662DED43C267
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: C0B7AD194F240F215EF995CF87928B4C
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: CD1A5219D618046852DB8A2129D3D54B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Frame ID: BA4011A315D22381318D7764DFC129AB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Frame ID: A14494991EE23EAF0FA0A92FDD16E9A2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 76B47A98951F3720F7FB27A0127CAA7D
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: C538F781D00E1126F9231CFDCF5211D4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2E70638E3D0FDBAA8616655EDAD445ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AEE0DED8D87B9DD17CB25A994E81FC23
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FD9DA00575A25B2E6BCD5537B5D34AD0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7243886C94611AD5CE12FB3772F3A2F1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 149A4F3C7D024C67515342ED597B3B33
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 71F17F1ACC78AA2E17FE2A6625C12D51
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 944109EA6531A70DC13F72CA5B6F4C09
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4817D26F65F15B4F7F116EB1A08597AF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: DB6A783A7018545A2AFC09E24249FEFC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 3B22513440CCE82636DFA3F6679E7F70
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: EE49622DC63920D86FE24690FEFB6437
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 53F8250866A6EA623B529419EAB9B79F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 8B94DFFF2A1D191C8B5A32CA1A8EFCDB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js
Frame ID: 17157B342944ADB537E6BD72152EEC69
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 0CBE68A47D93627DD3E96FC756105A7E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 405E1B358D88F8380EE44C29F32614B8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: BC64727FF13FD6DCB89956A98E12C86C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: C74A94677479A40686A2A0F019381AFD
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: ED9B0ED31BFDE7579709C31D74D469DA
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 8E06F9F2EF3AE1B4BD781267E0C30E4C
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: B50DACCDD23F83A255A6AE79D5AD25CB
Requests: 6 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 263A22FA00AA76B1B98DA87161138BFF
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BC8643C8615B79EA4404C4F7525220D4
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: DA94A77EB2E655FF93125A2668CEA7B3
Requests: 12 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 00EDB8F6FF2AAF081F18D0330A010B3C
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 51D9F03856E5F86710EE077DA29BE9FB
Requests: 3 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 2FC6B7319D69C37170BF737FAE1F6872
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: EC76D4FA2250B5F432A70BAA606B8B2F
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 7DD673A02A81BFF441805EAA321CE81E
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: E3B57C8404A673385DF283062C712032
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: FF7A77D8B63A0C7870DE84935CAB2123
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 7508CA60BE810D7213BC7EF3606161E4
Requests: 3 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: AFE4C1B7A7A7EC04D478E85DCBBE69DB
Requests: 9 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 78C6FE76BD4D04D093F1CDEE398E4B79
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 66645699A4C61B9C0471A82D3B4B78C4
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cNr5BFV3Fa0E0eGQ1cWxP1Nlf%2fMmWo5ViXgf1WzVZR8M%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K1FRMdPsasDA5XObWyw2LyqKiuSM6wPuk2ioikgCPTfQe6Ji6ZlJ-ITb4CS-L-2SU4MnI806Ai5UVysStVqZPh-Ln5m8NbDhfQv8TKkxVgCqwqGZU1M_cliSwYFKQ1JLSNXZ93-SPRz4Qi6iaeYh4Vf-th6ejC5V_p1_wjuSopCNC41Lr-iCUUZ-6YTOPugCeZFhWCRyJrD4FedehFetgrmw2bcyUczwE22RNO2T_eE8TS8JgBMHq2UIe555u88dy1zMsRp7QyP6IjCzRw8nXlIqRM9NLAtpdO1L1T_qypYpgm0NezLvqcbHa2mHoQILSqj1o1kDVz3HOupQV95T6lz5hA-i2CnMsXS9d4ogKtLPyEGBsHOntpGnZMj52t47iNBvRUvKqYban1OjqKR4rcfA8bHdFBnW1z4f0nQUMHI6L2HZ9o0-Wka9B88QZpROoYE5plcj1Oy94mFRKen66JETxpWk_zBcfCofTe0pk75mY-UwKJsRQmBttIFPtXjZg8FXiZJHoIFxdrHgWYTDqlGBamh3UKrT04Ya-_UyYrzzyzKx053-YdNw
Frame ID: 530C5BD32AF3C1F0AE0E06E8063E9DE6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 5B7154335ECAEC24D92C724A8D919E62
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 860ECFA2EACE5C895BA5528F4758B252
Requests: 2 HTTP requests in this frame

Frame: https://0f488de42d30060b6c98542b416b2a23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 943EDA649FEDEB10BB4A2C14F7319A34
Requests: 1 HTTP requests in this frame

Frame: https://e2109701698b8432306d571829546ef7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 1DF29124066A85C8DBD206BE9F6F8D88
Requests: 1 HTTP requests in this frame

Frame: https://38264674fc1148a6ac82d3d834810fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 194527B8CC2923F74510325E1C8090B1
Requests: 1 HTTP requests in this frame

Frame: https://dacc0f8b0effc3813686706f4733b864.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 5E4C7957355AF72414399286BA72A59C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E4EC4AC463EAA767435255BA48330209
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0A3A1A48FC2ED446B616DA09EA67061
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F4361BF8A7AB7764476A8B5C053C225
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB5E0DF5FAF68B68A6782B40D3E8CA0D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2AF971DCBC7835A442B06147ED26383
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F0C97F2B480BDE725E73B39AC2F86FA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5F689490544112A2F74F5CF3DFF0422A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 077BBE93EDF1CCE4EAAAF4ADB4AEEFF8
Requests: 2 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: DF981DEC4878A6C8F7B669C839DE32C1
Requests: 5 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: A73F810FC3BA73CE7C1DC8CA118059B3
Requests: 8 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 3E56FD5903440D4B221AF0FFDAAB5F22
Requests: 5 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e66a3f95d8eff3784b94ea554f209c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Frame ID: 82E209A5C5C123D1053509ED9573078D
Requests: 1 HTTP requests in this frame

Frame: https://csm.us.criteo.net/all?cppv=3&cpp=OnOsfwOVN_X1QECOhWC3PXnBIbfrTc-YFLAqzyyiwuqHIFO25wMp2Qz45Ve7wIRc2lGM3JHhdP7ttbAYHwZyZ5mbxm39RABR-TCKDzlFtx92ZB2qnYEhkeBqulY6OUo-68-ZvrRti0YNR1yhPeJlHwiAjQJBFdfjN1NZmhU2RyS_GOK0SFhkViLK7UUIN7uSPi1lO32EGyKD-Jt-EJ-g_Pf5_w5FBAzMVNhKuoKTLUxiCTpMK3m5yfcxB8ziZZaLyaLm3A&sds=2&rev=88100&sendBeacon=true
Frame ID: 26D71C37365083F35F9E6606ABD35DE4
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_gid=CAESEH7vOk-qgWisaLp6wJa81_8&google_cver=1&google_ula=913071,0
Frame ID: ABD93519296B1C41420EF9744FAD8C5E
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

短網址。行銷。分析 - Risu.io

Page URL History Show full URLs

https://risu.io/6yhXT HTTP 302
https://risu.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

432
Requests

85 %
HTTPS

33 %
IPv6

69
Domains

103
Subdomains

75
IPs

5
Countries

5516 kB
Transfer

14351 kB
Size

59
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.risu.io/xiao-ji-qiao-tooltip/guan-li-hou-tai/duan-wang-zhi-pian
Title: 教學

Search URL Search Domain Scan URL

URL: https://pqina.nl/
Title: Powered by PQINA

Search URL Search Domain Scan URL

URL: https://lin.ee/oFUOKCP

Search URL Search Domain Scan URL

URL: https://m.me/risuiotw
Title: 聯絡我們

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSedWw6hNYi6Xg_VPatPmsfe7DOKPGg3ijSOvZuWu38FefIMCw/viewform?emailAddress=
Title: 問題回報

Search URL Search Domain Scan URL

URL: https://www.facebook.com/risuiotw
Title: 粉絲專頁

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://risu.io/6yhXT HTTP 302
https://risu.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 25

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 44

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 170

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=cx4EqoaDA7qiy71kN2rmZA&id=ida4mlvgiastit93r

Request Chain 172

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ghdsA0_gDz2i21WeN2rmZA&id=ida4mlvgiastit93r

Request Chain 173

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=l4I7UWEfCPOb2jSBN2rmZA&id=ida4mlvgiastit93r

Request Chain 174

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=HXJ3uOzVAWGFT6bHN2rmZA&id=ida4mlvgiastit93r

Request Chain 175

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=sbHaBnxhUmxTTFQyNDlyUGxZNGZvSTZiRnlRbU1KeHpiQXNTZlNJbElJUGZodU9yejJuV1JmU3pGamV4WUR0aWh1elpQczRVTDhRclArZ29MTjFrWHFEZDY4eXZCUVJ4WlFLUitrcm5jdzIwRVY0aWhCYmZId2cxY0F3dDFoVTh2ZHdaWk9xRTUzOFYwSTdjbDA2bTlZdXRtSGtqNyszZkozclRZWkROS3hzR0FlZ1VDZmt3eWUrUGxwT2VGL2xQMkJhNXh0ZTBJeG4xT0YzVzJhajQrY0t1RjFjQVpvS2FMY2xNNWtJdDU1OHJmNXpFU2d5NXIxN1Fsb1YxbHAzUGY3d0VIRkRObkRzdUUxY0hnY3BYNE1rWFY0QT09fA&cppv=2

Request Chain 178

https://googleads.g.doubleclick.net/pagead/adview?ai=C0Gn0M2rmZL-hHPPrtOUP2bWfkATr5YWKcvvjrd-CEp7gwISGAhABII6H3o8BYMm2o4jwo-wSoAGv4bDhKMgBCagDAcgDywSqBLQBT9BMSzWUIm0JA61NzUvorlnzKM-cydRN0Xd5faOX_18RaMGu3MdJ_DcGItg65bEFGaRomNFyo9yqK3usdPG205nTW6s31BZf5teaf16G8-jbj174bwBaCnVdiqJaPv5ZIl1ogNFAhr0x9f5EqlQo-hfJetos3idWNzp0F6Q7MBefKifUx0T8pV2nzguHfnuvTkJD9NIca9WTkG1bkXQWiFfzuRKoJvjy7Oe48w9QF071X4JjwATL0-DchQSIBZbq9txBkgUECAQYAZIFBAgFGASgBi6AB6-ZgcEDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyZgG0ggUCIBhEAEYHzICigI6AoBASL39wTqaCR5odHRwczovL3d3dy5mYW1pbHltYW5odmFjLmNvbS-ACgHICwHaDBEKCxDgwrWnx96EgsQBEgIBA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi05MjA4NzA4MTcwNzgzMTQwGAA&sigh=OvBFVZThTyw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWYbB85EiHBCv1ppgQZnI8KFoX2q8Q0RgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xac124a468ffcba9f0000000000000000%22,%222%22:%220xe50ff6a19e8b20860000000000000000%22,%223%22:%220x765d830c8ec671a80000000000000000%22,%224%22:%220xb6b6ec69476ea1cf0000000000000000%22,%225%22:%220xadbe8ea22b59abc90000000000000000%22},%22debug_key%22:%2212973639207128346960%22,%22debug_reporting%22:true,%22destination%22:%22https://familymanhvac.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210941640879%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226941932222729461761%22}&andc=true

Request Chain 179

https://px.owneriq.net/ecmg?google_gid=CAESEAA8nMWAfp6VEj8VjU_qr3w&google_cver=1&google_push=AXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3QrMGISD2USia-rubV-m_epKs2EJR6rF8juYUdGOt1VKZfQC01Ujqxs_5HN7BE2QMEcUum5Iztg8gl6TvFSLMedyBfw HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3QrMGISD2USia-rubV-m_epKs2EJR6rF8juYUdGOt1VKZfQC01Ujqxs_5HN7BE2QMEcUum5Iztg8gl6TvFSLMedyBfw%26google_cver%3d1%26google_gid%3dCAESEAA8nMWAfp6VEj8VjU_qr3w%26google_hm%3dUTc0NjEwODQ3MjE0MzU2ODc0MTQ%3d&uid=Q7461084721435687414&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3QrMGISD2USia-rubV-m_epKs2EJR6rF8juYUdGOt1VKZfQC01Ujqxs_5HN7BE2QMEcUum5Iztg8gl6TvFSLMedyBfw&google_cver=1&google_gid=CAESEAA8nMWAfp6VEj8VjU_qr3w&google_hm=UTc0NjEwODQ3MjE0MzU2ODc0MTQ=

Request Chain 180

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&google_cver=1&google_push=AXcoOmSNbgU6Lo_L4_YzjeIVHKVlriUYOevHwnJVmTwLA9ze2N6bKjJrETKnW6FPdftrov6ZSsY1ScsF8_u8QYV8Vv0oj-myunq5JKSmICBRs_w0QwI_4Ic8DU738wSHGm3SzFB0a8smaHhRNvoVdpJS3RM-HqQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&google_cver=1&google_push=AXcoOmSNbgU6Lo_L4_YzjeIVHKVlriUYOevHwnJVmTwLA9ze2N6bKjJrETKnW6FPdftrov6ZSsY1ScsF8_u8QYV8Vv0oj-myunq5JKSmICBRs_w0QwI_4Ic8DU738wSHGm3SzFB0a8smaHhRNvoVdpJS3RM-HqQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NHVmM3dSdEYxUXlVbE41&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&google_cver=1&google_push=AXcoOmSNbgU6Lo_L4_YzjeIVHKVlriUYOevHwnJVmTwLA9ze2N6bKjJrETKnW6FPdftrov6ZSsY1ScsF8_u8QYV8Vv0oj-myunq5JKSmICBRs_w0QwI_4Ic8DU738wSHGm3SzFB0a8smaHhRNvoVdpJS3RM-HqQ

Request Chain 181

https://aep.mxptint.net/sn.ashx?google_gid=CAESELB6HMyyf1sxTzwfEaNLUUQ&google_cver=1&google_push=AXcoOmQ4vvkNruuevbTkqTxQIR8LZcGcuy1zyToKvgYtio_dzxpye51qiWR0CpnORxNDGaH4IMfpRWD151r3oH1DQesFbxheQULqLHx89DWXk1EftA776ooiLgkt4dTTktMOaF795EZkcJ0o0YApH4mgNPZQXYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ4vvkNruuevbTkqTxQIR8LZcGcuy1zyToKvgYtio_dzxpye51qiWR0CpnORxNDGaH4IMfpRWD151r3oH1DQesFbxheQULqLHx89DWXk1EftA776ooiLgkt4dTTktMOaF795EZkcJ0o0YApH4mgNPZQXYw&google_hm=UjMzNjQ2XzEwN0UwNkI4QV9DMDlDMEQ5MA%3D%3D

Request Chain 182

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENdudzbAWbThss2dAw1mY1A&google_cver=1&google_push=AXcoOmR5c18deioDh29Lfpn--tbEb9ui0Ui-XwxwMnjdmi3jRZby3v5ev9m5OK-XwloCsOw1ByZEDasAEyUqzklRJFd4TKte5txBX-kOX-OW928jPeH5eJImziJg_HB7ueajSXfJOwVpz15LJQ1yY39EK6vNXxs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENdudzbAWbThss2dAw1mY1A&google_push=AXcoOmR5c18deioDh29Lfpn--tbEb9ui0Ui-XwxwMnjdmi3jRZby3v5ev9m5OK-XwloCsOw1ByZEDasAEyUqzklRJFd4TKte5txBX-kOX-OW928jPeH5eJImziJg_HB7ueajSXfJOwVpz15LJQ1yY39EK6vNXxs

Request Chain 183

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEDJOvRhVwvAeOR37ZQBICE&google_cver=1&google_push=AXcoOmQnssSca3A26CKhnu6qiQg4d8r9PCw8FnnmNXx-eu6Y_-5qxBPmcr514GohlmsEyoHmymbc16ZIZ5xmWT_lsd3om4PfMxa96ieT2zsLsvBNG8tnumk5sulP7wqGbslS8Zs1eg0tyZgpumUz017KIm9UHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860510236

Request Chain 184

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEALErGsakCZ4lhF58zCZFB4&google_cver=1&google_push=AXcoOmTyBwIL_6qaQvlSf6z7_ArPIv8vf1kPoQGmsOcxramn1YlD2XtoJm2bxF7084m-j7G2JqcXWFFR8TBUutX2HYWEMrbhMIvtHYAbX5WUnzngVsphZw9Jk-3ZK0U5xIAEmZeW19xLCKdeAsSQo59l-WahkTE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyBwIL_6qaQvlSf6z7_ArPIv8vf1kPoQGmsOcxramn1YlD2XtoJm2bxF7084m-j7G2JqcXWFFR8TBUutX2HYWEMrbhMIvtHYAbX5WUnzngVsphZw9Jk-3ZK0U5xIAEmZeW19xLCKdeAsSQo59l-WahkTE&google_hm=eS0xVVV5VEVORTJwRzBaR3ZlcXdXdHlmZVA0dm5WTmJoRX5B

Request Chain 185

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELN76UDTkL1Jkvn--QMFLVg&google_cver=1&google_push=AXcoOmTs-uQC9mOubs4y1Ws0i-usM-KrFr88CeolqgZtVocQMdLg4qg1rdXx6q-4sG7wvviDw-j13x9NBsQFeu9mknpvJaElxBrdfUooXSfZ8kxcFYpSygqEJqOyrBVmRdUwL6G9Ji9DFmdmAlyt2cSJCkt9b7gD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTs-uQC9mOubs4y1Ws0i-usM-KrFr88CeolqgZtVocQMdLg4qg1rdXx6q-4sG7wvviDw-j13x9NBsQFeu9mknpvJaElxBrdfUooXSfZ8kxcFYpSygqEJqOyrBVmRdUwL6G9Ji9DFmdmAlyt2cSJCkt9b7gD&google_hm=QlMuODM0NC0yNDVhLTQxMGEtYTg4ZA==

Request Chain 188

https://um.simpli.fi/gp_match?google_gid=CAESENhgZKhmJ43QgO-EiWF8StU&google_cver=1&google_push=AXcoOmScRGaUY8J8HsKkPz2M34Y2yJyPixzQihLz6KJv3v7Q6hAPOvku0G1jd0lgD6M-d64JpgFlrxaQ5CpWRGpRrNct4IVpGzb6-vc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3BF35241619B480A92501412065FE32C&google_push=AXcoOmScRGaUY8J8HsKkPz2M34Y2yJyPixzQihLz6KJv3v7Q6hAPOvku0G1jd0lgD6M-d64JpgFlrxaQ5CpWRGpRrNct4IVpGzb6-vc

Request Chain 189

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH1AcDtrLyhjHm2tbBbidcI&google_cver=1&google_push=AXcoOmQKLOUA8Sc9mM-FYo6510u-kPgQOpHL5pRyZycJsS37ELmLA3Go42DZRdF2s0n5o1SgT7sidG3NaUcIBbx11StxHbdPV4zeZXk HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEH1AcDtrLyhjHm2tbBbidcI&google_cver=1&google_push=AXcoOmQKLOUA8Sc9mM-FYo6510u-kPgQOpHL5pRyZycJsS37ELmLA3Go42DZRdF2s0n5o1SgT7sidG3NaUcIBbx11StxHbdPV4zeZXk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTVkNzExMjktNmNlOC00NDAxLThiMmEtMDZjMTIwMzc2ZTk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=95d71129-6ce8-4401-8b2a-06c120376e97

Request Chain 190

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMipFA8-KQKwvTJKEt2iadY&google_cver=1&google_push=AXcoOmRhr4yPuH1ZVa_G2DAmfRnlOtdlVWDqtQRLoNG55NDkZUn1M0mwg1Pikd1IZjK3zAvLWeP9a-1pxjNuSOV7l6uSpXI8B5laJ9s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhr4yPuH1ZVa_G2DAmfRnlOtdlVWDqtQRLoNG55NDkZUn1M0mwg1Pikd1IZjK3zAvLWeP9a-1pxjNuSOV7l6uSpXI8B5laJ9s&google_hm=eS04bzFwNTNsRTJwRW1rRTRXNmVrMTExd1g3OGFZZVFFcn5B

Request Chain 191

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmThs4OVWexKNoG9zye_NDwl7wAsK8hpX9CJSfS8_YNnFANXIKT1hmNgGpgW1cKxEIcLShzwUZV-cikD15sHrbJGTOghFTOQnfc&google_gid=CAESEH7vOk-qgWisaLp6wJa81_8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_push=AXcoOmThs4OVWexKNoG9zye_NDwl7wAsK8hpX9CJSfS8_YNnFANXIKT1hmNgGpgW1cKxEIcLShzwUZV-cikD15sHrbJGTOghFTOQnfc

Request Chain 192

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEO--Uv3qCfEmMvGsoLIEGwU&google_cver=1&google_push=AXcoOmRhIfX_9mw-t7qjguF4frCZBtZPVTGs49z4Rx3t9ei3WWJmtLZcDGjXG_vi5fbI3cbyixEeSS2A-jOk4q72d-Xei3VJcaQcj9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmRhIfX_9mw-t7qjguF4frCZBtZPVTGs49z4Rx3t9ei3WWJmtLZcDGjXG_vi5fbI3cbyixEeSS2A-jOk4q72d-Xei3VJcaQcj9g

Request Chain 193

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJzMYk-Dg2UX6kwGiNC5W-M&google_cver=1&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6IhZiCgnNhaS02XmdPFSWt-cTN HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJzMYk-Dg2UX6kwGiNC5W-M%26google_cver%3D1%26google_push%3DAXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6IhZiCgnNhaS02XmdPFSWt-cTN HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A6942815729684724525&exchange=193&google_gid=CAESEJzMYk-Dg2UX6kwGiNC5W-M&google_cver=1&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6IhZiCgnNhaS02XmdPFSWt-cTN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6IhZiCgnNhaS02XmdPFSWt-cTN

Request Chain 198

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHVMUNXswZXX8FX30qyVGMY&google_cver=1&google_push=AXcoOmQynonCWaVmnQDfA9aWmmx5AD5VWqp5bKo04vQOReC3_ZceqJNuEIVUmjpKcuWCOVqwbnezDCTdSSN4CDgBVqkFcURavkSvau8e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyNDEwNzM4NDc1MDI5NzA4Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECg-Ypah-lTbUv6Yl9-9WDg&google_cver=1

Request Chain 199

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED-XS9PK-jFbWEobgRhTlb8&google_cver=1&google_push=AXcoOmTqm0SZlYWEuq9oZH_ERMgz7Dlu2AizRGHLfERah5tCStN3qkU2KElbY2ocbDTUdGnz2u26WL9tzdGiSlx6keUhQVIgRwKSaUNZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTqm0SZlYWEuq9oZH_ERMgz7Dlu2AizRGHLfERah5tCStN3qkU2KElbY2ocbDTUdGnz2u26WL9tzdGiSlx6keUhQVIgRwKSaUNZ

Request Chain 200

https://fksnk.com/cs/google?google_gid=CAESELorW2wGJ9oDl1BrpKaxsFY&google_cver=1&google_push=AXcoOmRiWtgyf4Np8WBG9CJJ-QPr248_y8xrPW_m5szdZ-vykc1mgg9ucvIZ76vGQ86OQezCZVSpGps1tmN0eFPrrKdZ1brx2vEtY6y6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJDODg2NTIyQTkzNzJEQw==

Request Chain 201

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMc0GbTcRB1REcXTlsy8cik&google_cver=1&google_push=AXcoOmTwl0HTs8JNT7wOiADbbrSly3jSHKdgs5vL2mP6Mr6ipYNCE7wHrNZKbi8EEgWXtDhu2WybBku_rY6uSRzY4dzAY8rUYv0pJOMU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTwl0HTs8JNT7wOiADbbrSly3jSHKdgs5vL2mP6Mr6ipYNCE7wHrNZKbi8EEgWXtDhu2WybBku_rY6uSRzY4dzAY8rUYv0pJOMU&google_hm=eS0ua1FfdXN4RTJwRjBWbVZQd2pBR1Bla1NtVUMwa2NseX5B

Request Chain 202

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBpzb8TWql1mV6_olJUmhbs&google_push=AXcoOmRSNbo1EpR9DI_MkXKh_94lQivZ8T5ii6XJFsdRdWLiqhqGdSUG1VR2uJx9658gVHyp2xFYcWgz9yXw8CO0_Jf41-xJDdStY3sT&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmRSNbo1EpR9DI_MkXKh_94lQivZ8T5ii6XJFsdRdWLiqhqGdSUG1VR2uJx9658gVHyp2xFYcWgz9yXw8CO0_Jf41-xJDdStY3sT&google_hm=MTA1OTQwMTQ0NDQzNTA5NDMwMTg

Request Chain 203

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJsx-o5gKWrvQfV10KExXRE&google_cver=1&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2fNbZYQx3h8tKqKDllAHrvkGkLp6U HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJsx-o5gKWrvQfV10KExXRE&google_cver=1&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2fNbZYQx3h8tKqKDllAHrvkGkLp6U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwNjkxNTIxNjQ1NjY2MTY&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2fNbZYQx3h8tKqKDllAHrvkGkLp6U

Request Chain 204

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEJ19VAgSuzVyO8zT3og6RtA&google_cver=1&google_push=AXcoOmQ8ktm8mg1hoWy8jB8mNJCzSsXn-MnU8Y-4GjkwMAzkw-A6gzJFK70kOURe4ReYFMho2WJL4vJoSBspQTmfdX0bnsHvq_M-AZEk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8ktm8mg1hoWy8jB8mNJCzSsXn-MnU8Y-4GjkwMAzkw-A6gzJFK70kOURe4ReYFMho2WJL4vJoSBspQTmfdX0bnsHvq_M-AZEk&google_hm=QlMuOGM4Mi1hZWU3LTQyOGUtYjk1NQ==

Request Chain 206

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 207

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 210

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 216

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 218

https://googleads.g.doubleclick.net/pagead/adview?ai=CiyeINGrmZNOPHtGEtOUPzNK86APyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBM0BT9DWcknCDDWlBODVRtu6i5TlHeQBFZ9_F5utJQje2blwLEAAfbvLTtsdF-sRBVxh4SEmKOXBZu07bGu_6U_-UfPEwm9mtcdQWeEDuP0LcjfzQJ3hFu1GTrF9uiyuv0A_S7rVTyzPDXV4MKUWOEFOO2MLCv-333_i4g5VgbOyefF2RT558TCs8tCjkUZffpgAeFAHUQbdLnPTHyJFBZWh0too_70M7cSRKlJ6pltV0-pKsI7-bMQv9Y4-wH16co1K1pWRq5iGd6P57SXpVsAE_JW9trcEiAXLvf-VTJIFBAgEGAGSBQQIBRgEoAZmgAfZ-aPcBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOzDAtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93YXRjaG15cGFnZS5jb20vgAoByAsB2gwRCgsQ8OWv-rnJ6I7lARICAQPYEwqIFAHQFQGAFwGyFxwKGggAEhRwdWItOTIwODcwODE3MDc4MzE0MBgA&sigh=cvsKxh5F2Rk&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWPd5Cs4E3dGjZ2fjHVRipCZLLc6CMXDrbnalz2P9ZPESFRk0Kdmlcty9Q0BSYd01iyPKXhTmdlRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2210435710991872443868%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226211427290346223713%22}&andc=true

Request Chain 219

https://googleads.g.doubleclick.net/pagead/adview?ai=CB7PBNGrmZOuAHeXttOUP_peK6APyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBMcBT9BfPKEss07Q8nN8G5W1mUToN3eYa96rwCDemTTwn5gQtQvxzL4R3MeGugBRMyM5pQbI6REu6drHpZUE65Qx1NcK-Qd0SEmLFujDEbCfi5Tq6X0xkJf765zzZQKZurBjNGh7eMtSz_w3LH1Cx1u5GvQLbCnlSez2l387GegQOO0romfUTEKaXmlMDD1kPDoo6YL-4gU42CA8_TNUdy4ZN9IefSssfH3YA86DWzJ2QdcUEutZWqYF-cdl7QJst9BXk055yQypHMAE_JW9trcEiAXLvf-VTJIFBAgEGAGSBQQIBRgEoAZmgAfZ-aPcBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPj7AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93YXRjaG15cGFnZS5jb20vgAoByAsB2gwQCgoQ8PnX18PP_slvEgIBA9gTCogUAdAVAYAXAbIXHAoaCAASFHB1Yi05MjA4NzA4MTcwNzgzMTQwGAA&sigh=f5sF1s1z4F0&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJW0RZxjMCQTRlm7JPP-YbGFS5ZPpDWVc3NKPazEvqs8BvNMB2sTLJK3SWhZ0-VkZVm9XEpijhLaBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%221727377900885626491%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213275621699322952913%22}&andc=true

Request Chain 220

https://googleads.g.doubleclick.net/pagead/adview?ai=CPTq1NGrmZIeoILjqtOUP9Y2j0AnyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBMcBT9Bal3roOLOG6OYekEe5JTUrZoathR4PRKvzoLttNXqJAokNmxinzJ8uW8uZQFdY8MlxHg_UnQ9rrgiIfD8sh4XtEahbPnjbRAGiEmG8UNI2ljuBk7r4LjLQw34FoCqhkOywNMZAi-DM8PjFJvJ0b036lXn-uh8dLlBZVcj3sLHO_uukpSMO3KYt9ZABaHIij_UUeWb0zYrAroH7sn7tI7Ob6vhAy_ScartQULgx_St7fl2QR9Ioj-OP2Ll5S_v6lIidCQj6esAE_JW9trcEiAXLvf-VTJIFBAgEGAGSBQQIBRgEoAZmgAfZ-aPcBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO2oAdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkYaHR0cHM6Ly93YXRjaG15cGFnZS5jb20vgAoByAsB2gwRCgsQ0KmA6b-6k9fRARICAQPYEwqIFAHQFQGAFwGyFxwKGggAEhRwdWItOTIwODcwODE3MDc4MzE0MBgA&sigh=7lwCauiaZHs&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWLLATeO0Hfd4QnVmtbOfwU3JomUL2Wb8sDeMWCri8IDGkBomO63WrE5wcouiyqV9b-HZ-BvmgYBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%22659068942863957075%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224852661949019239313%22}&andc=true

Request Chain 231

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=POs6JV93VkVobENFWEt5d1RIbTJURlhEQ2UwZSUyQkRRY3hMR3l4JTJGUTFJREV2RzdsMGZoZGFaVmh1d1RuJTJCaVdoTnNQSTU4TkU4SzVibVBDeDdNNEYwV251TnVVJTJCdTl3R3pQRFBGdUpLNDdSUHpSNVVPSFcyT0pxbjZzdkZHbFNhSFFrRkloaDRGcUNMdmJhRExuUzlySnpBMWVrQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=auAtI3xhRGxpT3gvR25WclpqR0YxU0orMXhLTEZzRE54bk9RUzg1eXRsMGh0a3BMUldiNFczQkkyVWc1S3hEcFlDazljYWNXUTFEUGtkTjU1dmxkOXpSMUsxaVVvRzd1eWRCcE1Sd1c5RGZ4cEJ5aU1mRVVIVEk0STBzNHR0Z3B3T2k5L2xxSzVlVm8vanNwdWk1SkVVSS9KYzlXVDZ1NURnbnhQR2cvTW5CeVFFRjhjbGtnVlEvdVErelpyNGhXUFRPR3FsZVVvT1preFI4RzJBYyszbk12ZG82QVNNS2JRTWs1ZUR0Um5tc0FCUDBSUTloVmczbURWdkFBOStUL2RvZlJjUzExWDh2L0lFK25yZE5nczlzVU9LUT09fA&cppv=2

Request Chain 232

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=POs6JV93VkVobENFWEt5d1RIbTJURlhEQ2UwZSUyQkRRY3hMR3l4JTJGUTFJREV2RzdsMGZoZGFaVmh1d1RuJTJCaVdoTnNQSTU4TkU4SzVibVBDeDdNNEYwV251TnVVJTJCdTl3R3pQRFBGdUpLNDdSUHpSNVVPSFcyT0pxbjZzdkZHbFNhSFFrRkloaDRGcUNMdmJhRExuUzlySnpBMWVrQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=kjseBnxxR0lvWGx3U0JjZ05rWWZJNlZ5b0VkR2RiWjhCZktYTDRpNm9xcExFRWxDUU5yVXo4YU1EblFlNTV0aTRPREh5UjlNUWF5RDJYYWlCUFJqVldEbzN3ck5na3FBdXVNVWdUZThKbTFYc3BpbUoyeFFmS3BPeDBPOTNWVzlSdjlDREpBenhZT25wSFZCakthb0FSV0wwVEhSdWtmRlhDUXg4Y2VHalFleU9EUU9aK0svN25BMEM5U0YyT3dKSFQ1WFczVjAzbWdMSm5tbEtEWjRKa25TWXU4NEFXUkpPYmM0NitnOFczUjVaUXErRGJtc1FUQWNFRVNrc3ZjRXBnbC9hWW9xU2Z0aTBzb2lCT3lsMXErQjJZdz09fA&cppv=2

Request Chain 233

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=POs6JV93VkVobENFWEt5d1RIbTJURlhEQ2UwZSUyQkRRY3hMR3l4JTJGUTFJREV2RzdsMGZoZGFaVmh1d1RuJTJCaVdoTnNQSTU4TkU4SzVibVBDeDdNNEYwV251TnVVJTJCdTl3R3pQRFBGdUpLNDdSUHpSNVVPSFcyT0pxbjZzdkZHbFNhSFFrRkloaDRGcUNMdmJhRExuUzlySnpBMWVrQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=RE1UAHxCaGNnTTVjMW5BaVh1eTVBd2UyeXkvZEpCT01Kam15Qkc4alhKeEhoK0pqUHlzYkdGcGNOM2VtYU9CcVNlQWhOU3hTQTJESytBY0kwQXF5ZXFCVi9oRTlWZkhyR2I5cXA0YXl0ckRjRTZxcUJzcW1RVlgwVk9sOUYyN0hjdE9lWWlobDg1OERFcVFnaWs3M0gweTRuaFh0VmdJdU5La2FCV2VPRnkxYXZBZE10enBDMm52cnRJT3V1VHI0ckNNY2YxS1pYS29GclhFejZaNjVVL2pScms0VmtQUG1MMi9FNm1vdGo4Z00vSFU1UGpGWnpoQTVieEI5T1B0YTl6c0FYMXgwLys1U3htSXByVFpOY1JNT2lFZz09fA&cppv=2

Request Chain 236

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 240

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 243

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 246

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 261

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 265

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 269

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 276

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 283

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9OSW5GaGM1Mk5hMjY4RHVIR2dpbXlqREtFQ1lobHNaa3pRZHJ2NW9sdmRKQlRSYkZQakszQTNLbjNjNmZ1bVgzZ2UlMkIzV2NpOTdPZFN0SWFQaUFOdnJ4UVdNUEZyNEJBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8N-hn3x5ZFZsYWZJTEFlU2JJcmpZMy9DQm1VenAvbXhOYTExVlVxZzhBSklUNTl3b3JBdU1HWElWenczQjlDSFliUlRGUGluTk11VVBJQkphOXBnUkxFZnRnWFlKTUpQanFyL2JHU1RCWUYvT1doaC9BUGZKekNBUXFKR0I0UHJDaTc3MDUvSzV1bjBZOTlyUzFtdUppUmR4SkowdEhRSnNRV080ZHlVd1lKQVZFL2RnV1E0aU5hQlVQdUp2U0pFajhmRzBkaVJTSGxEdFVNZmtCRWhMdHhUTWlYNzd2eGp2RGNhQUYwWUhJMzg3dzZSd2g5SGJReXlJNGtFd2Z2cUdFQUp4NTZYVFFDZFhISHovQ0J2QlR2QVpJUT09fA&cppv=2

Request Chain 285

https://cat.va.us.criteo.com/tpd?dd=Q03KtV9sbiUyQlNPdE5oYk5FJTJCYlFUeGlTY1k4SEdweFNheUFzYWZZQ1MzeGhuMk5GVzcycW5LZXpLb1lkWDZxS0hkYzZtekglMkJleHVNVURPMm1nelV5V0hCOWg5TE5USTdQYjhtZFRYUkI5WEhHVEl2YUUyMXR4djlUeEhtV1lqT21vRTYlMkZ2Z3c2djZWQ1RYd2Y5VzRvS1d4Z3lkMEJzViUyRkh2U1ZjcDhzS2htRnVnS1FZcUcyTSUyRjFjMEwzWFk1ZHIyaVdxVmdjc0hmbnlmRGlmNHAxMmhyZE1TRVpFRnVRUjRPMTNVUHJJTUJteHlsS2NSRHpXMGM4ekhPVXJwaWhrUEFtcUdiZkQ3T1lNS0hHeFZEME9BVElHNGlVUHNTUTNDNlk5QlVFbjVsZk1QSXU3Z2J2NjRnS1o0TUxqdGQlMkZKSkYxeFE3dFAxZGpEM2hOSGZMZGhHc3lJMGthJTJGdUthZlkxN1N4SUZycnpvcDBzSDJQcklmaCUyQjRrcURZT2hzZEtYOU83SDA5TktubGV5ZVhQRUdHVU5QRDVMbmZlUHd0SWklMkJnczVqSURUcmhMUHkxbEJpNzlvV0VEZ0k0MTV0YTUlMkJ6UzUySWRiN1BIcUdJMXE5dFpPMjROMFJtNTUxQWJ4bEluRFJoc0ZSMlc1R2VSeUlSVHpMTllVRDlUUGklMkJVV2NlNkJsSGFnaVhPN0daelVjaTBUejBBTVMxQXcxZW1td1NzWTZVRmhWdG15JTJCRzhkYk5wVEs3V0FpUUs2MHBwSndaY0FURDFxSDRCSTMlMkZ2eXFMMFhZc1Q1clE0andHdlo0WkRvalgwblVVSWl4bzNnMWolMkJLdTdFZEh6OUFwS3dLJTJGSkV5Ynp0ZHhCb2cyUUw1YnNBaFVYaVB1R25pUnZYeFR3Z0V3MWgyMiUyRndYMElyMXZpM053eXU0dmJDYmJaQmdtbElHV3hLT3hITzVRdEtVdEgwTkl5V1c5RkNZdEd5OUFhTTVuRm1IZUN0Q3RwRjBTQUg3NHE2M3o5azI2Sk44Zk9XUXJBNnU4SllhdGRWeUlTU05FVFNUclNFeDlnZVVGN1I2QTRrYm5Nc3RoMkFySnBRWU00eGFVbmdSaXcyJTJCJTJCbFdTdVk3aEttZ01neUt5T3M3cjVQdmVESTB1d3A2SDB2eEhpeW16QW1pWHJGSVFmYlFoJTJCOUg1TVVTM2haT0pPeERiSzJYVmNRMWx4ZUNPRVRndEdEY3dUd3RuZUNLS1dTS1N4c1d0aU9oTnhSYkxFZmxPYmc0ZDlTcXQ2UG0za1FyUXQ3VUxiRUlaJTJGa1FUJTJCUCUyRkQ2RU1KMnhma1lqT1V3VlVlWm9tU1BKNEZicSUyRmljTEdYNUE5SHJhb2Z2anBmN3lubXhrRW9RczNIQzZualJERFEydUF0UDJGMzFZZGs1MTJFVlJFWEc2VlQ3d251JTJGTGkwMVE1UkxDbzN5alVOd2FQJTJGZmplTGRBVmdrZWIzazRxUE0yQThJTzVJc1llMDVYV0dpMEZBRWhsdWU2dW1nV3RsSU5KNnpKMEpLSHVvJTJGbTZqS0Q5SjVhMDJmc0hIdjRhTW1iU0wzM2J1VDI0MXVQOSUyQkxFejV5NEZoTVklMkZNZk9YMFp5bUxLZG5XVWpLUXl2VG0wMDlZQXpJa2pOMVZQMVFWZUV6YmxMZzdMdnMwRFdOR0xYOTZ2aXdyNG8wcVowVDFSZU1GY0QlMkZRUyUyQmJTRTlSeUV6JTJGUHJuOE9iWFAwcHpraXlXR0xZdTVIam9ydk8lMkZlb0ZtT1BjVkloR3RWTzJic2ZONmVSU041bTdjSThRY3QxT0NxOHpWMGh0SHRCalZSNkZuODQ3a3d6TXA1MnRxVDQlMkI2N2VqbGtlMFhQWUE3bGlhcDg1aVpYUXJFVXgza3pDcEtlMXhETGl4ZkdYbWNMTlU3ckRkc1V4dXIxSnQwTjNobkIlMkZQbFNJMU5jSW9zWXNwenhWQk42eGR5MWltSU4lMkZJdndjcjZCMGRCUVElMkJmTUFkaWZ0Z3d3T2RXWmxiaTltJTJGZlZqR1M5dG0yJTJGYVklM0Q HTTP 302
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cNr5BFV3Fa0E0eGQ1cWxP1Nlf%2fMmWo5ViXgf1WzVZR8M%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K1FRMdPsasDA5XObWyw2LyqKiuSM6wPuk2ioikgCPTfQe6Ji6ZlJ-ITb4CS-L-2SU4MnI806Ai5UVysStVqZPh-Ln5m8NbDhfQv8TKkxVgCqwqGZU1M_cliSwYFKQ1JLSNXZ93-SPRz4Qi6iaeYh4Vf-th6ejC5V_p1_wjuSopCNC41Lr-iCUUZ-6YTOPugCeZFhWCRyJrD4FedehFetgrmw2bcyUczwE22RNO2T_eE8TS8JgBMHq2UIe555u88dy1zMsRp7QyP6IjCzRw8nXlIqRM9NLAtpdO1L1T_qypYpgm0NezLvqcbHa2mHoQILSqj1o1kDVz3HOupQV95T6lz5hA-i2CnMsXS9d4ogKtLPyEGBsHOntpGnZMj52t47iNBvRUvKqYban1OjqKR4rcfA8bHdFBnW1z4f0nQUMHI6L2HZ9o0-Wka9B88QZpROoYE5plcj1Oy94mFRKen66JETxpWk_zBcfCofTe0pk75mY-UwKJsRQmBttIFPtXjZg8FXiZJHoIFxdrHgWYTDqlGBamh3UKrT04Ya-_UyYrzzyzKx053-YdNw

Request Chain 294

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9OSW5GaGM1Mk5hMjY4RHVIR2dpbXlqREtFQ1lobHNaa3pRZHJ2NW9sdmRKQlRSYkZQakszQTNLbjNjNmZ1bVgzZ2UlMkIzV2NpOTdPZFN0SWFQaUFOdnJ4UVdNUEZyNEJBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=4HprfXxVSkJkN1psSjJPSkFOTnpVVTRxcURMU1Z2a0UxN2VhUHBBYjNqU2JYV25vaTJXMHlhSFh3USt1M1h4NGQybkwzZHhoUk1OQ3ljelVYYnczR2h0bHc2WWdMdEtRMVppMkphc0ZlRVp6NWhNbk4wK2ZvTFIzQmhSUWplRFY0dVB5UXNyNjFGelkyRUhtU0tsREVSZWtYZm8xcmpseElxQTdTMHZSSWhhTndZWTcwK01SWGNBQm11VmZWNnlFUzgva2YzRWZpcjNRVGpTZUNxdk1YcjFuQ2hEeEMwbmQ2dXNUYkVuZDZvVlFLQWdvd2VzSVVsMkZ4bXRIQmR0WG0wektHaSthVDhLREVGT3psTEI1T2llclFQZz09fA&cppv=2

Request Chain 305

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9OSW5GaGM1Mk5hMjY4RHVIR2dpbXlqREtFQ1lobHNaa3pRZHJ2NW9sdmRKQlRSYkZQakszQTNLbjNjNmZ1bVgzZ2UlMkIzV2NpOTdPZFN0SWFQaUFOdnJ4UVdNUEZyNEJBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cf9oinxOUGUvZzVwWGkxUVlkTU05bTJhdm1PQjJYR0JoWFU2K1cxVyswK2h2ampLYUROaDVmNWxtTkcxQS9XaXNrK1B5R2Q3T3I3a0M1K1ZJeWk0UThkeU5DaWZZeU4rQ1hMZXd1dkJtdDBveGdlMXdWd0NkaVFyZEhkLzkybmxZY2c0RElSeGEyWTJ0L0p2U3lnclB0WnVyZjJDU1NGSFFuTTl3c0h6dlVBRmcyTWp4QzZUTnNqei9hNEZ5dUhlRGlnTkdWdzJMNkY1U2ZKWkJ5b3JqRWhmcmxxUm9FUkQ0U2J4MnVNTFY5TUpaOUwvMHl3cTRXcEtFRGtxekZCM3ZVT01KNmloT010Mm9kMmhYK0pwY0ovWUNOUT09fA&cppv=2

Request Chain 306

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9OSW5GaGM1Mk5hMjY4RHVIR2dpbXlqREtFQ1lobHNaa3pRZHJ2NW9sdmRKQlRSYkZQakszQTNLbjNjNmZ1bVgzZ2UlMkIzV2NpOTdPZFN0SWFQaUFOdnJ4UVdNUEZyNEJBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZR06dHxuU3Yrb1kzTVUxcmJMbkxybWF0YjA0ZStQMS82elpvQ2JXUnpKSFJGU1luNUhRclVOS0E3VW1xWnBxak8zQjFHV3liSzNJb2dUcEFQLzA4Wks2SHBhZFFnL29mdVEwYjVTNVNveGV5bDBKQzZVVkVXYTg5UTN3Ny92cDhoS0VXb0Y0UHdWQ1hpME9uVFh1RUVRRnlBczZzaE5NZTNjL0RWQjUwSkxCR0hnRkpXTVJYNS9qdTZCemJZZnhDTVNoaG9WMTBBMlFtSjd1OGNyQ0FrRWJaWEE1QUNRYXlOeEQ3NTlmMDdWcnhGc0I2L0tjZjAyT1VoNGtxMzZPUnd3YlVIaURqL0hOT0RLalBXR2VXOFd3aUlPUT09fA&cppv=2

Request Chain 329

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLO6JZIP-1S-J3NI HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6JZIP-1S-J3NI

Request Chain 331

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/N8kYBDKWP5iwnutTCVFf_8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qgFft3BE2oLLFwXndV23xQ1_yWflzevRjRXcZQ--~A

Request Chain 332

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vGnkRoLIQdClszNGyohWMw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vGnkRoLIQdClszNGyohWMw

Request Chain 333

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHMmq-46EnXcYdpibLH2_8&google_cver=1

Request Chain 334

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6JZIP-1S-J3NI

Request Chain 335

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExPNkpaSVAtMVMtSjNOSQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGmQw-5KnEc59Q10c6s3ias&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNkpaSVAtMVMtSjNOSQ==&google_push=

Request Chain 336

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTc4YjYxODkxMWVhY2E1NWQ3NWI1MjI2OWFkZGQwODM0Y2Y3MmRiZQ

Request Chain 337

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=95d71129-6ce8-4401-8b2a-06c120376e97&gdpr=0&gdpr_consent=&expires=30

Request Chain 338

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jmhAuY9zR0O4d44Rnc9V1A&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jmhAuY9zR0O4d44Rnc9V1A

Request Chain 404

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_cm&google_hm=ay0ta2tCWFhjYktHWUtuanhQREZpMXRodUtIZWpReFJ2c252c1pLQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_gid=CAESEH7vOk-qgWisaLp6wJa81_8&google_cver=1&google_ula=913071,0

Request Chain 405

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nbZNXHcbKGYKnjxPDFi1thuKHei1cvNtS0hQJw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nbZNXHcbKGYKnjxPDFi1thuKHei1cvNtS0hQJw&expires=30

Request Chain 406

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8394439617809991017

Request Chain 407

https://secure.adnxs.com/setuid?entity=52&code=k-c2vyVXcbKGYKnjxPDFi1thuKHej1FifqL0NUqQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-c2vyVXcbKGYKnjxPDFi1thuKHej1FifqL0NUqQ

Request Chain 408

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&custom=&tag_format=img&tag_action=sync&custom=&cb=4f16d7ad-ab23-4deb-9171-1caf0107c069 HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=4f16d7ad-ab23-4deb-9171-1caf0107c069&final=true&reqid=9fe91dd0-41f2-11ee-9d4e-6bf6448a8b2b&timestamp=2023-08-23T20%3A21%3A21.581Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=8394439617809991017&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=a0024b20-41f2-11ee-a052-b1dfb974b406?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=a0024b20-41f2-11ee-a052-b1dfb974b406?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=16ffddd187e7fdd822c047bdf7ffc7a&tag_format=img&tag_action=sync&cb=693461907 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=95d71129-6ce8-4401-8b2a-06c120376e97&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=a0024b20-41f2-11ee-a052-b1dfb974b406&cb=1692822082601&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1692822082601 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a27cb237-1f23-40db-bded-df15c19a2bdf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822082601

Request Chain 415

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1DARJ3cbKGYKnjxPDFi1thuKHei1v2U7fnBGSA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1DARJ3cbKGYKnjxPDFi1thuKHei1v2U7fnBGSA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 419

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=46vBPgE4ajxo8YTEn5FI9UZJWD7htw32

Request Chain 420

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dktdancbKGYKnjxPDFi1thuKHegT3QmJPBN8nw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dktdancbKGYKnjxPDFi1thuKHegT3QmJPBN8nw&C=1

Request Chain 422

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Lof3NXcbKGYKnjxPDFi1thuKHeg5gll6LIQrnw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Lof3NXcbKGYKnjxPDFi1thuKHeg5gll6LIQrnw

Request Chain 424

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw&_li_chk=true&previous_uuid=453b63e046474bdfb6ea0c970b767f73 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw

Request Chain 431

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-R8rSU3cbKGYKnjxPDFi1thuKHeiJyzXh9M9ftQ HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-R8rSU3cbKGYKnjxPDFi1thuKHeiJyzXh9M9ftQ&cookieCheck=1

Request Chain 432

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=5qzQjJbxnMfz4gWxWaKKRduz39XO9LPw HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5qzQjJbxnMfz4gWxWaKKRduz39XO9LPw

Request Chain 433

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=C1Q1PBi0NCvcuAFr0oiZPFlORLKKLDJs

432 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
risu.io/
Redirect Chain

https://risu.io/6yhXT
https://risu.io/

13 KB
5 KB

270ms
268ms

Document
text/html

2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af5d40ebbb0f31a26609b63dedc61a7efb25973d5a06398475eead114ef1aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fb60f55591a2306-ORD
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 20:21:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 30f5a434-6977-4b7b-b1c2-700fea8308a9
x-runtime: 0.020668
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fb60f537e262306-ORD
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 20:21:05 GMT
location: https://risu.io/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 52dfcb14-d897-4d0b-8570-8782f4ca16a1
x-runtime: 0.024142
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
970 B 167ms
61ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 18:46:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
708 B 182ms
76ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:02:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:05 GMT

GET
H2 200 application-025be2bd.css
assets.risu.io/packs/css/layouts/ 528 KB
67 KB 119ms
33ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:46:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 77701
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68120

GET
H2 200 header-419e5bb6.css
assets.risu.io/packs/css/commons/ 226 B
364 B 116ms
30ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/commons/header-419e5bb6.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 05:56:32 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 51873
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168

GET
H2 200 index-01566233.css
assets.risu.io/packs/css/home/ 131 KB
19 KB 146ms
61ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/home/index-01566233.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 18:06:42 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 8063
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19083

GET
H3 200 email-decode.min.js Show response
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
871 B 40ms
31ms Script
application/javascript 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: cloudflare
etag: W/"64e37fab-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb60f572b832ca1-ORD
expires: Fri, 25 Aug 2023 20:21:05 GMT

GET
H3 200 rocket-loader.min.js Show response
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 43ms
34ms Script
application/javascript 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 15:15:55 GMT
server: cloudflare
etag: W/"64e37fab-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb60f572b872ca1-ORD
expires: Fri, 25 Aug 2023 20:21:05 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 153ms
72ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:05 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fb60f57ab3910bb-ORD

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
910 B 74ms
73ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Allison&family=Cabin+Sketch&family=Great+Vibes&family=Kanit:wght@300&family=Niconne&family=Sacramento&family=Share+Tech+Mono&display=swap

Requested by

Host: assets.risu.io
URL: https://assets.risu.io/packs/css/home/index-01566233.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a0e731a7c852f0fadbdc75b0aaf9956616e4133af6eb296d5488f8283d6de85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets.risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:21:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:05 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 214ms
98ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:17:57 GMT
x-content-type-options: nosniff
age: 21789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:17:57 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 165ms
50ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:54:30 GMT
x-content-type-options: nosniff
age: 368796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 13:54:30 GMT

GET
H3 200 bootstrap-icons-dfd0ea12.woff2
assets.risu.io/packs/media/fonts/ 88 KB
88 KB 95ms
30ms Font
application/font-woff2 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:11:31 GMT
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 4175
content-type: application/font-woff2
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90528

GET
H2 200 index-2e1e8e88a148c184c660.js Show response
assets.risu.io/packs/js/home/ 1 MB
435 KB 72ms
68ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 18:06:42 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 8064
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445335

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 1 KB
1 KB 191ms
66ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0dc286001a0b304bb8d48548024effcd22367781c1eb3b1c5aca68c6239173ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 868
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:21:06 GMT

GET
H2 200 zh-TW.js Show response
assets.risu.io/javascripts/i18n/ 23 KB
10 KB 198ms
196ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/javascripts/i18n/zh-TW.js?b8928d7ddbc6bd8fd605402c4caed5ba
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:55:27 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 23 Aug 2023 18:13:03 GMT
server: nginx
age: 1539
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10051

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 193ms
75ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ad9e64df0f533f52c3d3e236e972a9bb93c6cd2afc7612c78308b987b00743b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51086
x-xss-protection: 0
server: cafe
etag: 3294364219573426426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 208ms
90ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc922e3abc5e83c7aefc9d0f4259fb6e4cbb833681e35257f2a35ee878ef19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50859
x-xss-protection: 0
server: cafe
etag: 14618722187058771037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:06 GMT

GET
H2 200 header-284b48f4c520b20108dc.js Show response
assets.risu.io/packs/js/commons/ 470 KB
143 KB 38ms
37ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/commons/header-284b48f4c520b20108dc.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:42:57 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 16689
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146149

GET
H2 200 application-bc03df23d8f68313a035.js Show response
assets.risu.io/packs/js/layouts/ 54 KB
17 KB 32ms
30ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/layouts/application-bc03df23d8f68313a035.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:49:50 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 1876
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17116

GET
H3

200

invisible.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 6539
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
3 KB

40ms
39ms

Script
application/javascript

2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5ee38340fa7a003a15d727909a8601c5cf0502152a897e93041ba3c5aa4b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb60f59ceaf2ca1-ORD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 23 Aug 2023 20:21:06 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fb60f597e542ca1-ORD
alt-svc: h3=":443"; ma=86400

POST
H3 200 7fb60f55591a2306 Show response
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6539 0
267 B 62ms
61ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb60f55591a2306
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Aug 2023 20:21:06 GMT
content-encoding: br
server: cloudflare
cf-ray: 7fb60f5b485c2ca1-ORD
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
50 KB 196ms
83ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4df7496d624a5f84680bf8a0bbe83a74d6db80e47d6aaf717901255c304dfe69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51255
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 19:05:47 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Aug 2023 20:21:06 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 392 KB
132 KB 122ms
120ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bfdf8980dc5a167bc4e196a81a7eeade1a569100944065c6a33eb70ae9bc0c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134779
x-xss-protection: 0
server: cafe
etag: 14342593770825713529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/ Frame 977E 10 KB
5 KB 166ms
44ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 17043
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:37:03 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 15:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 451 KB
181 KB 170ms
54ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 20:20:47 GMT

GET
H3

200

invisible.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 6539
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
3 KB

149ms
149ms

Script
application/javascript

2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Protocol

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a0626c8be9b03e890b2ced5c31391b7daed4170ccc191b5e4149612f9d19a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb60f601ef32ca1-ORD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 23 Aug 2023 20:21:06 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fb60f5e6cba2ca1-ORD
alt-svc: h3=":443"; ma=86400

GET
H2 200 ysm_risu.js Show response
ad.sitemaji.com/ 45 KB
14 KB 114ms
30ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_risu.js
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:35:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 27 Jul 2023 09:23:59 GMT
server: nginx/1.12.1 (Ubuntu)
age: 9945
etag: W/"64c237af-b264"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13616
expires: Thu, 24 Aug 2023 17:35:22 GMT

GET
H3 200 abs027-4bed8014.svg Show response
risu.io/packs/media/abs/ 898 B
567 B 47ms
46ms XHR
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/abs/abs027-4bed8014.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 178017
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60f5f8e212ca1-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 gra001-b98babf3.svg Show response
risu.io/packs/media/gra/ 425 B
444 B 322ms
321ms XHR
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/gra/gra001-b98babf3.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60f5f8e222ca1-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 gen002-c35b3731.svg Show response
risu.io/packs/media/gen/ 2 KB
1 KB 42ms
42ms XHR
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/gen/gen002-c35b3731.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 436608
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60f5f8e232ca1-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 facebook-icon-43072eec.svg
risu.io/packs/media/brands/ 802 B
600 B 52ms
51ms Image
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 77825
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60f5fee972ca1-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 google-icon-501a643d.svg
risu.io/packs/media/brands/ 1 KB
790 B 55ms
54ms Image
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 1582800
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60f5fee992ca1-ORD
alt-svc: h3=":443"; ma=86400

GET
H3 200 image_page-2402d7aa.jpg
risu.io/packs/media/demo/ 82 KB
82 KB 382ms
381ms Image
image/jpeg 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/image_page-2402d7aa.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60f5feea32ca1-ORD
alt-svc: h3=":443"; ma=86400
content-length: 84081

GET
H3 200 analytic_page-559230f7.jpg
risu.io/packs/media/demo/ 109 KB
109 KB 336ms
335ms Image
image/jpeg 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/analytic_page-559230f7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60f5feea52ca1-ORD
alt-svc: h3=":443"; ma=86400
content-length: 111521

GET
H3 200 social_seo_page-da2061df.jpg
risu.io/packs/media/demo/ 125 KB
125 KB 359ms
358ms Image
image/jpeg 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/social_seo_page-da2061df.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60f5feea62ca1-ORD
alt-svc: h3=":443"; ma=86400
content-length: 127530

GET
H3 200 qrcode-58d486d7.png
risu.io/packs/media/demo_linebot/ 340 B
583 B 323ms
322ms Image
image/webp 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo_linebot/qrcode-58d486d7.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
cf-polished: origFmt=png, origSize=432
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
content-disposition: inline; filename="qrcode-58d486d7.webp"
accept-ranges: bytes
cf-ray: 7fb60f5feea72ca1-ORD
alt-svc: h3=":443"; ma=86400
content-length: 340

GET
H3 200 IMG_0822-19d28120.PNG
risu.io/packs/media/demo_linebot/ 251 KB
252 KB 63ms
62ms Image
image/webp 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo_linebot/IMG_0822-19d28120.PNG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
cf-cache-status: HIT
age: 436608
cf-polished: origFmt=png, origSize=281534
content-disposition: inline; filename="IMG_0822-19d28120.webp"
alt-svc: h3=":443"; ma=86400
content-length: 257502
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb60f5feea92ca1-ORD

GET
H3 200 shape-1-c213d1b6.svg
risu.io/packs/media/components/ 10 KB
3 KB 326ms
324ms Image
image/svg+xml 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/components/shape-1-c213d1b6.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb60f5feeab2ca1-ORD
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
risu.io/cdn-cgi/ 0
135 B 144ms
143ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://risu.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fb60f602efd2ca1-ORD

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
598 B 174ms
58ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=risu.io&callback=_gfp_s_&client=ca-pub-9208708170783140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc70ad2683ea006d3419de0f487b0dc733d098fe67c4c1613ab5f10d0e2459a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AA9 438 KB
71 KB 483ms
480ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692858067&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822066565&bpp=13&bdt=804&idt=743&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2195860126897&frm=20&pv=2&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=808

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54dab2bedb5006b60481315c7d4a78dde034eb7b1c35f581ed895099c2892ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 72826
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:07 GMT
expires: Wed, 23 Aug 2023 20:21:07 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 77ms
69ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230822&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bc42ec99e5e025e0f1d3e723c8c147316d27888198e2a97c98ad9d88d384b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11598
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 162ms
49ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 18:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6012
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 23 Aug 2023 20:40:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 83ms
81ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32467fad06b88e53b0c63f7c6813ab82536211826efa4e1aa25adde5b78216f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 20:21:07 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

112ms
40ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Protocol: H2
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9276
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUe3XlWNdN0zcDcaOaOogNpUlUfDTczVFH8zWBZFe0F8rB%2BnfsO3SRf7DW91ee6Ox8y5hGoNwpog4Sk%2BUQCfc9qRhhe5D2%2BejuF20UpxZn6kdSHFAFwRbNOjajZG%2FympNEf6JHn2erAgCxUSeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60f63db8186e1-ORD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 3DA6 54 KB
30 KB 182ms
157ms Document
text/html 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=2vyopuxijjq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a694012139ac989b8d93c5ca419387862741caeab980beaa39464a8f4130edf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l4WKfLSPAkQ8NDfFItAlhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 30667
content-security-policy: script-src 'report-sample' 'nonce-l4WKfLSPAkQ8NDfFItAlhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 7C59 7 KB
1 KB 89ms
68ms Document
text/html 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=6jl7tz4xqat2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

778efa64aa4be45ecdb9b2ce706f988796aa990bfaeabe6b07ab8257306d8e8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ED2huzsdz5HUALV_ARQmEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1071
content-security-policy: script-src 'report-sample' 'nonce-ED2huzsdz5HUALV_ARQmEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:07 GMT
expires: Wed, 23 Aug 2023 20:21:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 169ms
62ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:21:07 GMT

POST
H3 200 7fb60f55591a2306 Show response
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 6539 0
266 B 58ms
57ms XHR
text/plain 2606:4700:3108::ac42:2afe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb60f55591a2306
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
content-encoding: br
server: cloudflare
cf-ray: 7fb60f635aee2ca1-ORD
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 7C59 55 KB
24 KB 159ms
65ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=6jl7tz4xqat2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 20:20:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 7C59 451 KB
181 KB 189ms
96ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 20:20:47 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 3DA6 55 KB
24 KB 137ms
53ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:20:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 20:20:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 3DA6 451 KB
181 KB 134ms
50ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 20:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Aug 2024 20:20:47 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
165 B 61ms
59ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je38l0&_p=478420106&cid=1151473509.1692822067&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692822067&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 16 B
36 B 58ms
57ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=478420106&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2F&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1872908166&gjid=1301950989&cid=1151473509.1692822067&tid=UA-146086888-1&_gid=733943860.1692822068&_r=1&_slc=1&gtm=45He38l0n81MR8WJDJ&z=1388470676

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1157 13 KB
5 KB 49ms
43ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7A7D 829 B
1 KB 407ms
65ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58ecdaf936fd855b173fdbaa17efa5519ed0b29d09eb29b74f4fc9e8ce12ae7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wM-T_mucYzq31yneWZjNYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-wM-T_mucYzq31yneWZjNYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:08 GMT
expires: Wed, 23 Aug 2023 20:21:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
636 B 39ms
38ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2067
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXAQNVNYDIkHCDvqW6uYf3hLjOJ%2FfzCP%2Bz31NlDTkO%2F13OrnMy7bJwOd0fJw7mGdJKHDSlaNRB6vb8dgZ5qGhbY1z0USLVBhYmoM4Ufbf2kNR5hwb%2FpT%2Bf2abm%2Fcfi%2FkpzLyTVK8JWae17VK6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60f64bcc186e1-ORD

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
341 B 289ms
49ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146086888-1&cid=1151473509.1692822067&jid=1872908166&gjid=1301950989&_gid=733943860.1692822068&_u=YADAAEAAAAAAACAAI~&z=1226529494

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Aug 2023 20:21:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 88ms
86ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf6877322edcf63a86c913fd62df29368e6b068c995bf7488a56dd8b5aa3ba6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 20:21:08 GMT

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 398ms
90ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.5266344258920987&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 3eb1f96a2955fe4ae46e7d9a9fe7b516748689dd789c7c8114fbf5b88562dd54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 395ms
87ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9717018331211709&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2669eb3b6b6ea377d2b21a47d0348fb2ea74e32e2f4517255290470f70da3e15

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 405ms
99ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.4035243391854244&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: ed1ce47524bed59de056bfb4f3dfe8c9fa7b152fe7ae95a4c39538c27c9258f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 416ms
110ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6594652048119565&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 05445776284c73caeac0256bd57d40fca075223f178b8d6ef9e20b799516b565

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
x-width: 728
content-encoding: gzip
x-height: 90
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html
transfer-encoding: chunked
connection: close

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 154 KB
52 KB 85ms
84ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f348fa3100d7991275fa708991b53104734de289031905b1b0278fd5f8e8461d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53668
x-xss-protection: 0
server: cafe
etag: 2800459606144214884
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:08 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3DA6 2 KB
2 KB 52ms
45ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 17:24:31 GMT
x-content-type-options: nosniff
age: 442597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 25 Aug 2023 17:24:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3DA6 15 KB
15 KB 53ms
46ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 07:41:31 GMT
x-content-type-options: nosniff
age: 477577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:41:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3DA6 15 KB
15 KB 60ms
54ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:39:53 GMT
x-content-type-options: nosniff
age: 34875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 10:39:53 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD92 118 KB
41 KB 440ms
432ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=9&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0&nras=2&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VjBFOOt75Z&p=https%3A//risu.io&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

206988460897ed9d2f6a07e246da6cb1459b27d9aed8ac5864758f1fa86981b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42235
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:08 GMT
expires: Wed, 23 Aug 2023 20:21:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC62 118 KB
41 KB 595ms
593ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=2&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1xSVnw8Xoa&p=https%3A//risu.io&dtd=60

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73869b617442e19404f24ff1f22c1566fd6d8134daa8b07079a8479962235736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41755
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:08 GMT
expires: Wed, 23 Aug 2023 20:21:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F428 436 B
238 B 374ms
371ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=1&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QlrNEY8dZQ&p=https%3A//risu.io&dtd=76

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7de3fdca70203a1efd21f4b7a85567eecb2ffc6882bce46491be7617e1b32882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:08 GMT
expires: Wed, 23 Aug 2023 20:21:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1504 118 KB
41 KB 444ms
432ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f62e13208fac0c359ba40438be20df823fa84dd95f2cadec1c440f99b8c8e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41954
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:08 GMT
expires: Wed, 23 Aug 2023 20:21:08 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 3DA6 102 B
134 B 76ms
75ms Other
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=2vyopuxijjq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:21:08 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 69ms
67ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=1151473509.1692822067&jid=1872908166&_u=YADAAEAAAAAAACAAI~&z=2071710975

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 2D78 128 KB
41 KB 197ms
87ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:08 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 0142 128 KB
41 KB 289ms
183ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:08 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame C0B7 128 KB
41 KB 270ms
168ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:08 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame CD1A 128 KB
41 KB 233ms
138ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A7D 0
0 115ms
109ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230822&jk=889313892691995&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H2 204 collect
analytics.google.com/g/ 0
239 B 128ms
37ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je38l0&_p=478420106&_gaz=1&ul=en-us&sr=1600x1200&cid=1151473509.1692822067&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1692822068&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 51ms
50ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=1151473509.1692822067&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/ Frame BA40 10 KB
4 KB 55ms
50ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:57:28 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 17:57:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/ Frame A144 10 KB
4 KB 69ms
55ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:57:28 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 17:57:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/ Frame 76B4 10 KB
4 KB 72ms
59ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 8620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 17:57:28 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 17:57:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1157 37 KB
14 KB 49ms
45ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame FD92 9 KB
4 KB 106ms
94ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=9&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0&nras=2&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VjBFOOt75Z&p=https%3A//risu.io&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame FD92 11 KB
5 KB 107ms
95ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FD92 14 KB
1 KB 115ms
40ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:08:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame FD92 2 KB
892 B 71ms
67ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame FD92 23 KB
9 KB 72ms
68ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame FD92 3 KB
1 KB 72ms
69ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame FD92 20 KB
8 KB 107ms
96ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FD92 0
0 78ms
74ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSe2T2UQnwbDSqhJLUR3zeIkx9aioAfygvmmYU8pioAY3fOtMKTLRlw3dsdhK2ynE6y-Zewj0lZhPp3UBR94pYiup1OvQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=9&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0&nras=2&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VjBFOOt75Z&p=https%3A//risu.io&dtd=33
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD92 181 KB
57 KB 172ms
167ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame FD92 35 KB
15 KB 73ms
69ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 1504 9 KB
4 KB 112ms
49ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 1504 11 KB
5 KB 115ms
52ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H3 200 b5fa40f50e5935a6cb0e2cf2eea955bc.js Show response
www.gstatic.com/mysidia/ Frame 1504 18 KB
8 KB 150ms
58ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b5fa40f50e5935a6cb0e2cf2eea955bc.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edcee285d53072d471a520cf4f06657c69cc9d9fa5933a225c15e889a2466a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 00:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7794
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 00:17:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1504 14 KB
1 KB 179ms
68ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:13:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 1504 2 KB
892 B 76ms
46ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 1504 6 KB
2 KB 198ms
103ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 20:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603829
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 20:37:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame 1504 23 KB
9 KB 62ms
60ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 1504 3 KB
1 KB 64ms
61ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 1504 20 KB
8 KB 159ms
64ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1504 0
0 83ms
80ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSuW3ERaD01Lqw3g4enkt1I8MuYLuYYbXxMpHbc4PQj3s4HnLpIFb8WXmqYv87mB0CS8qLgYPmahRq2of107liyXMDBog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1504 181 KB
57 KB 182ms
144ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 1504 35 KB
15 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame AC62 9 KB
4 KB 159ms
94ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=2&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1xSVnw8Xoa&p=https%3A//risu.io&dtd=60

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame AC62 11 KB
5 KB 160ms
95ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC62 14 KB
1 KB 138ms
64ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:09:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame AC62 2 KB
892 B 60ms
57ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame AC62 23 KB
9 KB 61ms
58ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame AC62 3 KB
1 KB 61ms
59ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame AC62 20 KB
8 KB 159ms
95ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AC62 0
0 70ms
68ms Image
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTi0zmC69HbTmAcWJuP2Tqf-bm4d-bQanIM-Y2jsTidMT6wrBTr13TOgxnVGFBWmHP85XEI9xi0IM_FBYw5g2iI9sPXXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=2&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1xSVnw8Xoa&p=https%3A//risu.io&dtd=60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC62 181 KB
57 KB 210ms
206ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame AC62 35 KB
15 KB 62ms
60ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BA40 14 KB
1 KB 67ms
67ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:06:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame BA40 2 KB
892 B 50ms
49ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame BA40 23 KB
9 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame BA40 3 KB
1 KB 60ms
59ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame BA40 20 KB
8 KB 54ms
53ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA40 181 KB
57 KB 396ms
383ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame BA40 35 KB
15 KB 58ms
51ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame A144 9 KB
4 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame A144 11 KB
5 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A144 14 KB
1 KB 68ms
67ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 19:23:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame A144 2 KB
892 B 50ms
48ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame A144 23 KB
9 KB 51ms
50ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame A144 3 KB
1 KB 71ms
69ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame A144 20 KB
8 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A144 181 KB
57 KB 436ms
434ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame A144 35 KB
15 KB 52ms
51ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 76B4 9 KB
4 KB 76ms
64ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395170
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 02:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 06:34:59 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 76B4 11 KB
5 KB 78ms
66ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 07:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 565998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 07:07:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 76B4 14 KB
1 KB 87ms
73ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 20:10:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 76B4 2 KB
892 B 83ms
69ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame 76B4 23 KB
9 KB 83ms
69ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 76B4 3 KB
1 KB 86ms
73ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 76B4 20 KB
8 KB 82ms
69ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22412
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76B4 181 KB
57 KB 361ms
337ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 76B4 35 KB
15 KB 72ms
65ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:11:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 15:11:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C538 15 KB
6 KB 418ms
34ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 608087
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 2D78 0
186 B 367ms
49ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=70536488864

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C0B7 0
185 B 330ms
58ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=32441330534

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 0142 0
185 B 316ms
57ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=2335070823

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame CD1A 0
185 B 301ms
54ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=96891895150

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 3DA6 32 KB
19 KB 106ms
103ms XHR
application/json 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

270b3aa45700052f6f29e8c435a1276d30b815cedcce9131237dab727b15cb86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=2vyopuxijjq
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 23 Aug 2023 20:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19027
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:21:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E70 143 B
166 B 124ms
52ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=2&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=1xSVnw8Xoa&p=https%3A//risu.io&dtd=60
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AEE0 143 B
166 B 103ms
53ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=9&bdt=2590&idt=-M&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0&nras=2&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=VjBFOOt75Z&p=https%3A//risu.io&dtd=33
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FD9D 1 KB
643 B 108ms
66ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 14:28:46 GMT
etag: 48472445140208031
expires: Thu, 24 Aug 2023 14:28:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7243 1 KB
643 B 102ms
66ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 14:28:46 GMT
etag: 48472445140208031
expires: Thu, 24 Aug 2023 14:28:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 149A 143 B
166 B 81ms
55ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AC62 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e95cc773f9f3c3bd10680c51b097850a765ad1dbccce6808f3720e0ce344956

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71F1 143 B
166 B 79ms
44ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1504 0
20 B 77ms
67ms Ping
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgocCAEqGGJhbm5lci1sYXJnZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAGBlQDAECg0QKyEAAAAAAIBlQDABCg0QAyEAAADOzL6XQDAEEhpDSWVTd05ETjg0QURGVGcxclFZZDljWUltZyIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b5fa40f50e5935a6cb0e2cf2eea955bc.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 2D78 0
185 B 45ms
45ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2D78 43 B
365 B 47ms
46ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2D78 43 B
365 B 49ms
48ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame CD1A 43 B
365 B 54ms
53ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame CD1A 43 B
365 B 47ms
47ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame CD1A 0
185 B 664ms
659ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 0142 43 B
365 B 53ms
48ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 0142 43 B
365 B 51ms
46ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 0142 0
185 B 63ms
58ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame C0B7 43 B
365 B 63ms
62ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame C0B7 43 B
365 B 50ms
50ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:10 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame C0B7 0
185 B 230ms
229ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:09 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9441 143 B
166 B 46ms
44ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 19:49:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4817 1 KB
643 B 46ms
45ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 21144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 14:28:46 GMT
etag: 48472445140208031
expires: Thu, 24 Aug 2023 14:28:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 2D78
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=cx4EqoaDA7qiy71kN2rmZA&id=ida4mlvgiastit93r

3 KB
1 KB

278ms
275ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=cx4EqoaDA7qiy71kN2rmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 297b465b5eb03572221cffb800b1c1544433d4bb3c7a412b27f8f73a7293064e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=cx4EqoaDA7qiy71kN2rmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1504 0
20 B 65ms
64ms Ping
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b5fa40f50e5935a6cb0e2cf2eea955bc.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 0142
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ghdsA0_gDz2i21WeN2rmZA&id=ida4mlvgiastit93r

3 KB
1 KB

273ms
271ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ghdsA0_gDz2i21WeN2rmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e23323fd0282189e480879d3e4b9c546b573d35d7f4cba8bde792d071cfdee4b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ghdsA0_gDz2i21WeN2rmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame C0B7
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=l4I7UWEfCPOb2jSBN2rmZA&id=ida4mlvgiastit93r

3 KB
1 KB

280ms
278ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=l4I7UWEfCPOb2jSBN2rmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: bb9c14fcedd709d77383eabf30ad01ffb98b5efcb4dacfc6afd2bdea048f8092

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=l4I7UWEfCPOb2jSBN2rmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame CD1A
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=HXJ3uOzVAWGFT6bHN2rmZA&id=ida4mlvgiastit93r

3 KB
1 KB

272ms
268ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=HXJ3uOzVAWGFT6bHN2rmZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0f75c632392a31006b17a080947486e1141d45c0b0931b408254e6881541ab0b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=HXJ3uOzVAWGFT6bHN2rmZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H2

200

sid Show response
mug.criteo.com/ Frame C538
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=sbHaBnxhUmxTTFQyNDlyUGxZNGZvSTZiRnlRbU1KeHpiQXNTZlNJbElJUGZodU9yejJuV1JmU3pGamV4WUR0aWh1elpQczRVTDhRclArZ29MTjFrWHFEZDY4eXZCUVJ4WlFLUitrcm5jdzIwRVY0aWhCYmZId2cxY0F3dD...

436 B
670 B

355ms
57ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sbHaBnxhUmxTTFQyNDlyUGxZNGZvSTZiRnlRbU1KeHpiQXNTZlNJbElJUGZodU9yejJuV1JmU3pGamV4WUR0aWh1elpQczRVTDhRclArZ29MTjFrWHFEZDY4eXZCUVJ4WlFLUitrcm5jdzIwRVY0aWhCYmZId2cxY0F3dDFoVTh2ZHdaWk9xRTUzOFYwSTdjbDA2bTlZdXRtSGtqNyszZkozclRZWkROS3hzR0FlZ1VDZmt3eWUrUGxwT2VGL2xQMkJhNXh0ZTBJeG4xT0YzVzJhajQrY0t1RjFjQVpvS2FMY2xNNWtJdDU1OHJmNXpFU2d5NXIxN1Fsb1YxbHAzUGY3d0VIRkRObkRzdUUxY0hnY3BYNE1rWFY0QT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

96870ef0ac424244e2aae2fdab4f5ce0ecd12c420e37a2fe6ee745fabca3c4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1592338
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=sbHaBnxhUmxTTFQyNDlyUGxZNGZvSTZiRnlRbU1KeHpiQXNTZlNJbElJUGZodU9yejJuV1JmU3pGamV4WUR0aWh1elpQczRVTDhRclArZ29MTjFrWHFEZDY4eXZCUVJ4WlFLUitrcm5jdzIwRVY0aWhCYmZId2cxY0F3dDFoVTh2ZHdaWk9xRTUzOFYwSTdjbDA2bTlZdXRtSGtqNyszZkozclRZWkROS3hzR0FlZ1VDZmt3eWUrUGxwT2VGL2xQMkJhNXh0ZTBJeG4xT0YzVzJhajQrY0t1RjFjQVpvS2FMY2xNNWtJdDU1OHJmNXpFU2d5NXIxN1Fsb1YxbHAzUGY3d0VIRkRObkRzdUUxY0hnY3BYNE1rWFY0QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 494806
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame FD92 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d51263920ae18a577246a396448ee6073b489f44d2034b7c1eb596ba13bb0af6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1504 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc6251e15947a6d44e8d5591d7443d57bbe184f68721e6b2b812f663a874e649

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BA40
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0Gn0M2rmZL-hHPPrtOUP2bWfkATr5YWKcvvjrd-CEp7gwISGAhABII6H3o8BYMm2o4jwo-wSoAGv4bDhKMgBCagDAcgDywSqBLQBT9BMSzWUIm0JA61NzUvorlnzKM-cydRN0Xd5faOX_18...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xac124a468ffcba9f0000000000000000%22,%222%22:%220xe50ff6a19e8b20860000000000000000%22,%223%22:%220x765d83...

0
0

170ms
59ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xac124a468ffcba9f0000000000000000%22,%222%22:%220xe50ff6a19e8b20860000000000000000%22,%223%22:%220x765d830c8ec671a80000000000000000%22,%224%22:%220xb6b6ec69476ea1cf0000000000000000%22,%225%22:%220xadbe8ea22b59abc90000000000000000%22},%22debug_key%22:%2212973639207128346960%22,%22debug_reporting%22:true,%22destination%22:%22https://familymanhvac.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210941640879%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226941932222729461761%22}&andc=true

Protocol

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xac124a468ffcba9f0000000000000000","2":"0xe50ff6a19e8b20860000000000000000","3":"0x765d830c8ec671a80000000000000000","4":"0xb6b6ec69476ea1cf0000000000000000","5":"0xadbe8ea22b59abc90000000000000000"},"debug_key":"12973639207128346960","debug_reporting":true,"destination":"https://familymanhvac.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10941640879"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"6941932222729461761"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:21:11 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:21:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xac124a468ffcba9f0000000000000000","2":"0xe50ff6a19e8b20860000000000000000","3":"0x765d830c8ec671a80000000000000000","4":"0xb6b6ec69476ea1cf0000000000000000","5":"0xadbe8ea22b59abc90000000000000000"},"debug_key":"12973639207128346960","debug_reporting":true,"destination":"https://familymanhvac.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10941640879"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"6941932222729461761"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD9D
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEAA8nMWAfp6VEj8VjU_qr3w&google_cver=1&google_push=AXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3QrMGISD2USia-rubV-m_epKs2EJR6rF8juYU...
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3Q...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3QrMGISD2USia-rubV-m_epKs2EJR6rF8juYUdGOt1VKZfQC01Ujq...

170 B
188 B

68ms
65ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3QrMGISD2USia-rubV-m_epKs2EJR6rF8juYUdGOt1VKZfQC01Ujqxs_5HN7BE2QMEcUum5Iztg8gl6TvFSLMedyBfw&google_cver=1&google_gid=CAESEAA8nMWAfp6VEj8VjU_qr3w&google_hm=UTc0NjEwODQ3MjE0MzU2ODc0MTQ=

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 20:21:13 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmRVB48l1-PIB0aw3BKwolesoLazLHYith267CjMXX1GLm99P_DRTr2p9Yd3kka3QrMGISD2USia-rubV-m_epKs2EJR6rF8juYUdGOt1VKZfQC01Ujqxs_5HN7BE2QMEcUum5Iztg8gl6TvFSLMedyBfw&google_cver=1&google_gid=CAESEAA8nMWAfp6VEj8VjU_qr3w&google_hm=UTc0NjEwODQ3MjE0MzU2ODc0MTQ=
Content-Type: text/html
Cache-Control: max-age=78150
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD9D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NHVmM3dSdEYxUXlVbE41&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&google_cver=1&google_push=AXcoOmSNbgU6Lo_L4_YzjeIVHKVlriUYOevHwnJVmTwLA9z...

170 B
188 B

69ms
67ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NHVmM3dSdEYxUXlVbE41&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&google_cver=1&google_push=AXcoOmSNbgU6Lo_L4_YzjeIVHKVlriUYOevHwnJVmTwLA9ze2N6bKjJrETKnW6FPdftrov6ZSsY1ScsF8_u8QYV8Vv0oj-myunq5JKSmICBRs_w0QwI_4Ic8DU738wSHGm3SzFB0a8smaHhRNvoVdpJS3RM-HqQ

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:21:10 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-08e981f22dc0d69ee@us-east-1e@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NHVmM3dSdEYxUXlVbE41&google_gid=CAESEOD5fLseMqHJPSzXXNKNoNw&google_cver=1&google_push=AXcoOmSNbgU6Lo_L4_YzjeIVHKVlriUYOevHwnJVmTwLA9ze2N6bKjJrETKnW6FPdftrov6ZSsY1ScsF8_u8QYV8Vv0oj-myunq5JKSmICBRs_w0QwI_4Ic8DU738wSHGm3SzFB0a8smaHhRNvoVdpJS3RM-HqQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD9D
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESELB6HMyyf1sxTzwfEaNLUUQ&google_cver=1&google_push=AXcoOmQ4vvkNruuevbTkqTxQIR8LZcGcuy1zyToKvgYtio_dzxpye51qiWR0CpnORxNDGaH4IMfpRWD151r3oH1DQesFbxheQULq...
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ4vvkNruuevbTkqTxQIR8LZcGcuy1zyToKvgYtio_dzxpye51qiWR0CpnORxNDGaH4IMfpRWD151r3oH1DQesFbxheQULqLHx89DWXk1EftA776ooiLgkt4dT...

170 B
232 B

101ms
65ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ4vvkNruuevbTkqTxQIR8LZcGcuy1zyToKvgYtio_dzxpye51qiWR0CpnORxNDGaH4IMfpRWD151r3oH1DQesFbxheQULqLHx89DWXk1EftA776ooiLgkt4dTTktMOaF795EZkcJ0o0YApH4mgNPZQXYw&google_hm=UjMzNjQ2XzEwN0UwNkI4QV9DMDlDMEQ5MA%3D%3D

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQ4vvkNruuevbTkqTxQIR8LZcGcuy1zyToKvgYtio_dzxpye51qiWR0CpnORxNDGaH4IMfpRWD151r3oH1DQesFbxheQULqLHx89DWXk1EftA776ooiLgkt4dTTktMOaF795EZkcJ0o0YApH4mgNPZQXYw&google_hm=UjMzNjQ2XzEwN0UwNkI4QV9DMDlDMEQ5MA%3D%3D
Date: Wed, 23 Aug 2023 20:21:11 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-375826799; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 405
Content-Type: text/html; charset=utf-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD9D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENdudzbAWbThss2dAw1mY1A&google_push=AXcoOmR5c18deioDh29Lfpn--tbEb9ui0Ui-XwxwMnjdmi3jRZby3v5ev9...

170 B
329 B

140ms
54ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENdudzbAWbThss2dAw1mY1A&google_push=AXcoOmR5c18deioDh29Lfpn--tbEb9ui0Ui-XwxwMnjdmi3jRZby3v5ev9m5OK-XwloCsOw1ByZEDasAEyUqzklRJFd4TKte5txBX-kOX-OW928jPeH5eJImziJg_HB7ueajSXfJOwVpz15LJQ1yY39EK6vNXxs

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-chi-klot8100088-CHI
pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692822071.986079,VS0,VE22
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENdudzbAWbThss2dAw1mY1A&google_push=AXcoOmR5c18deioDh29Lfpn--tbEb9ui0Ui-XwxwMnjdmi3jRZby3v5ev9m5OK-XwloCsOw1ByZEDasAEyUqzklRJFd4TKte5txBX-kOX-OW928jPeH5eJImziJg_HB7ueajSXfJOwVpz15LJQ1yY39EK6vNXxs
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD9D
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEEDJOvRhVwvAeOR37ZQBICE&google_cver=1&google_push=AXcoOmQnssSca3A26CKhnu6qiQg4d8r9PCw8FnnmNXx-eu6Y_-5qxBPmcr514GohlmsEyoHmymbc16ZIZ5xmWT_lsd3om4PfM...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860510236

170 B
232 B

100ms
63ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860510236

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=817860510236
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD9D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEALErGsakCZ4lhF58zCZFB4&google_cver=1&google_push=AXcoOmTyBwIL_6qaQvlSf6z7_ArPIv8vf1kPoQGmsOcxramn1YlD2XtoJm2bxF7084m-j7G2JqcXWFFR8TBUutX2HYWEMrb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyBwIL_6qaQvlSf6z7_ArPIv8vf1kPoQGmsOcxramn1YlD2XtoJm2bxF7084m-j7G2JqcXWFFR8TBUutX2HYWEMrbhMIvtHYAbX5WUnzngVsphZw9Jk-3ZK0U5xIAEm...

170 B
232 B

76ms
67ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyBwIL_6qaQvlSf6z7_ArPIv8vf1kPoQGmsOcxramn1YlD2XtoJm2bxF7084m-j7G2JqcXWFFR8TBUutX2HYWEMrbhMIvtHYAbX5WUnzngVsphZw9Jk-3ZK0U5xIAEmZeW19xLCKdeAsSQo59l-WahkTE&google_hm=eS0xVVV5VEVORTJwRzBaR3ZlcXdXdHlmZVA0dm5WTmJoRX5B

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTyBwIL_6qaQvlSf6z7_ArPIv8vf1kPoQGmsOcxramn1YlD2XtoJm2bxF7084m-j7G2JqcXWFFR8TBUutX2HYWEMrbhMIvtHYAbX5WUnzngVsphZw9Jk-3ZK0U5xIAEmZeW19xLCKdeAsSQo59l-WahkTE&google_hm=eS0xVVV5VEVORTJwRzBaR3ZlcXdXdHlmZVA0dm5WTmJoRX5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FD9D
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESELN76UDTkL1Jkvn--QMFLVg&google_cver=1&google_push=AXcoOmTs-uQC9mOubs4y1Ws0i-usM-KrFr88CeolqgZtVocQMdLg4qg1r...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTs-uQC9mOubs4y1Ws0i-usM-KrFr88CeolqgZtVocQMdLg4qg1rdXx6q-4sG7wvviDw-j13x9NBsQFeu9mknpvJaElxBrdfUooXSfZ8kxcFYpSygqEJqOyrBVmR...

170 B
232 B

98ms
62ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTs-uQC9mOubs4y1Ws0i-usM-KrFr88CeolqgZtVocQMdLg4qg1rdXx6q-4sG7wvviDw-j13x9NBsQFeu9mknpvJaElxBrdfUooXSfZ8kxcFYpSygqEJqOyrBVmRdUwL6G9Ji9DFmdmAlyt2cSJCkt9b7gD&google_hm=QlMuODM0NC0yNDVhLTQxMGEtYTg4ZA==

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmTs-uQC9mOubs4y1Ws0i-usM-KrFr88CeolqgZtVocQMdLg4qg1rdXx6q-4sG7wvviDw-j13x9NBsQFeu9mknpvJaElxBrdfUooXSfZ8kxcFYpSygqEJqOyrBVmRdUwL6G9Ji9DFmdmAlyt2cSJCkt9b7gD&google_hm=QlMuODM0NC0yNDVhLTQxMGEtYTg4ZA==
Date: Wed, 23 Aug 2023 20:21:11 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FD9D 0
130 B 179ms
62ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfIvqlWHy2sCBu7ns0nNYxLUPistBGkPfMYSFhALEg4PXxiP-ME17OoDAtLaB2TLtyM8iGRQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7243 35 B
463 B 210ms
49ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEG2Ej5dqwVxfeEH7ZAqv6VM&google_cver=1&google_push=AXcoOmRlLtH3tH3nbMicPKuRCx2m6cMsuN53iyvKDSVZ_nlUYeJmLLc9n2SOBVf_IAYCi20upXRwupgUSgEYmoD8rtuJNbvYVf_lyxQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7243
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENhgZKhmJ43QgO-EiWF8StU&google_cver=1&google_push=AXcoOmScRGaUY8J8HsKkPz2M34Y2yJyPixzQihLz6KJv3v7Q6hAPOvku0G1jd0lgD6M-d64JpgFlrxaQ5CpWRGpRrNct4IVpGzb6-vc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3BF35241619B480A92501412065FE32C&google_push=AXcoOmScRGaUY8J8HsKkPz2M34Y2yJyPixzQihLz6KJv3v7Q6hAPOvku0G1jd0lgD6M-d64JpgFlrxaQ5CpWRGp...

170 B
232 B

143ms
58ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3BF35241619B480A92501412065FE32C&google_push=AXcoOmScRGaUY8J8HsKkPz2M34Y2yJyPixzQihLz6KJv3v7Q6hAPOvku0G1jd0lgD6M-d64JpgFlrxaQ5CpWRGpRrNct4IVpGzb6-vc

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3BF35241619B480A92501412065FE32C&google_push=AXcoOmScRGaUY8J8HsKkPz2M34Y2yJyPixzQihLz6KJv3v7Q6hAPOvku0G1jd0lgD6M-d64JpgFlrxaQ5CpWRGpRrNct4IVpGzb6-vc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 22 Aug 2023 20:21:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7243
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEH1AcDtrLyhjHm2tbBbidcI&google_cver=1&google_push=AXcoOmQKLOUA8Sc9mM-FYo6510u-kPgQOpHL5pRyZycJsS37ELmLA3Go42DZRdF2s0n5o1SgT7sidG3NaUcIBbx11S...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEH1AcDtrLyhjHm2tbBbidcI&google_cver=1&google_push=AXcoOmQKLOUA8Sc9mM-FYo6510u-kPgQOpHL5pRyZycJsS37ELmLA3Go42DZRdF2s0n5o1SgT7sidG3NaUcIBbx11S...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTVkNzExMjktNmNlOC00NDAxLThiMmEtMDZjMTIwMzc2ZTk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=95d71129-6ce8-4401-8b2a-06c120376e97

170 B
188 B

69ms
67ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTVkNzExMjktNmNlOC00NDAxLThiMmEtMDZjMTIwMzc2ZTk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=95d71129-6ce8-4401-8b2a-06c120376e97

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTVkNzExMjktNmNlOC00NDAxLThiMmEtMDZjMTIwMzc2ZTk3&google_push&gdpr=0&gdpr_consent=&ttd_tdid=95d71129-6ce8-4401-8b2a-06c120376e97
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7243
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMipFA8-KQKwvTJKEt2iadY&google_cver=1&google_push=AXcoOmRhr4yPuH1ZVa_G2DAmfRnlOtdlVWDqtQRLoNG55NDkZUn1M0mwg1Pikd1IZjK3zAvLWeP9a-1pxjNuSOV7l6uSpXI...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhr4yPuH1ZVa_G2DAmfRnlOtdlVWDqtQRLoNG55NDkZUn1M0mwg1Pikd1IZjK3zAvLWeP9a-1pxjNuSOV7l6uSpXI8B5laJ9s&google_hm=eS04bzFwNTNsRTJwRW1...

170 B
232 B

74ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhr4yPuH1ZVa_G2DAmfRnlOtdlVWDqtQRLoNG55NDkZUn1M0mwg1Pikd1IZjK3zAvLWeP9a-1pxjNuSOV7l6uSpXI8B5laJ9s&google_hm=eS04bzFwNTNsRTJwRW1rRTRXNmVrMTExd1g3OGFZZVFFcn5B

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhr4yPuH1ZVa_G2DAmfRnlOtdlVWDqtQRLoNG55NDkZUn1M0mwg1Pikd1IZjK3zAvLWeP9a-1pxjNuSOV7l6uSpXI8B5laJ9s&google_hm=eS04bzFwNTNsRTJwRW1rRTRXNmVrMTExd1g3OGFZZVFFcn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7243
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmThs4...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_push=AXcoOmThs4OVWexKNoG9zye_NDwl7wAsK8hpX9CJSfS8_YNnFANXIKT1hmNgGpgW1cKxEIcLShzwUZV-cikD...

170 B
188 B

70ms
67ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_push=AXcoOmThs4OVWexKNoG9zye_NDwl7wAsK8hpX9CJSfS8_YNnFANXIKT1hmNgGpgW1cKxEIcLShzwUZV-cikD15sHrbJGTOghFTOQnfc

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_push=AXcoOmThs4OVWexKNoG9zye_NDwl7wAsK8hpX9CJSfS8_YNnFANXIKT1hmNgGpgW1cKxEIcLShzwUZV-cikD15sHrbJGTOghFTOQnfc
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1884931
content-length: 0
expires: Wed, 23 Aug 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7243
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEO--Uv3qCfEmMvGsoLIEGwU&google_cver=1&google_push=AXcoOmRhIfX_9mw-t7qjguF4frCZBtZPVTGs49z4Rx3t9ei3WWJmtLZcDGjXG_vi5fbI3cbyixEeSS2A-jOk4q72d-...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmRhIfX_9mw-t7qjguF4frCZBtZPVTGs49z4Rx3t9ei3WWJmtLZcDGjXG_vi5fbI3cbyixEeSS2A-jOk4q72d-Xe...

170 B
232 B

148ms
63ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmRhIfX_9mw-t7qjguF4frCZBtZPVTGs49z4Rx3t9ei3WWJmtLZcDGjXG_vi5fbI3cbyixEeSS2A-jOk4q72d-Xei3VJcaQcj9g

Requested by

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmRhIfX_9mw-t7qjguF4frCZBtZPVTGs49z4Rx3t9ei3WWJmtLZcDGjXG_vi5fbI3cbyixEeSS2A-jOk4q72d-Xei3VJcaQcj9g
Date: Wed, 23 Aug 2023 20:21:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7243
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJzMYk-Dg2UX6kwGiNC5W-M&google_cver=1&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6I...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJzMYk-Dg2UX6kwGiNC5W-M%26google_cver%3D1%26google_push%3DAXcoOmShSE0VOynGhrVN_J...
https://rtb2-useast.e-volution.ai/sync?adkuid=A6942815729684724525&exchange=193&google_gid=CAESEJzMYk-Dg2UX6kwGiNC5W-M&google_cver=1&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6...

170 B
188 B

62ms
62ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6IhZiCgnNhaS02XmdPFSWt-cTN

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTY5NDI4MTU3Mjk2ODQ3MjQ1MjU&google_push=AXcoOmShSE0VOynGhrVN_JqkAL4YJ9k2WrdhcYNN94uRzg_ALyFM_YuGQG7QAG1TK1cz6a_solfjbW6IhZiCgnNhaS02XmdPFSWt-cTN
Date: Wed, 23 Aug 2023 20:21:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7243 0
49 B 181ms
65ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQ6V_ciiw5oMpoJuA13clrnv_7PrR75Sjg4AOdNl570px0ul-c5HzqTXwkxf0D-gOgSZhcDQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame DB6A 37 KB
14 KB 62ms
57ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1504 33 KB
33 KB 53ms
51ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 475268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 08:20:03 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FD92 33 KB
33 KB 63ms
45ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 475268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 08:20:03 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4817
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHVMUNXswZXX8FX30qyVGMY&google_cver=1&google_push=AXcoOmQynonCWaVmnQDfA9aWmmx5AD5VWqp5bKo04vQOReC3_ZceqJNuEIVUmjpKcuWCOVqwbnezDCTdSSN4CDgBVqkFcURavkSvau8e
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMyNDEwNzM4NDc1MDI5NzA4Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECg-Ypah-lTbUv6Yl9-9WDg&google_cver=1

43 B
398 B

109ms
56ms

Image
image/gif

2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECg-Ypah-lTbUv6Yl9-9WDg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88
Protocol: H2
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESECg-Ypah-lTbUv6Yl9-9WDg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4817
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED-XS9PK-jFbWEobgRhTlb8&google_cver=1&google_push=AXcoOmTqm0SZlYWEuq9oZH_ERMgz7Dlu2AizRGHLfERah5tCStN3qkU2KElbY2ocbDTUdGnz2u26WL9tzdGiSlx6...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTqm0SZlYWEuq9oZH_ERMgz7Dlu2AizRGHLfERah5tCStN3qkU2KElbY2ocbDTUdGnz2u26WL9tzdGiSlx6keUhQVIgRwKSaUNZ

170 B
188 B

68ms
65ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTqm0SZlYWEuq9oZH_ERMgz7Dlu2AizRGHLfERah5tCStN3qkU2KElbY2ocbDTUdGnz2u26WL9tzdGiSlx6keUhQVIgRwKSaUNZ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 20:21:11 GMT
Server: MT3 1031 59fd23a master iad iad-pixel-x10 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTqm0SZlYWEuq9oZH_ERMgz7Dlu2AizRGHLfERah5tCStN3qkU2KElbY2ocbDTUdGnz2u26WL9tzdGiSlx6keUhQVIgRwKSaUNZ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 23 Aug 2023 20:21:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4817
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELorW2wGJ9oDl1BrpKaxsFY&google_cver=1&google_push=AXcoOmRiWtgyf4Np8WBG9CJJ-QPr248_y8xrPW_m5szdZ-vykc1mgg9ucvIZ76vGQ86OQezCZVSpGps1tmN0eFPrrKdZ1brx2vEtY6y6
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJDODg2NTIyQTkzNzJEQw==

170 B
188 B

68ms
65ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJDODg2NTIyQTkzNzJEQw==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjJDODg2NTIyQTkzNzJEQw==
date: Wed, 23 Aug 2023 20:21:11 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4817
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMc0GbTcRB1REcXTlsy8cik&google_cver=1&google_push=AXcoOmTwl0HTs8JNT7wOiADbbrSly3jSHKdgs5vL2mP6Mr6ipYNCE7wHrNZKbi8EEgWXtDhu2WybBku_rY6uSRzY4dzAY8r...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTwl0HTs8JNT7wOiADbbrSly3jSHKdgs5vL2mP6Mr6ipYNCE7wHrNZKbi8EEgWXtDhu2WybBku_rY6uSRzY4dzAY8rUYv0pJOMU&google_hm=eS0ua1FfdXN4RTJwRj...

170 B
232 B

76ms
68ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTwl0HTs8JNT7wOiADbbrSly3jSHKdgs5vL2mP6Mr6ipYNCE7wHrNZKbi8EEgWXtDhu2WybBku_rY6uSRzY4dzAY8rUYv0pJOMU&google_hm=eS0ua1FfdXN4RTJwRjBWbVZQd2pBR1Bla1NtVUMwa2NseX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTwl0HTs8JNT7wOiADbbrSly3jSHKdgs5vL2mP6Mr6ipYNCE7wHrNZKbi8EEgWXtDhu2WybBku_rY6uSRzY4dzAY8rUYv0pJOMU&google_hm=eS0ua1FfdXN4RTJwRjBWbVZQd2pBR1Bla1NtVUMwa2NseX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4817
Redirect Chain

https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBpzb8TWql1mV6_olJUmhbs&google_push=AXcoOmRSNbo1EpR9DI_MkXKh_94lQivZ8T5ii6XJFsdRdWLiqhqGdSUG1VR2uJx9658gVHyp2xFYcWgz9yXw8CO0_Jf41-x...
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmRSNbo1EpR9DI_MkXKh_94lQivZ8T5ii6XJFsdRdWLiqhqGdSUG1VR2uJx9658gVHyp2xFYcWgz9yXw8CO0_Jf41-xJDdStY3sT&google_hm=MTA1OTQwMTQ0ND...

170 B
188 B

70ms
67ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmRSNbo1EpR9DI_MkXKh_94lQivZ8T5ii6XJFsdRdWLiqhqGdSUG1VR2uJx9658gVHyp2xFYcWgz9yXw8CO0_Jf41-xJDdStY3sT&google_hm=MTA1OTQwMTQ0NDQzNTA5NDMwMTg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_push=AXcoOmRSNbo1EpR9DI_MkXKh_94lQivZ8T5ii6XJFsdRdWLiqhqGdSUG1VR2uJx9658gVHyp2xFYcWgz9yXw8CO0_Jf41-xJDdStY3sT&google_hm=MTA1OTQwMTQ0NDQzNTA5NDMwMTg
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4817
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJsx-o5gKWrvQfV10KExXRE&google_cver=1&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2fNbZY...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJsx-o5gKWrvQfV10KExXRE&google_cver=1&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwNjkxNTIxNjQ1NjY2MTY&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2fNbZYQ...

170 B
188 B

65ms
64ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwNjkxNTIxNjQ1NjY2MTY&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2fNbZYQx3h8tKqKDllAHrvkGkLp6U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjEwNjkxNTIxNjQ1NjY2MTY&google_push=AXcoOmSdaCa6502xKREbpflNrBGEm_cxTVBWNNDtHq8mc6QwpEbeQfhJUnI6FnheXN3c807hMw2fNbZYQx3h8tKqKDllAHrvkGkLp6U
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4817
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEJ19VAgSuzVyO8zT3og6RtA&google_cver=1&google_push=AXcoOmQ8ktm8mg1hoWy8jB8mNJCzSsXn-MnU8Y-4GjkwMAzkw-A6gzJFK...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8ktm8mg1hoWy8jB8mNJCzSsXn-MnU8Y-4GjkwMAzkw-A6gzJFK70kOURe4ReYFMho2WJL4vJoSBspQTmfdX0bnsHvq_M-AZEk&google_hm=QlMuOGM4Mi1hZW...

170 B
188 B

66ms
64ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8ktm8mg1hoWy8jB8mNJCzSsXn-MnU8Y-4GjkwMAzkw-A6gzJFK70kOURe4ReYFMho2WJL4vJoSBspQTmfdX0bnsHvq_M-AZEk&google_hm=QlMuOGM4Mi1hZWU3LTQyOGUtYjk1NQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQ8ktm8mg1hoWy8jB8mNJCzSsXn-MnU8Y-4GjkwMAzkw-A6gzJFK70kOURe4ReYFMho2WJL4vJoSBspQTmfdX0bnsHvq_M-AZEk&google_hm=QlMuOGM4Mi1hZWU3LTQyOGUtYjk1NQ==
Date: Wed, 23 Aug 2023 20:21:11 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4817 0
40 B 83ms
64ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMDxWdsOIm8n6zg3zqxkXHx9IqG1AaoQxnOQ3OQ5jdW9xEJogFaDvKWR2pU-gxu0wu-oGp9g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2E70
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

114ms
66ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
expires: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AEE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

111ms
78ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
expires: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 149A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

125ms
91ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
expires: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1157 0
10 B 69ms
66ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5sD3xA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 71F1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

95ms
76ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
expires: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 3DA6 33 KB
19 KB 133ms
132ms XHR
application/json 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ca4c98f6f87d2a2302cdb48cf16ef41220c6e773c2774eb46ab698869d1b16b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=2vyopuxijjq
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19236
x-xss-protection: 1; mode=block
expires: Wed, 23 Aug 2023 20:21:11 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 211ms
70ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B22 37 KB
14 KB 89ms
88ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame EE49 37 KB
14 KB 86ms
82ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1504 0
20 B 94ms
91ms Ping
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b5fa40f50e5935a6cb0e2cf2eea955bc.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9441
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

88ms
71ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
expires: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AC62 33 KB
33 KB 93ms
72ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 08:20:03 GMT
x-content-type-options: nosniff
age: 475268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 08:20:03 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AC62
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CiyeINGrmZNOPHtGEtOUPzNK86APyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBM0BT9DWcknCDDWlBODVRtu6i5TlHeQBFZ9_F5utJQje2bl...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d...

0
0

64ms
61ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%2210435710991872443868%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226211427290346223713%22}&andc=true

Protocol

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"10435710991872443868","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"6211427290346223713"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:21:11 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"10435710991872443868","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"6211427290346223713"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FD92
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CB7PBNGrmZOuAHeXttOUP_peK6APyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBMcBT9BfPKEss07Q8nN8G5W1mUToN3eYa96rwCDemTTwn5g...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d...

0
0

63ms
61ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%221727377900885626491%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213275621699322952913%22}&andc=true

Protocol

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"1727377900885626491","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"13275621699322952913"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:21:11 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"1727377900885626491","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"13275621699322952913"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1504
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPTq1NGrmZIeoILjqtOUP9Y2j0AnyoJigcsPh69LvEcrMg--ODhABII6H3o8BYMm2o4jwo-wSoAHZwdP8KcgBAagDAcgDwwSqBMcBT9Bal3roOLOG6OYekEe5JTUrZoathR4PRKvzoLttNXq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d...

0
0

63ms
58ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%22659068942863957075%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224852661949019239313%22}&andc=true

Protocol

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"659068942863957075","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"4852661949019239313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Aug 2023 20:21:11 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f44cd2a127f677c0000000000000000","2":"0xa36e209a9e9f24220000000000000000","3":"0xf50d9d4a651575eb0000000000000000","4":"0x6ee203bfdfa19fcf0000000000000000","5":"0xbdee828f7d6368b30000000000000000"},"debug_key":"659068942863957075","debug_reporting":true,"destination":"https://watchmypage.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11267268825"],"4":["08-23"],"6":["true"]},"priority":"500","source_event_id":"4852661949019239313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 53F8 37 KB
14 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B94 37 KB
14 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 61ms
58ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1715 37 KB
14 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692858068&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692822068351&bpp=7&bdt=2591&idt=7&shv=r20230822&mjsv=m202308170101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dae18374c247db352-220c4658b3e300a8%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ&gpic=UID%3D00000d8d65dc8abe%3AT%3D1692822067%3ART%3D1692822067%3AS%3DALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=2195860126897&frm=20&pv=1&ga_vid=1151473509.1692822067&ga_sid=1692822067&ga_hid=478420106&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076838&oid=2&pvsid=889313892691995&tmod=763574705&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=rbz19z5K3L&p=https%3A//risu.io&dtd=88

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
59ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%221727377900885626491%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213275621699322952913%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0CBE 15 KB
6 KB 59ms
56ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 1477163
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 405E 15 KB
6 KB 63ms
62ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 934763
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame BC64 15 KB
6 KB 61ms
57ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 1452703
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 63ms
59ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f44cd2a127f677c0000000000000000%22,%222%22:%220xa36e209a9e9f24220000000000000000%22,%223%22:%220xf50d9d4a651575eb0000000000000000%22,%224%22:%220x6ee203bfdfa19fcf0000000000000000%22,%225%22:%220xbdee828f7d6368b30000000000000000%22},%22debug_key%22:%22659068942863957075%22,%22debug_reporting%22:true,%22destination%22:%22https://watchmypage.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211267268825%22],%224%22:[%2208-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224852661949019239313%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 23 Aug 2023 20:21:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1504 0
20 B 67ms
65ms Ping
image/gif 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgocCAEqGGJhbm5lci1sYXJnZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAEOvzQDAECg0QFSEAAAAAAAAsQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAADNzAWpQDAECg0QMiEAAAAAcGbmPzAECg0QMyEAAAAAcGbmPzAECg0QNCEAAAAAcGbmPzAECg0QNSEAAAAAcGbmPzAECg0QNiEAAAAAcGbmPzAECg0QNyEAAAAAcGbmPzAECg0QOCEAAAAANDMsQDAECg0QOSEAAADQzOx7QDAECg0QOiEAAAAAANh9QDAECg0QOyEAAADNzNaiQDAECg0QPCEAAADNzNaiQDAECg0QPSEAAADNzNiiQDAECg0QPiEAAAA0M-SoQDAECg0QPyEAAABnZuSoQDAECg0QQCEAAADNzBipQDAEEhpDSWVTd05ETjg0QURGVGcxclFZZDljWUltZyIWdGV4dC92YW5pbGxhX2hpZ2hsaWdodCgD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b5fa40f50e5935a6cb0e2cf2eea955bc.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0CBE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=POs6JV93VkVobENFWEt5d1RIbTJURlhEQ2UwZSUyQkRRY3hMR3l4JTJGUTFJREV2RzdsMGZoZGFaVmh1d1Ru...
https://mug.criteo.com/sid?cpp=auAtI3xhRGxpT3gvR25WclpqR0YxU0orMXhLTEZzRE54bk9RUzg1eXRsMGh0a3BMUldiNFczQkkyVWc1S3hEcFlDazljYWNXUTFEUGtkTjU1dmxkOXpSMUsxaVVvRzd1eWRCcE1Sd1c5RGZ4cEJ5aU1mRVVIVEk0STBzNH...

433 B
655 B

54ms
54ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=auAtI3xhRGxpT3gvR25WclpqR0YxU0orMXhLTEZzRE54bk9RUzg1eXRsMGh0a3BMUldiNFczQkkyVWc1S3hEcFlDazljYWNXUTFEUGtkTjU1dmxkOXpSMUsxaVVvRzd1eWRCcE1Sd1c5RGZ4cEJ5aU1mRVVIVEk0STBzNHR0Z3B3T2k5L2xxSzVlVm8vanNwdWk1SkVVSS9KYzlXVDZ1NURnbnhQR2cvTW5CeVFFRjhjbGtnVlEvdVErelpyNGhXUFRPR3FsZVVvT1preFI4RzJBYyszbk12ZG82QVNNS2JRTWs1ZUR0Um5tc0FCUDBSUTloVmczbURWdkFBOStUL2RvZlJjUzExWDh2L0lFK25yZE5nczlzVU9LUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ae79208b44891a64af6b3b02b9885bfd0356ddd5205bde12216a13b929d35673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1857740
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=auAtI3xhRGxpT3gvR25WclpqR0YxU0orMXhLTEZzRE54bk9RUzg1eXRsMGh0a3BMUldiNFczQkkyVWc1S3hEcFlDazljYWNXUTFEUGtkTjU1dmxkOXpSMUsxaVVvRzd1eWRCcE1Sd1c5RGZ4cEJ5aU1mRVVIVEk0STBzNHR0Z3B3T2k5L2xxSzVlVm8vanNwdWk1SkVVSS9KYzlXVDZ1NURnbnhQR2cvTW5CeVFFRjhjbGtnVlEvdVErelpyNGhXUFRPR3FsZVVvT1preFI4RzJBYyszbk12ZG82QVNNS2JRTWs1ZUR0Um5tc0FCUDBSUTloVmczbURWdkFBOStUL2RvZlJjUzExWDh2L0lFK25yZE5nczlzVU9LUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 531696
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 405E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=POs6JV93VkVobENFWEt5d1RIbTJURlhEQ2UwZSUyQkRRY3hMR3l4JTJGUTFJREV2RzdsMGZoZGFaVmh1d1Ru...
https://mug.criteo.com/sid?cpp=kjseBnxxR0lvWGx3U0JjZ05rWWZJNlZ5b0VkR2RiWjhCZktYTDRpNm9xcExFRWxDUU5yVXo4YU1EblFlNTV0aTRPREh5UjlNUWF5RDJYYWlCUFJqVldEbzN3ck5na3FBdXVNVWdUZThKbTFYc3BpbUoyeFFmS3BPeDBPOT...

425 B
649 B

55ms
54ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kjseBnxxR0lvWGx3U0JjZ05rWWZJNlZ5b0VkR2RiWjhCZktYTDRpNm9xcExFRWxDUU5yVXo4YU1EblFlNTV0aTRPREh5UjlNUWF5RDJYYWlCUFJqVldEbzN3ck5na3FBdXVNVWdUZThKbTFYc3BpbUoyeFFmS3BPeDBPOTNWVzlSdjlDREpBenhZT25wSFZCakthb0FSV0wwVEhSdWtmRlhDUXg4Y2VHalFleU9EUU9aK0svN25BMEM5U0YyT3dKSFQ1WFczVjAzbWdMSm5tbEtEWjRKa25TWXU4NEFXUkpPYmM0NitnOFczUjVaUXErRGJtc1FUQWNFRVNrc3ZjRXBnbC9hWW9xU2Z0aTBzb2lCT3lsMXErQjJZdz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

95473022bfd6b1c9f466aadb3fa3358627c0b4a58c246b638da2a6e09a0790e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1260156
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=kjseBnxxR0lvWGx3U0JjZ05rWWZJNlZ5b0VkR2RiWjhCZktYTDRpNm9xcExFRWxDUU5yVXo4YU1EblFlNTV0aTRPREh5UjlNUWF5RDJYYWlCUFJqVldEbzN3ck5na3FBdXVNVWdUZThKbTFYc3BpbUoyeFFmS3BPeDBPOTNWVzlSdjlDREpBenhZT25wSFZCakthb0FSV0wwVEhSdWtmRlhDUXg4Y2VHalFleU9EUU9aK0svN25BMEM5U0YyT3dKSFQ1WFczVjAzbWdMSm5tbEtEWjRKa25TWXU4NEFXUkpPYmM0NitnOFczUjVaUXErRGJtc1FUQWNFRVNrc3ZjRXBnbC9hWW9xU2Z0aTBzb2lCT3lsMXErQjJZdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 290224
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame BC64
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=POs6JV93VkVobENFWEt5d1RIbTJURlhEQ2UwZSUyQkRRY3hMR3l4JTJGUTFJREV2RzdsMGZoZGFaVmh1d1Ru...
https://mug.criteo.com/sid?cpp=RE1UAHxCaGNnTTVjMW5BaVh1eTVBd2UyeXkvZEpCT01Kam15Qkc4alhKeEhoK0pqUHlzYkdGcGNOM2VtYU9CcVNlQWhOU3hTQTJESytBY0kwQXF5ZXFCVi9oRTlWZkhyR2I5cXA0YXl0ckRjRTZxcUJzcW1RVlgwVk9sOU...

419 B
645 B

54ms
53ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RE1UAHxCaGNnTTVjMW5BaVh1eTVBd2UyeXkvZEpCT01Kam15Qkc4alhKeEhoK0pqUHlzYkdGcGNOM2VtYU9CcVNlQWhOU3hTQTJESytBY0kwQXF5ZXFCVi9oRTlWZkhyR2I5cXA0YXl0ckRjRTZxcUJzcW1RVlgwVk9sOUYyN0hjdE9lWWlobDg1OERFcVFnaWs3M0gweTRuaFh0VmdJdU5La2FCV2VPRnkxYXZBZE10enBDMm52cnRJT3V1VHI0ckNNY2YxS1pYS29GclhFejZaNjVVL2pScms0VmtQUG1MMi9FNm1vdGo4Z00vSFU1UGpGWnpoQTVieEI5T1B0YTl6c0FYMXgwLys1U3htSXByVFpOY1JNT2lFZz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

dec5c46b919ea06d6b80a51c9391cef334e0394f53f82b866410a8a880341c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1053030
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=RE1UAHxCaGNnTTVjMW5BaVh1eTVBd2UyeXkvZEpCT01Kam15Qkc4alhKeEhoK0pqUHlzYkdGcGNOM2VtYU9CcVNlQWhOU3hTQTJESytBY0kwQXF5ZXFCVi9oRTlWZkhyR2I5cXA0YXl0ckRjRTZxcUJzcW1RVlgwVk9sOUYyN0hjdE9lWWlobDg1OERFcVFnaWs3M0gweTRuaFh0VmdJdU5La2FCV2VPRnkxYXZBZE10enBDMm52cnRJT3V1VHI0ckNNY2YxS1pYS29GclhFejZaNjVVL2pScms0VmtQUG1MMi9FNm1vdGo4Z00vSFU1UGpGWnpoQTVieEI5T1B0YTl6c0FYMXgwLys1U3htSXByVFpOY1JNT2lFZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 291406
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 115ms
114ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230822&jk=889313892691995&bg=!e3ileDfNAAZGPLJIZjw7ADQBe5WfOD53Lgxx6Pl4jsBIoVF1jUQbIqL871ooqpHBXzX7tsU2UU7N_P2vsL400rQ8FENHAgAABf9SAAAACWgBBwoAC9PxulJkZTd00lGkmQLoPkOWXrNRAzXcqfJfsJyTe4u7rqIerywjJh4xGPxdGEVqwawnbjbkZnmetzSWLIPCt9k4rrb5e9NfpqtpXBSSdNwLsNw9NVrmrN0XSE6UtTKacSLdzmTsGM8sIA-LuZAdKaD8a0ELe_67wKIjKJ_VJ_o8V1nGR7exfyMDpbfOVYym_0lZVQxABhbBWgFPg4HxDDRSQ6kIbC8ciJiCPPHWXHtFcU-nXhDXmGZuHyvQO64YioTv-Ifx6vSJOOGJ3Vw2QlR4kxdrzrm-WZN5otWFcTO-eNL92C9M_bLHEgKH-1eXwwCg83f-YS6tRV9wNbIICPyslrg99R14KnLUz8WFxPE-5iHiQQPCBcwey6WR1JSswmX4Zhuuuk-9s5ND8itqQ_eAE5W47yrjewlwNlW9nrNDvXkdZyBeRLLLSmT_9UDwmonKndR1GIpUIG3S1P-ALUYau8jaq5kXgnu-0WDqFpCyxEY-z-K1_aWLCqeVINyi1C9KWWHE41MFQbMH1huIaNxaaY74DIz7pyXbm_topNd14IeWNrm-rycWXGjfCqLTbOqrZJGywfNGHk4AVEkqjvXJ1iXOr8yAjtDPOkiH5wHbCdXmugsDX8adQ5U4NDtO5NISaloOxO-wVB5FXy5t4ctBgM6AqTsFuhZkjQOyKXZ_aSuV45eT6fFhSjMrRPHUqjtQSLXAoWKPvNY2QYP1Q9-TtHws-Vg4tRG5fp8rehynyzQ9OPK85bdCjrxquwp7ARZFUE_OZWzSeNFtSYDoPjeJMyggUoGapQRbGNnaQH8vTvFW4f0mYlkwUxPs6kB2fLKW21-0ZsKYth3gl8fED_t6Hhz97Kk1l3XUp22bKyYrmWCcvjZVtcijH74dz8_jiStq6klG_CdI1aETSGnJmJzD8CmyzbdB4TWlaI1AbQZXks9mkc9cqC_XsgFu9Y3YnmfMqOixtH1QqIwtsLz42QqN-Sk6fIIc1oxYd3r_c_OWsaHdHHfz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame CD1A 12 B
223 B 592ms
188ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame C74A
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

42ms
41ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6128
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GmeSQKpx7UyhDcXNUA9KBixFDcGjBsQebRBKMZfH8g%2F3NbdYCl4JqTTGZY%2BTy3%2FF7rRZmbPeUNFAKmP39S%2BDFw7dmngoFzN9JWKFmSGsOGaVug0qnL0mX2FVJLv4kNHLsLhubiptPOFLyQUAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60f7feaf0293d-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 gcm
gocm.c.appier.net/ Frame C74A 42 B
350 B 190ms
189ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:21:12 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 0142 12 B
222 B 760ms
372ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame ED9B 42 B
350 B 191ms
190ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:21:12 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame ED9B
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

69ms
67ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6128
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNVgYafgVIaMsaPiQJl0tNy0mYTnD%2BjrzrfrrK7ssbkP6Y1mfAb%2BH3cW9wpRRXeakU0t7tB0Po81xn8TnrizPVsQfIjrhIKJbcFTSpfBLiq4wZSNsy%2BwfrK3VSvJ0ZELE8nPd%2FVm93AST%2BL1bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60f802b44293d-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 2D78 12 B
222 B 562ms
191ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame 8E06 42 B
350 B 191ms
189ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:21:12 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 8E06
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

96ms
95ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6128
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AHlbwrHitM%2Fq%2BIVkENdbAdEc5nYybJugpLGFMBMXBLR4C1o%2BeXgz3HOrF0friaeUE%2F8iA7ogKH%2BoEDmSY9eohYyZckAHrtiD4pK6fyq639U%2BSjFDxDvuh16iXq9QrqklFdRd4nZIGkWuh2cow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60f802b47293d-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame C0B7 12 B
222 B 724ms
370ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame B50D 42 B
350 B 194ms
193ms Image
image/gif 172.105.235.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.235.90 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1889-90.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:21:12 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame B50D
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

87ms
86ms

Script
application/octet-stream

2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6128
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaD4T%2BTQTXZxgYewOYb3E26wN4zIAEibIddpiQpXMyChifzfcekf0N9Hx%2FB9K4TbD4w25KAQoBuwi7lQu6gS5uud4CoR46QxxQbmgnj8vYy1%2Fb6ZFUDs0kNwoaIgME7I29s%2F2CqPu2kNC0xtDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb60f803b5c293d-ORD

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame C74A 975 B
759 B 51ms
50ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhJzDFXNVrYRiuzFVDs2pc0n%2F3DlALNnb5nSg4Eu3%2FWsPq7iFDuaMLGyqWv4d6P4BW15bwoUzJNvVjulEUz9tgN93rZqQEYsLrY3V5ZJ%2FW4IWWs5nTnVgbkYvbFWN127j2n7guIU9Ecqobg4ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60f809bcb293d-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame C74A 46 B
485 B 223ms
47ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame C74A 3 KB
2 KB 172ms
74ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8372143475172302&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b97e0256e317d8f435870a5a7487c034ac9d5defe5f23d8e3ff49b2056629752

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame ED9B 975 B
755 B 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=367TP8Xwhal30R4bIL6mQg1TCbF8YbZPFnzaLpuEDLRD1zcaKeIX04yyQIBm77cw0LhRoavOYwdjkpiCqxrm0noBQO3m5w6KREyPVuki5NQlr73q2F%2FQiFuzceCXNbaXNi1egjTIT2dHVU2ffQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60f80dc1a293d-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame ED9B 46 B
485 B 194ms
47ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame ED9B 3 KB
2 KB 181ms
87ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7349149872463514&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: efb89f2bba149a69b61efdd0ac209b112281bdc0e6c66ea217ef45d88935d27b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 8E06 975 B
758 B 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRjWF2VJECZ8QXAB2KQ3ocH%2BRv4Lg4XdtqFYU2Sigld8LRXcWKwExwKI0fcpjoSL6VA4PR3XZzDtEtcYtVtgXniodTWthYxbDRMQ4HN3TRWP5oH1iAJH74I3U8hUE9u59Ow6qwDWGREZyZYSig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60f810c4b293d-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 8E06 46 B
485 B 193ms
50ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B50D 975 B
758 B 40ms
39ms Stylesheet
text/css 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvGrammrcuGEB14u12ElUAf2aJk%2BQuRtIt3BfdxH891cInhKXzwwYbs10xV20AmNVQdnHT%2BCy7t%2BMklg7DF3uTsAImv4mXV1witoGDCx08frwEfnQlmfRyiXndf4cmHiIR1mh5gGEVvOOxnKMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb60f813c7f293d-ORD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame B50D 46 B
485 B 209ms
52ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 8E06 3 KB
2 KB 192ms
97ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7870524090616&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 1bb9d36dd1f9d08b9494348b0af46abb1ad44aef5fd599cbf8c1b4e52f8e73a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame B50D 3 KB
2 KB 227ms
131ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6765006714208213&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b31edf96ae36393ae66939551c70b53238fee7dc8973233f958dffeefd9c8426

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
x-height: 90
x-adstyle: banner
transfer-encoding: chunked
x-sspid: 653790b0-5c82-3304-b845-4badb4d0b387
connection: close
x-width: 728
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://risu.io
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
access-control-allow-credentials: true
x-adsource: CDB
x-adtype: html

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 263A 128 KB
41 KB 50ms
49ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:12 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame BC86 714 B
748 B 37ms
36ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 909
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60f821d82293d-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:21:12 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnukzqzRb5IZKX83HOsqrseIwFZ5Qp3NVnYn6%2FeJSD7qXKBL9dZ%2BkGcxkdDiJr5tK40j5KIvRDeBC3TtdaOO%2BDbPriSNDPpBdSb5AgEj67K7UjD635F2FfSE7GGYkksy7nZh2SF9PVGLqhEaJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DA94
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

157ms
45ms

Document
text/html

23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:21:12 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:21:12 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame C74A 35 B
384 B 166ms
54ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 00ED 714 B
750 B 36ms
36ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 909
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60f822da5293d-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:21:12 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHKxgjd8KZWn2lSp0TG9wL05c4cPigr%2BRB4R2BJGyuToNlQyqvRWNkSuf1c%2B%2Be9t1FjRUK0%2FsRKuM%2FveRWi1Tepk0g0tEnn6Qp5YUVN5UmOLzkwsvFjF5hTvPPW4%2BBoJWgQ3K3I6lRCMb360IA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame ED9B 35 B
384 B 154ms
48ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 51D9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

158ms
48ms

Document
text/html

23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:21:12 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:21:12 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 2FC6 128 KB
41 KB 50ms
50ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:12 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame EC76 714 B
749 B 41ms
40ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 909
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60f826e04293d-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:21:12 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUAnThhAz6dXAFKnb7q0XMXm6ryt%2BFFC6u5qFnXufdftopAtc%2BHl2BL7%2BNVOLrjJ9gMhNDo27Qwdnko8X%2FsB9BBlGy3pQ%2Feef9pv%2BK82vFWK9bb0cbqftzR1bTncwyynhpsxu1fmRFIEHV9CHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 8E06 35 B
384 B 136ms
64ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7DD6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

162ms
53ms

Document
text/html

23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:21:12 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:21:12 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E3B5 15 KB
6 KB 58ms
54ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 1280938
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 263A 3 KB
2 KB 69ms
66ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9OSW5GaGM1Mk5hMjY4RHVIR2dpbXlqREtFQ1lobHNaa3pRZHJ2NW9sdmRKQlRSYkZQakszQTNLbjNjNmZ1bVgzZ2UlMkIzV2NpOTdPZFN0SWFQaUFOdnJ4UVdNUEZyNEJBJTNEJTNE&cb=33451782955

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

55b2fee7c4f399f3758274040014063be9cfed77a00b1d61739cb7c188b33135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 23 Aug 2023 20:21:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BC86 98 KB
29 KB 192ms
80ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34f872b9151916377799200883c6497e1ad42ac957a9ff66ed134874548d630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28942
x-xss-protection: 0
server: cafe
etag: 193 / 19592 / 31077271 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 00ED 98 KB
28 KB 252ms
155ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebf18c4d17e379d9890f9b3ab26a55cc3bd83f8c4fbd63d0069f66d7443ca2f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28723
x-xss-protection: 0
server: cafe
etag: 299 / 19592 / 31077272 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:12 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame FF7A 714 B
750 B 54ms
49ms Document
text/html 2606:4700:20::681a:467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 909
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb60f82ee6e293d-ORD
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 20:21:12 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7Kl%2BMn6PoHJaM0scDKMI9EYy3Gk2pcIwNXOAWNDuMWo%2FJ1%2BEEpifJbX1I7N3CHz19%2FgfejLwlJberUyyj9x4F1fZ%2BZfhzynOflWs6NSOZoC70xtRRrtLhlQPWcS87WB%2BFz6ePta7yT2gZPHeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame B50D 35 B
384 B 104ms
52ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:12 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7508
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

162ms
52ms

Document
text/html

23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 20:21:12 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 20:21:12 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame AFE4 128 KB
41 KB 57ms
55ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EC76 98 KB
28 KB 181ms
126ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c9f8b5d455d212485456e05664479c766f5e9f7b24258d5d03f6a3eb67f45b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28943
x-xss-protection: 0
server: cafe
etag: 813 / 19592 / m202308170101 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:12 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 78C6 128 KB
41 KB 47ms
43ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:21:12 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 263A 0
185 B 336ms
333ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6664 15 KB
6 KB 53ms
53ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 675917
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 2FC6 0
185 B 66ms
65ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame E3B5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9O...
https://mug.criteo.com/sid?cpp=8N-hn3x5ZFZsYWZJTEFlU2JJcmpZMy9DQm1VenAvbXhOYTExVlVxZzhBSklUNTl3b3JBdU1HWElWenczQjlDSFliUlRGUGluTk11VVBJQkphOXBnUkxFZnRnWFlKTUpQanFyL2JHU1RCWUYvT1doaC9BUGZKekNBUXFKR0...

422 B
651 B

55ms
54ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8N-hn3x5ZFZsYWZJTEFlU2JJcmpZMy9DQm1VenAvbXhOYTExVlVxZzhBSklUNTl3b3JBdU1HWElWenczQjlDSFliUlRGUGluTk11VVBJQkphOXBnUkxFZnRnWFlKTUpQanFyL2JHU1RCWUYvT1doaC9BUGZKekNBUXFKR0I0UHJDaTc3MDUvSzV1bjBZOTlyUzFtdUppUmR4SkowdEhRSnNRV080ZHlVd1lKQVZFL2RnV1E0aU5hQlVQdUp2U0pFajhmRzBkaVJTSGxEdFVNZmtCRWhMdHhUTWlYNzd2eGp2RGNhQUYwWUhJMzg3dzZSd2g5SGJReXlJNGtFd2Z2cUdFQUp4NTZYVFFDZFhISHovQ0J2QlR2QVpJUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

5a0b09e6d8f8ade649374f317abedab311184f7c2f00e79ef1877a4e31083afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1150127
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8N-hn3x5ZFZsYWZJTEFlU2JJcmpZMy9DQm1VenAvbXhOYTExVlVxZzhBSklUNTl3b3JBdU1HWElWenczQjlDSFliUlRGUGluTk11VVBJQkphOXBnUkxFZnRnWFlKTUpQanFyL2JHU1RCWUYvT1doaC9BUGZKekNBUXFKR0I0UHJDaTc3MDUvSzV1bjBZOTlyUzFtdUppUmR4SkowdEhRSnNRV080ZHlVd1lKQVZFL2RnV1E0aU5hQlVQdUp2U0pFajhmRzBkaVJTSGxEdFVNZmtCRWhMdHhUTWlYNzd2eGp2RGNhQUYwWUhJMzg3dzZSd2g5SGJReXlJNGtFd2Z2cUdFQUp4NTZYVFFDZFhISHovQ0J2QlR2QVpJUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 292150
content-length: 0
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FF7A 98 KB
28 KB 153ms
153ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3b55c5b6344f234106c263de0efa62a24ba34b14e6ad944e72006b1b22b7d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28939
x-xss-protection: 0
server: cafe
etag: 485 / 19592 / m202308170101 / config-hash: 7740633229792527319
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 20:21:12 GMT

GET
H2

200

ajs.php Show response
ads.us.criteo.com/delivery/r/ Frame 530C
Redirect Chain

https://cat.va.us.criteo.com/tpd?dd=Q03KtV9sbiUyQlNPdE5oYk5FJTJCYlFUeGlTY1k4SEdweFNheUFzYWZZQ1MzeGhuMk5GVzcycW5LZXpLb1lkWDZxS0hkYzZtekglMkJleHVNVURPMm1nelV5V0hCOWg5TE5USTdQYjhtZFRYUkI5WEhHVEl2YUUyM...
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cNr5BFV3Fa0E0eGQ1cWxP1Nlf%2fMmWo5ViXgf1WzVZR8M%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQ...

53 KB
20 KB

6672ms
877ms

Script
text/javascript

2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cNr5BFV3Fa0E0eGQ1cWxP1Nlf%2fMmWo5ViXgf1WzVZR8M%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K1FRMdPsasDA5XObWyw2LyqKiuSM6wPuk2ioikgCPTfQe6Ji6ZlJ-ITb4CS-L-2SU4MnI806Ai5UVysStVqZPh-Ln5m8NbDhfQv8TKkxVgCqwqGZU1M_cliSwYFKQ1JLSNXZ93-SPRz4Qi6iaeYh4Vf-th6ejC5V_p1_wjuSopCNC41Lr-iCUUZ-6YTOPugCeZFhWCRyJrD4FedehFetgrmw2bcyUczwE22RNO2T_eE8TS8JgBMHq2UIe555u88dy1zMsRp7QyP6IjCzRw8nXlIqRM9NLAtpdO1L1T_qypYpgm0NezLvqcbHa2mHoQILSqj1o1kDVz3HOupQV95T6lz5hA-i2CnMsXS9d4ogKtLPyEGBsHOntpGnZMj52t47iNBvRUvKqYban1OjqKR4rcfA8bHdFBnW1z4f0nQUMHI6L2HZ9o0-Wka9B88QZpROoYE5plcj1Oy94mFRKen66JETxpWk_zBcfCofTe0pk75mY-UwKJsRQmBttIFPtXjZg8FXiZJHoIFxdrHgWYTDqlGBamh3UKrT04Ya-_UyYrzzyzKx053-YdNw

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3144314285ec2bd217deb4480c087b46b36b7781adffe3b8fe1d6b0bd8549342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:19 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8287951
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
location: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7cNr5BFV3Fa0E0eGQ1cWxP1Nlf%2fMmWo5ViXgf1WzVZR8M%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aFviZC6T1Xb8mrSaSWQy9K1FRMdPsasDA5XObWyw2LyqKiuSM6wPuk2ioikgCPTfQe6Ji6ZlJ-ITb4CS-L-2SU4MnI806Ai5UVysStVqZPh-Ln5m8NbDhfQv8TKkxVgCqwqGZU1M_cliSwYFKQ1JLSNXZ93-SPRz4Qi6iaeYh4Vf-th6ejC5V_p1_wjuSopCNC41Lr-iCUUZ-6YTOPugCeZFhWCRyJrD4FedehFetgrmw2bcyUczwE22RNO2T_eE8TS8JgBMHq2UIe555u88dy1zMsRp7QyP6IjCzRw8nXlIqRM9NLAtpdO1L1T_qypYpgm0NezLvqcbHa2mHoQILSqj1o1kDVz3HOupQV95T6lz5hA-i2CnMsXS9d4ogKtLPyEGBsHOntpGnZMj52t47iNBvRUvKqYban1OjqKR4rcfA8bHdFBnW1z4f0nQUMHI6L2HZ9o0-Wka9B88QZpROoYE5plcj1Oy94mFRKen66JETxpWk_zBcfCofTe0pk75mY-UwKJsRQmBttIFPtXjZg8FXiZJHoIFxdrHgWYTDqlGBamh3UKrT04Ya-_UyYrzzyzKx053-YdNw
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 628171
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H/1.1 200
OK impr
us-east-ad-track.aralego.com/v1/cdb/ Frame 263A 35 B
258 B 346ms
56ms Image
image/gif 207.244.102.141
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-east-ad-track.aralego.com/v1/cdb/impr?iid=8c2a9ecf-f924-4d3a-8fdf-7465fc93d07b&byr=572ede970349848769d6ae6e&impr=&cpm=0.05010996013879776
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.244.102.141 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: undefined
Date: Wed, 23 Aug 2023 20:21:13 GMT
Access-Control-Allow-Credentials: true
Connection: close
X-Powered-By: Express
Content-Length: 35
Content-Type: image/gif

POST
H2 204 events
bidder.criteo.com/csm/ Frame 2FC6 0
185 B 329ms
326ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2FC6 43 B
365 B 47ms
44ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:12 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2FC6 43 B
365 B 57ms
55ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:12 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5B71 15 KB
6 KB 61ms
60ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 1114771
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame AFE4 0
185 B 55ms
55ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 860E 15 KB
6 KB 55ms
53ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 830706
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 78C6 0
185 B 71ms
68ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6664
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9O...
https://mug.criteo.com/sid?cpp=4HprfXxVSkJkN1psSjJPSkFOTnpVVTRxcURMU1Z2a0UxN2VhUHBBYjNqU2JYV25vaTJXMHlhSFh3USt1M1h4NGQybkwzZHhoUk1OQ3ljelVYYnczR2h0bHc2WWdMdEtRMVppMkphc0ZlRVp6NWhNbk4wK2ZvTFIzQmhSUW...

433 B
655 B

56ms
54ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=4HprfXxVSkJkN1psSjJPSkFOTnpVVTRxcURMU1Z2a0UxN2VhUHBBYjNqU2JYV25vaTJXMHlhSFh3USt1M1h4NGQybkwzZHhoUk1OQ3ljelVYYnczR2h0bHc2WWdMdEtRMVppMkphc0ZlRVp6NWhNbk4wK2ZvTFIzQmhSUWplRFY0dVB5UXNyNjFGelkyRUhtU0tsREVSZWtYZm8xcmpseElxQTdTMHZSSWhhTndZWTcwK01SWGNBQm11VmZWNnlFUzgva2YzRWZpcjNRVGpTZUNxdk1YcjFuQ2hEeEMwbmQ2dXNUYkVuZDZvVlFLQWdvd2VzSVVsMkZ4bXRIQmR0WG0wektHaSthVDhLREVGT3psTEI1T2llclFQZz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

12a7162476d089e09dd598921455d76227425922bc338bb7cc817d4fbddbbb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1098231
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=4HprfXxVSkJkN1psSjJPSkFOTnpVVTRxcURMU1Z2a0UxN2VhUHBBYjNqU2JYV25vaTJXMHlhSFh3USt1M1h4NGQybkwzZHhoUk1OQ3ljelVYYnczR2h0bHc2WWdMdEtRMVppMkphc0ZlRVp6NWhNbk4wK2ZvTFIzQmhSUWplRFY0dVB5UXNyNjFGelkyRUhtU0tsREVSZWtYZm8xcmpseElxQTdTMHZSSWhhTndZWTcwK01SWGNBQm11VmZWNnlFUzgva2YzRWZpcjNRVGpTZUNxdk1YcjFuQ2hEeEMwbmQ2dXNUYkVuZDZvVlFLQWdvd2VzSVVsMkZ4bXRIQmR0WG0wektHaSthVDhLREVGT3psTEI1T2llclFQZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 587837
content-length: 0
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DA94 34 KB
10 KB 49ms
48ms Script
text/html 23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54744
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:37 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame AFE4 0
185 B 48ms
46ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame AFE4 43 B
365 B 46ms
43ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:13 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame AFE4 43 B
365 B 50ms
47ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:13 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 51D9 34 KB
10 KB 48ms
46ms Script
text/html 23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54744
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:37 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7508 34 KB
10 KB 48ms
48ms Script
text/html 23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54744
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:37 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7DD6 34 KB
10 KB 47ms
47ms Script
text/html 23.200.198.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-198-128.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=54744
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:37 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 78C6 43 B
365 B 47ms
37ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:13 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 78C6 43 B
365 B 55ms
44ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Aug 2024 20:21:13 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 78C6 0
185 B 483ms
475ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Wed, 23 Aug 2023 20:21:13 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5B71
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9O...
https://mug.criteo.com/sid?cpp=cf9oinxOUGUvZzVwWGkxUVlkTU05bTJhdm1PQjJYR0JoWFU2K1cxVyswK2h2ampLYUROaDVmNWxtTkcxQS9XaXNrK1B5R2Q3T3I3a0M1K1ZJeWk0UThkeU5DaWZZeU4rQ1hMZXd1dkJtdDBveGdlMXdWd0NkaVFyZEhkLz...

441 B
658 B

66ms
53ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cf9oinxOUGUvZzVwWGkxUVlkTU05bTJhdm1PQjJYR0JoWFU2K1cxVyswK2h2ampLYUROaDVmNWxtTkcxQS9XaXNrK1B5R2Q3T3I3a0M1K1ZJeWk0UThkeU5DaWZZeU4rQ1hMZXd1dkJtdDBveGdlMXdWd0NkaVFyZEhkLzkybmxZY2c0RElSeGEyWTJ0L0p2U3lnclB0WnVyZjJDU1NGSFFuTTl3c0h6dlVBRmcyTWp4QzZUTnNqei9hNEZ5dUhlRGlnTkdWdzJMNkY1U2ZKWkJ5b3JqRWhmcmxxUm9FUkQ0U2J4MnVNTFY5TUpaOUwvMHl3cTRXcEtFRGtxekZCM3ZVT01KNmloT010Mm9kMmhYK0pwY0ovWUNOUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e164230857d90f13deb487218956a42ff08d7129a903af9166970311fbccfab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 827046
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=cf9oinxOUGUvZzVwWGkxUVlkTU05bTJhdm1PQjJYR0JoWFU2K1cxVyswK2h2ampLYUROaDVmNWxtTkcxQS9XaXNrK1B5R2Q3T3I3a0M1K1ZJeWk0UThkeU5DaWZZeU4rQ1hMZXd1dkJtdDBveGdlMXdWd0NkaVFyZEhkLzkybmxZY2c0RElSeGEyWTJ0L0p2U3lnclB0WnVyZjJDU1NGSFFuTTl3c0h6dlVBRmcyTWp4QzZUTnNqei9hNEZ5dUhlRGlnTkdWdzJMNkY1U2ZKWkJ5b3JqRWhmcmxxUm9FUkQ0U2J4MnVNTFY5TUpaOUwvMHl3cTRXcEtFRGtxekZCM3ZVT01KNmloT010Mm9kMmhYK0pwY0ovWUNOUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 330229
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 860E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=gFJ3Gl93VkVobENFWEt5d1RIbTJURlhEQ2V5cFF0RyUyRnBKZWxiODdxN1BWQmVwMzhreXM1RTU5NzBxcG9O...
https://mug.criteo.com/sid?cpp=ZR06dHxuU3Yrb1kzTVUxcmJMbkxybWF0YjA0ZStQMS82elpvQ2JXUnpKSFJGU1luNUhRclVOS0E3VW1xWnBxak8zQjFHV3liSzNJb2dUcEFQLzA4Wks2SHBhZFFnL29mdVEwYjVTNVNveGV5bDBKQzZVVkVXYTg5UTN3Ny...

422 B
651 B

71ms
59ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZR06dHxuU3Yrb1kzTVUxcmJMbkxybWF0YjA0ZStQMS82elpvQ2JXUnpKSFJGU1luNUhRclVOS0E3VW1xWnBxak8zQjFHV3liSzNJb2dUcEFQLzA4Wks2SHBhZFFnL29mdVEwYjVTNVNveGV5bDBKQzZVVkVXYTg5UTN3Ny92cDhoS0VXb0Y0UHdWQ1hpME9uVFh1RUVRRnlBczZzaE5NZTNjL0RWQjUwSkxCR0hnRkpXTVJYNS9qdTZCemJZZnhDTVNoaG9WMTBBMlFtSjd1OGNyQ0FrRWJaWEE1QUNRYXlOeEQ3NTlmMDdWcnhGc0I2L0tjZjAyT1VoNGtxMzZPUnd3YlVIaURqL0hOT0RLalBXR2VXOFd3aUlPUT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d044d9a7cacf4246f83bcb7afd24e0d66b385ada84d09d4c3fe2ad76c0a39e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1679191
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:12 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZR06dHxuU3Yrb1kzTVUxcmJMbkxybWF0YjA0ZStQMS82elpvQ2JXUnpKSFJGU1luNUhRclVOS0E3VW1xWnBxak8zQjFHV3liSzNJb2dUcEFQLzA4Wks2SHBhZFFnL29mdVEwYjVTNVNveGV5bDBKQzZVVkVXYTg5UTN3Ny92cDhoS0VXb0Y0UHdWQ1hpME9uVFh1RUVRRnlBczZzaE5NZTNjL0RWQjUwSkxCR0hnRkpXTVJYNS9qdTZCemJZZnhDTVNoaG9WMTBBMlFtSjd1OGNyQ0FrRWJaWEE1QUNRYXlOeEQ3NTlmMDdWcnhGc0I2L0tjZjAyT1VoNGtxMzZPUnd3YlVIaURqL0hOT0RLalBXR2VXOFd3aUlPUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 417250
content-length: 0
expires: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame BC86 402 KB
127 KB 48ms
46ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34946
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 10:38:47 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame EC76 402 KB
127 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22036
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:13:57 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/ Frame 00ED 403 KB
127 KB 80ms
78ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34925
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129841
x-xss-protection: 0
server: cafe
etag: 17107103858499901094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 10:39:08 GMT

GET
H2 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 2FC6 108 KB
12 KB 39ms
30ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 18:06:16 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 09:25:25 GMT
server: nginx/1.12.1 (Ubuntu)
age: 8097
etag: W/"64dc9605-1af49"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11702
expires: Thu, 24 Aug 2023 18:06:16 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame FF7A 402 KB
127 KB 58ms
57ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22036
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 14:13:57 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame DA94 284 B
934 B 221ms
46ms Image
image/jpg 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: ace9692b4e77bdf741ff63add80edaca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 51D9 284 B
921 B 213ms
53ms Image
image/jpg 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: ace9692b4e77bdf741ff63add80edaca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7508 284 B
934 B 196ms
49ms Image
image/jpg 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: ace9692b4e77bdf741ff63add80edaca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7DD6 284 B
934 B 179ms
45ms Image
image/jpg 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: ace9692b4e77bdf741ff63add80edaca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame AFE4 108 KB
11 KB 31ms
30ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:54:02 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 09:25:25 GMT
server: nginx/1.12.1 (Ubuntu)
age: 16031
etag: W/"64dc9605-1af49"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11702
expires: Thu, 24 Aug 2023 15:54:02 GMT

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 78C6 108 KB
11 KB 30ms
29ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:54:02 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 09:25:25 GMT
server: nginx/1.12.1 (Ubuntu)
age: 16031
etag: W/"64dc9605-1af49"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11702
expires: Thu, 24 Aug 2023 15:54:02 GMT

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame 2FC6 17 B
160 B 715ms
237ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Wed, 23 Aug 2023 20:21:13 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Thu, 24 Aug 2023 20:21:13 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EC76 492 B
261 B 99ms
98ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3681515497413444&correlator=1248884601864156&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822073434&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=829lyr2w5vuf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1571851075.1692822073&ga_sid=1692822073&ga_hid=656883372&ga_fc=false&dlt=1692822072779&idt=618&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf67ed858ee82a8a81206202c9b0398ad42289769088da80a1d0a411b1267f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0f488de42d30060b6c98542b416b2a23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 943E 6 KB
3 KB 181ms
59ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0f488de42d30060b6c98542b416b2a23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:13 GMT
expires: Thu, 22 Aug 2024 20:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FF7A 492 B
264 B 93ms
92ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4096819513968444&correlator=2687709078200842&eid=31076399%2C31076474%2C44769661&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822073490&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=fwzm948z8onc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1515101776.1692822073&ga_sid=1692822073&ga_hid=1114519613&ga_fc=false&dlt=1692822072858&idt=606&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d509917722497ec9d91004cc743ce9072177a26eef90e1321285901adcb1908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e2109701698b8432306d571829546ef7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DF2 6 KB
3 KB 188ms
65ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e2109701698b8432306d571829546ef7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:13 GMT
expires: Thu, 22 Aug 2024 20:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame AFE4 17 B
159 B 585ms
239ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Wed, 23 Aug 2023 20:21:13 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Thu, 24 Aug 2023 20:21:13 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BC86 491 B
262 B 102ms
101ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1924647654198136&correlator=1383185940574786&eid=31076399%2C31077254%2C31077271&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822073559&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=oxty4sdqpf5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=508666970.1692822074&ga_sid=1692822074&ga_hid=1684175035&ga_fc=false&dlt=1692822072722&idt=796&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3ea1ee0bbdfcb25504539f24fdc9090fc8b186b4e268935215ca7060cfb3d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
38264674fc1148a6ac82d3d834810fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1945 6 KB
3 KB 87ms
65ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38264674fc1148a6ac82d3d834810fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:13 GMT
expires: Thu, 22 Aug 2024 20:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 00ED 491 B
261 B 95ms
94ms XHR
text/plain 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241713059354143&correlator=2425072707893205&eid=31077272%2C21065725&output=ldjh&gdfp_req=1&vrg=202308210101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692822073633&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=6gmus6x2u58&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=829793692.1692822074&ga_sid=1692822074&ga_hid=472600081&ga_fc=false&dlt=1692822072736&idt=854&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6aa47e6d3c5008cc119b6317abf89338afb4419b7c28ba2b2d29236359bf3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dacc0f8b0effc3813686706f4733b864.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5E4C 6 KB
3 KB 91ms
62ms Document
text/html 2607:f8b0:4006:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dacc0f8b0effc3813686706f4733b864.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:13 GMT
expires: Thu, 22 Aug 2024 20:21:13 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame 78C6 17 B
159 B 432ms
238ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Wed, 23 Aug 2023 20:21:13 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Thu, 24 Aug 2023 20:21:13 GMT

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame DA94
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLO6JZIP-1S-J3NI
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6JZIP-1S-J3NI

35 B
266 B

48ms
47ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6JZIP-1S-J3NI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:13 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLO6JZIP-1S-J3NI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EC76 15 KB
11 KB 73ms
72ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38887a1f3c839356ff31c68fd8a5c544bd4137297a79c94bb427552336bf0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11667
x-xss-protection: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DA94
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/N8kYBDKWP5iwnutTCVFf_8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qgFft3BE2oLLFwXndV23xQ1_yWflzevRjRXcZQ--~A

42 B
691 B

98ms
46ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qgFft3BE2oLLFwXndV23xQ1_yWflzevRjRXcZQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 23 Aug 2023 20:21:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qgFft3BE2oLLFwXndV23xQ1_yWflzevRjRXcZQ--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame DA94
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vGnkRoLIQdClszNGyohWMw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vGnkRoLIQdClszNGyohWMw

43 B
479 B

77ms
76ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vGnkRoLIQdClszNGyohWMw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:21:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AFFS8QYWB86H1GVEJAKB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vGnkRoLIQdClszNGyohWMw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DA94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHMmq-46EnXcYdpibLH2_8&google_cver=1

42 B
691 B

93ms
44ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHMmq-46EnXcYdpibLH2_8&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECHMmq-46EnXcYdpibLH2_8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame DA94
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6JZIP-1S-J3NI

0
513 B

336ms
99ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6JZIP-1S-J3NI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 88C680F53F8947DABEB5AB30387FF1DA Ref B: CHGEDGE1211 Ref C: 2023-08-23T20:21:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDnNpmrqaJXn2LLu6veg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLO6JZIP-1S-J3NI
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ace9692b4e77bdf741ff63add80edaca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA94
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExPNkpaSVAtMVMtSjNOSQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGmQw-5KnEc59Q10c6s3ias&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNkpaSVAtMVMtSjNOSQ==&google_push=

170 B
188 B

70ms
69ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNkpaSVAtMVMtSjNOSQ==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPNkpaSVAtMVMtSjNOSQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA94
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTc4YjYxODkxMWVhY2E1NWQ3NWI1MjI2OWFkZGQwODM0Y2Y3MmRiZQ

170 B
188 B

68ms
66ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTc4YjYxODkxMWVhY2E1NWQ3NWI1MjI2OWFkZGQwODM0Y2Y3MmRiZQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.251.40.226 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTc4YjYxODkxMWVhY2E1NWQ3NWI1MjI2OWFkZGQwODM0Y2Y3MmRiZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a414d61fde5a538d1bc5c621aec59518
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame DA94
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=95d71129-6ce8-4401-8b2a-06c120376e97&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

47ms
45ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=95d71129-6ce8-4401-8b2a-06c120376e97&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=95d71129-6ce8-4401-8b2a-06c120376e97&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame DA94
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jmhAuY9zR0O4d44Rnc9V1A&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jmhAuY9zR0O4d44Rnc9V1A

43 B
479 B

157ms
156ms

Image
image/gif

67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jmhAuY9zR0O4d44Rnc9V1A

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:21:14 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 26HXVQXMPF8F54VR3F2A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jmhAuY9zR0O4d44Rnc9V1A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BC86 15 KB
12 KB 96ms
92ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17abedd1ec38b6794ebc9d980928eadf3471ed93062576856e92a253c1d1cd83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11762
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FF7A 15 KB
11 KB 74ms
70ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d88c08beef797985ca71bc9e6b44ab1ec4f1edaaf1619f3a2ad6328696b45003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11692
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 00ED 15 KB
11 KB 83ms
83ms XHR
application/json 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1559a5d90feda3133badfc2746da5dc5b0372a72381cda862983dedd4cc11a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11661
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EC76 17 KB
6 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:21:13 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FF7A 17 KB
6 KB 96ms
94ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:21:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BC86 17 KB
6 KB 108ms
105ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:21:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4EC 13 KB
5 KB 77ms
46ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0A3 829 B
558 B 98ms
70ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9907cf5914d7b10aa17cfd11537757d77ce2d173929ab6b27253fae0067e896

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6qGtdfOSmaTVHO1Ub-Brhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-6qGtdfOSmaTVHO1Ub-Brhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:14 GMT
expires: Wed, 23 Aug 2023 20:21:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 00ED 17 KB
6 KB 94ms
92ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 20:21:14 GMT

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 2FC6 6 KB
4 KB 251ms
240ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=us
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 836416f32bd9c52366ba8a62540fb3df4fcc3f83d0baf81ef2e1ba9a4e74b0da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame AFE4 6 KB
4 KB 253ms
244ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=us
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 255ad71b6a0ec1b2938aede24b0670bd116057201425d66353e828548bee4452

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame 78C6 6 KB
4 KB 476ms
468ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=us
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: ed92e7e27a928f1441bf4deafc0b48a6f092acde07e3bb0b9783aa1f3e54fe46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F43 13 KB
5 KB 56ms
50ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EB5E 829 B
559 B 82ms
76ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8c30a0a9a4cde1612638ba2b1231eee1f45a0e52d7fb10e777e07f1a2d4eefe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XH3I9cDsKqK7OVpaNpAS1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-XH3I9cDsKqK7OVpaNpAS1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:14 GMT
expires: Wed, 23 Aug 2023 20:21:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E2AF 13 KB
5 KB 63ms
45ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9F0C 829 B
560 B 83ms
69ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0fe2a569fe3a934420bc90226306d3a8112aaf43bdd0f0d61096520b71f02d50

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5EVHEczqyg9TAQ8FukL16Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-5EVHEczqyg9TAQ8FukL16Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:14 GMT
expires: Wed, 23 Aug 2023 20:21:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F68 13 KB
5 KB 82ms
55ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 15:11:47 GMT
expires: Thu, 22 Aug 2024 15:11:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 077B 829 B
559 B 85ms
66ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a8479a6f16e08c9d11ebe35047e178c876418d065871b8458d23e959500c948d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-au-q9GIEBMh2PQDPnfo2OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-au-q9GIEBMh2PQDPnfo2OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 20:21:14 GMT
expires: Wed, 23 Aug 2023 20:21:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0A3 0
0 118ms
111ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=3681515497413444&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame E4EC 37 KB
14 KB 51ms
45ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB5E 0
0 149ms
139ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1924647654198136&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F43 37 KB
14 KB 54ms
47ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame DF98 70 KB
4 KB 212ms
40ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 982129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZ7vAgmHI2trfypSj1DtmjnwGTprt9L41faNnhf4kjksXMM1TMyjokP7ZIB7PfSVyO20hbYMfZeWUYsy%2FsLgPEDJPa87rVswBrFlPFQu1J4SsAtXKvy8P%2BO439NTsoCq32f0i2iixM%2FhqosyKbVQ%2BIeB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb60f8e4b01e168-ORD
expires: Mon, 12 Aug 2024 20:21:14 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame DF98 7 KB
3 KB 38ms
31ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:34:25 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Aug 2023 04:21:31 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10009
etag: W/"64c8884b-1be1"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Thu, 24 Aug 2023 17:34:25 GMT

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS8wYmRjMjllZjBiYThjYTA4NDQ4YTg1NTU5YzFiMzgxNQ.jpg
img.feebee.tw/i/xpQi19IC9TARuH7Qung8wo1OJVE-dOSWEBwrbusDrRw/372/ Frame DF98 9 KB
9 KB 419ms
238ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/xpQi19IC9TARuH7Qung8wo1OJVE-dOSWEBwrbusDrRw/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS8wYmRjMjllZjBiYThjYTA4NDQ4YTg1NTU5YzFiMzgxNQ.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: f40c1cf624ba1814521ef43989b4e31129ef1609304bee02438a75e540d8ec1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="0bdc29ef0ba8ca08448a85559c1b3815.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9334
x-request-id: RyI7alkXxm2dj37M9r97J

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9mOTIvMTExL2NlZDAvYjYyYi9lMGY2LzhhNzcvZDMwZS8xMWQ1ZWJiMDBhMDI0MmFjMTEwMDA1LmpwZw.jpg
img.feebee.tw/i/HIciJCaiYOpoyYRDBmPc0ZTCWxUBl8aaosdi0-b5xLg/372/ Frame DF98 14 KB
14 KB 535ms
354ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/HIciJCaiYOpoyYRDBmPc0ZTCWxUBl8aaosdi0-b5xLg/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9mOTIvMTExL2NlZDAvYjYyYi9lMGY2LzhhNzcvZDMwZS8xMWQ1ZWJiMDBhMDI0MmFjMTEwMDA1LmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 213c31f5eb5bbaa48d1f38eee69bb089c8c94eabe88e2b066734d518a2304919

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="11d5ebb00a0242ac110005.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13980
x-request-id: VglTlAPsCEuuiF8KMaWek

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS82MDAwNmEzYmYyZWQwMGUxNjEyMzZlMDI3ZDU4ZTljYw.jpg
img.feebee.tw/i/kFuDFx4yOaTBo3Eup35aZtpTw08GnVB5rac8C3Cv-js/372/ Frame DF98 17 KB
17 KB 395ms
214ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/kFuDFx4yOaTBo3Eup35aZtpTw08GnVB5rac8C3Cv-js/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS82MDAwNmEzYmYyZWQwMGUxNjEyMzZlMDI3ZDU4ZTljYw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 40d997bf30003412b98d2efe704a2982355afb49d5475a6316dd29d4078168a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="60006a3bf2ed00e161236e027d58e9cc.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17676
x-request-id: YijFYxqfeUGl0gjeG_ctQ

GET
H2 200 IzMouTcuScfypKluCMSFsdfE2sPyLh-rSGHUUVgnP_tRSF01LCpTuSwRxsp8Bz0CQjQXQAvEmE-zQiV55qTjYA8kjS6i3KQHK2oDjiMYMsian5a5ScS68KAu9vXoXAjJLC87OeoovbmnuX7C6SemAo8giPNs0zHO9flc1xVphGeGESg6HQUqJjAyCXQnLPW_fFNKY...
fsa-api.feebee.tw/maji/v2/view/ Frame 2FC6 842 B
922 B 245ms
231ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzMouTcuScfypKluCMSFsdfE2sPyLh-rSGHUUVgnP_tRSF01LCpTuSwRxsp8Bz0CQjQXQAvEmE-zQiV55qTjYA8kjS6i3KQHK2oDjiMYMsian5a5ScS68KAu9vXoXAjJLC87OeoovbmnuX7C6SemAo8giPNs0zHO9flc1xVphGeGESg6HQUqJjAyCXQnLPW_fFNKYzGxsgPOYnYV8HVM2Ff3YNhhPc7KJr-DMM8Nxm3exvDZPUPog0BUo9PS1pmATyBlpHOVRY2blYNA_9BrNlV9oeDfM3hrF7ljV6o3aZjJAJ9nEbLsVwg0mV5mkyD3Q1N.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame A73F 70 KB
5 KB 189ms
37ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 982129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lytE%2BbIZ3f0AcLinoVZLCtKYnPPQUPYnnu881ZaT18%2BJIE5KxTeAu%2Fng5WBeAbPcesuZx6l7m7zizjrYO2VDx9iB%2B1mnRWqAqxgQhw6HDg5lFha14Z9qx5tQoN5Gd%2FQnyEciuX0bcmeSDDgrhgmiM4i1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb60f8e4b06e168-ORD
expires: Mon, 12 Aug 2024 20:21:14 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame A73F 7 KB
3 KB 36ms
34ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:34:25 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Aug 2023 04:21:31 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10009
etag: W/"64c8884b-1be1"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Thu, 24 Aug 2023 17:34:25 GMT

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS85ZTA0MWM1OGU1N2RjZmM5NDJhNzU1MmFjOTdhMDZiNQ.jpg
img.feebee.tw/i/BiVuUg9qySw4EiVAd6qHE6WtBbBjL9QRsCT_Mc7CMtI/372/ Frame A73F 24 KB
25 KB 522ms
362ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/BiVuUg9qySw4EiVAd6qHE6WtBbBjL9QRsCT_Mc7CMtI/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS85ZTA0MWM1OGU1N2RjZmM5NDJhNzU1MmFjOTdhMDZiNQ.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 1ac4ac7f86677523bd7c860c9c82d4ee1d5e777074bbce445a298043d3c35fd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="9e041c58e57dcfc942a7552ac97a06b5.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24983
x-request-id: qudX93aoOrnO1dyCWZZLy

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS80ZGEvZTNjLzVmYTgvYzQyYi9hMDM1LzhiYWQvMjdiYy8xMWJhZWNiM2E1MDI0MmFjMTEwMDAzLmpwZw.jpg
img.feebee.tw/i/xAciO8o4d0x-ufux5UIiREjFSlx0-5TO-_WnDTiolLk/372/ Frame A73F 25 KB
25 KB 191ms
31ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/xAciO8o4d0x-ufux5UIiREjFSlx0-5TO-_WnDTiolLk/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS80ZGEvZTNjLzVmYTgvYzQyYi9hMDM1LzhiYWQvMjdiYy8xMWJhZWNiM2E1MDI0MmFjMTEwMDAzLmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 326173cb50d28396625045b6efc00c418eba62ecaa5555731191f1558cda0e26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:11:47 GMT
via: 1.1 google
server: imgproxy
age: 36567
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="11baecb3a50242ac110003.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25514
x-request-id: EKoMHXIBquHccPOb7qT-s

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjEwMC1oNndmMjVuZW52aXYyNw.jpg
img.feebee.tw/i/ubFlYkKaOpHEtumo7yZAd8_3fIRNPxVNGbG38BOnbCw/372/ Frame A73F 27 KB
27 KB 1575ms
1416ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/ubFlYkKaOpHEtumo7yZAd8_3fIRNPxVNGbG38BOnbCw/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS0yMjEwMC1oNndmMjVuZW52aXYyNw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 4680e5298925786fb0ed4c25fb2b411ca01f04fcc24ce452e666d0509652ce2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="sg-11134201-22100-h6wf25nenviv27.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27797
x-request-id: Rcv1VvdivkUQNXqUfbAek

GET
H2 200 IzM0Uopf4CuTvrFO7MsYlVVYpLBh1rTmmrA24aq9jbubCjEL9eHxUou60Zeu5LRkXMOMkxehEDP8ITxoeHEXTBztDpphh8SvXnnZYApgxwQ7jziEDhUrsOQy0L6x1tsZFLITtU2efTeMxeizuTCxgf6epd4JDwRc23QWx6Qr_hz1NooIFvMGRKzQPuVLLxhwjYolM...
fsa-api.feebee.tw/maji/v2/view/ Frame AFE4 842 B
922 B 240ms
235ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzM0Uopf4CuTvrFO7MsYlVVYpLBh1rTmmrA24aq9jbubCjEL9eHxUou60Zeu5LRkXMOMkxehEDP8ITxoeHEXTBztDpphh8SvXnnZYApgxwQ7jziEDhUrsOQy0L6x1tsZFLITtU2efTeMxeizuTCxgf6epd4JDwRc23QWx6Qr_hz1NooIFvMGRKzQPuVLLxhwjYolM--DGGBN5l6kpF3CgrExA8S4bkBXqP60BveavlsTBYtvDNGnjOFCfXtBPDsha5N790BXT5GAi9QCnHjGyVA6lD9FGoQr9E62UD3wpk4Uha76xlKqGpDwvRucnLtWbeg.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame E2AF 37 KB
14 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9F0C 0
0 106ms
105ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=4096819513968444&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 3E56 70 KB
4 KB 36ms
35ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 982129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPc79emEEUs9tcQ63JmAjTFaUSptU%2FQrHtfJXHXWaKqGroizM8xCnoPMTnp58VUb87ZpGGXAYnlKslpZ4KFceOajAj8tgwRjQkzs0siwJlUM0N8QRIl3dGJE73gj6KK05mrQjvNatOy0Z3RGlepbFi1F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb60f8ebbb5e168-ORD
expires: Mon, 12 Aug 2024 20:21:14 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame 3E56 7 KB
3 KB 31ms
28ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:34:25 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Aug 2023 04:21:31 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10009
etag: W/"64c8884b-1be1"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Thu, 24 Aug 2023 17:34:25 GMT

GET
H2 200 aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xMDk0MC9uYXJyb3cvNTMyNjdfZmRfMjAyMzAxMDkxNzQ1NTlfMTEucG5n.jpg
img.feebee.tw/i/M_L4D5KyW9HhGtcHMQipnTvgGoiqpj55zG21pO_Pt7w/372/ Frame 3E56 10 KB
10 KB 344ms
342ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/M_L4D5KyW9HhGtcHMQipnTvgGoiqpj55zG21pO_Pt7w/372/aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xMDk0MC9uYXJyb3cvNTMyNjdfZmRfMjAyMzAxMDkxNzQ1NTlfMTEucG5n.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: aea4914ec35b1f1afcdf364b60f994e2e4c67aa2367771a05b143c875c0b59c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="53267_fd_20230109174559_11.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10092
x-request-id: YH6ZKJFyCqn4Q0kq-q0wt

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS03cXZjcS1sZjUzbWt5cnNzNm45OQ.jpg
img.feebee.tw/i/SspuH8d_rfXho5QUPvzZ2oepedjR0zvbQD1MlHu8jLc/372/ Frame 3E56 17 KB
17 KB 375ms
373ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/SspuH8d_rfXho5QUPvzZ2oepedjR0zvbQD1MlHu8jLc/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS03cXZjcS1sZjUzbWt5cnNzNm45OQ.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 663c95194c3c9bc096b798d2c52f778d6238e3a706f41e25178f835b283ea0ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="sg-11134201-7qvcq-lf53mkyrss6n99.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17167
x-request-id: Cr8WMhIjJCCpSa6EWTTX8

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9mNTIvMTk0LzIwODUvZjFkNS9jMDI1LzBmZjQvNTcyMi8xMTVlZWFiYmMyMDI0MmFjMTEwMDA0LmpwZw.jpg
img.feebee.tw/i/2SXi7fM7-5FeBvckbjG-_njbsHkU9c8TmL8HtcmENIA/372/ Frame 3E56 19 KB
19 KB 355ms
353ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/2SXi7fM7-5FeBvckbjG-_njbsHkU9c8TmL8HtcmENIA/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS9mNTIvMTk0LzIwODUvZjFkNS9jMDI1LzBmZjQvNTcyMi8xMTVlZWFiYmMyMDI0MmFjMTEwMDA0LmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 394e4bdaea69c5e690bfbf625568b3eafcc3627a8364489f996a5615a8f6707c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="115eeabbc20242ac110004.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19809
x-request-id: ItHVbCd8aCTCsBQvl46Fb

GET
H2 200 IzMD4Uc6DvWuhl0tRWtdcszvt7JtdTMTTbbsXlQ5p5QyvItcbptW1JkDStsIKjyfr4Lp2h7pbhYOAZrUOGiDi8OHlP4oLJpsEJAtsri-lTfmalWm_TEtcXK7nAdJ4ZmyqiL80ReSU37WRZvxeLGUmcdSo58H1BZORRivfkJ--IwovMwxis9llbtADttxbOIU6QxGy...
fsa-api.feebee.tw/maji/v2/view/ Frame 78C6 842 B
922 B 234ms
232ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzMD4Uc6DvWuhl0tRWtdcszvt7JtdTMTTbbsXlQ5p5QyvItcbptW1JkDStsIKjyfr4Lp2h7pbhYOAZrUOGiDi8OHlP4oLJpsEJAtsri-lTfmalWm_TEtcXK7nAdJ4ZmyqiL80ReSU37WRZvxeLGUmcdSo58H1BZORRivfkJ--IwovMwxis9llbtADttxbOIU6QxGyU_FonAbuZ3ezdPN1H2SwbP3gsXnn0wzPX7DiqQmfvyIS_okPlD_rI5NHti_CL2pVcIEs2-20Ug31-ndZMYlJWG7ZY68thoeF_rJ5etjk0k84jzgscrbzrlq-9i_aCRziuR9WO8NJEzqTg0-tsahQ.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:14 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 077B 0
0 103ms
103ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308210101&jk=3241713059354143&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F68 37 KB
14 KB 47ms
46ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 21:15:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 21:15:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E4EC 0
10 B 46ms
45ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?T8olPQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5F43 0
10 B 48ms
47ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PLiJeQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E2AF 0
10 B 49ms
45ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CIM7TQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5F68 0
10 B 46ms
45ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xbw4dQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 IzMdPlpEwGQZo2uro4mSAbTlCbzBpGZPjJzEE5VqAjMNLJID2WPUerYSarNNAVHUAyCwaf4WB3PFHL8zta2T_JWHE71oInMXTUcncu9zsRFN_k0-hsX9IdJdxTRXe9Wcr-D3jYZGzOCFrySo907E1ViuMvoARLFqUv4fdY8hQPQB5aU3_lPauHY5Yn5f2nTQjNeYF...
fsa-api.feebee.tw/maji/v2/beacon/ Frame A73F 842 B
922 B 246ms
244ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/IzMdPlpEwGQZo2uro4mSAbTlCbzBpGZPjJzEE5VqAjMNLJID2WPUerYSarNNAVHUAyCwaf4WB3PFHL8zta2T_JWHE71oInMXTUcncu9zsRFN_k0-hsX9IdJdxTRXe9Wcr-D3jYZGzOCFrySo907E1ViuMvoARLFqUv4fdY8hQPQB5aU3_lPauHY5Yn5f2nTQjNeYFT4cQEFj8SSZWpY8MYXEcxjUGj1OGbgTD-kPdjwOSlj4ATjJHYRq0kf9TXeWMESt9XcC47hr5jRLBqNvIQW43R5zKePo1ZN9TRKXqtrKmNCJ95qBDlQoBGH2HFpzwUy3j-a1GwWcjVHLBuxtt8hH3AxodTkjCB3WalDdL4z4_PiUNzsPSNcr59xciet6fFpS7F65mBKxj6RWSwTqzo2DCAQ-0XL0nAuSZjG1LDSmsDKBQrD0QFhxd1BdFoK9ddVK3i-dH4kRPDMCz1CMQg_IQ.gif
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 IzMHfIIs2gAO5FQ-dyVvjDMPzGQDCX7YEeNf4YnNCzzbhVJYFIx-Rs-3-Qq1dEWF5bYjR0aj8Exh0GTgduApl87JvVoQqqhYt3R1mvDhFVwLHMtLFxZ3rERHOdfjXn5OPDcmVLYtlKhcUzvA8y5Rurcxhq6kZLM5hmtzFIFCT7MPcfaK3zT96cAsgAXdD_TEHrIRn...
fsa-api.feebee.tw/maji/v2/beacon/ Frame A73F 842 B
922 B 243ms
242ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/IzMHfIIs2gAO5FQ-dyVvjDMPzGQDCX7YEeNf4YnNCzzbhVJYFIx-Rs-3-Qq1dEWF5bYjR0aj8Exh0GTgduApl87JvVoQqqhYt3R1mvDhFVwLHMtLFxZ3rERHOdfjXn5OPDcmVLYtlKhcUzvA8y5Rurcxhq6kZLM5hmtzFIFCT7MPcfaK3zT96cAsgAXdD_TEHrIRnL8_I9WtNYapPx00tAWlB06olIRz3BvRxcm441klbP-WDrZcVJi8PBqmRiNI5PrW4v6voHcmPOZmPmX6zfYr3JUg_liSPSCvBQOiGE-UOGNMe32FETXhnwQHWRfxSUHQz0WkgI-OKnkM-Nu9TWcahOaP6GVqOzeL_ao0j-zm5vmDeqSqPKEJ38YiNojhGY6ZTl1TCtb1MwzkyC5Z-JGt7bboElaBG73WigyOtMVDysERpFyeQGjaAFnPfJrCTr2GbFXWvTmh2kHieXg7JLN46h36y2EpYP-g7-Znqh0etlqVkMvAChTwLtdsNJ854alOzx0k0_zIiMgILn0CyGRSgvzMPA-Dd7NdVuXw0bAKCqtRhnDm0iyFTTSuzmEGN5KfehkDOYPMWsIF2sIqboFhDDFHKEILDsBzUWz8cuoEi9k_eN_Eg95zyptI-ok7JgPD-g7RnEPycRWhIfc0ylcDX4kkJMBLhCHeKMhMS6f6cCROXUyJVuneipvjZb_z7E8bmKRNNhf9k4J4bTHE1le7002Z0irOpwRAFJ7ip_gHCA.gif
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H2 200 IzMbjO85jyPaB6tRZse7glOqqP4f0owcVET03q5lTbYnyhIFNqxyFpLdMBCHqLaqF8qHaSpUe6l-l0a5djWF9cF-KHXMZjU-g34MNtLAmHZ_W70lM5mXF7mjPxnnqWDa_1yiE4FhF2cZAoY80nOBZzxCuezavEOWmjXd7UyqaKySgbqwQlvaw2t7-H4qe0cduFtZK...
fsa-api.feebee.tw/maji/v2/beacon/ Frame A73F 842 B
922 B 241ms
240ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/beacon/IzMbjO85jyPaB6tRZse7glOqqP4f0owcVET03q5lTbYnyhIFNqxyFpLdMBCHqLaqF8qHaSpUe6l-l0a5djWF9cF-KHXMZjU-g34MNtLAmHZ_W70lM5mXF7mjPxnnqWDa_1yiE4FhF2cZAoY80nOBZzxCuezavEOWmjXd7UyqaKySgbqwQlvaw2t7-H4qe0cduFtZKf6yGXASjCgTfmFjE77DqrcT7k-kS0Xx4LmS56tQyPMAcRxxycF1l7RahBsKwo_hUrPL943gsw8rcahNjjZA3YAHQUPpJP5rJpR7k_HmfoalShthogoqCNNL8ApykgSxwHbzij6kwbd8-XgD1MywVFsM5cSDvLDu9dG98tcsdZtA-jWH9I4FN4Q6ZZBUdzX_2dyR8Pjb3ONSwd1AAba1rdpPWBJnbuTEhAHF_RUHCbT74gdTK8E2-AgSN5ZOHh61yZDYRe0SqMegLGo-ZKsjQ.gif
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:15 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EC76 0
0 107ms
107ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=3681515497413444&bg=!i4iliMfNAAZGPLJIZjw7ADQBe5WfOJeISseovspRlbD8Hv5TBYFeNwfKQTtaTCQIu9RNAFwYnxlQ6E5nDYW5N-WOkjf1AgAAAnNSAAAADWgBB5kDMBMEoPGxP-pHf-Kt6RGjeoe-GHKG3HIC-4OIuOirE2a08A0rQ4sSO0_CPJ686FIx4xsszyWbofrsiPjcHNq6T2Q-CTB6JPtJ9ucKpIqbyirGal1bvqTYTmwMQd3GRoojitSN5_-zLeRPRLc0qa62wGFjwPhlq2dnI28jo62S4YLxn3sHINgW_WXb26Z9bX4dLH_NNP2TYq_z4uydo8CZ6u0_4lfYXjsXF4NBE5B7UNM3qTVihCTe2odVh92jtsqGV6PFpR6oqH7INkZ2z_ZnHKbLux5HnWq8hdpm99H7AVNrAKE2OzD-A2msmEoubu81bAWr3bPcNYFVr66DQXOwnBFQXYD_g9syVJwQRIwFxjvF1YiNX835TJhUML-3yBwdhi8p953_yfvFISAIel0tklJFHB71Bs05ecbjPKzjL7n1yd7k_wxGDPGGIBDg7AMesUrPn8ia0q6yr9XumDIP39JiU3xdT18h-c2mrOJTCeqAifTDRQtFDZgzIkBWG8oRJb1aYx9Lkub99kbZAtSMc9LEI7dZkSxK9KDOsm0AJxxAuHHG022agrDOqao1sLTmEh4ZEQ44IS_dFmpIrmjJUYWcDme2wCasHKSmLNSH9NdBKb6UlbUep_bq1nqxcY2Jr4b_p7a_SmYc_7TSsqPoOEwmPyDc5AvPTC0Yrji8fjsGAnkQsu9aC0jQNBcfrcshQPaq1anwDFXUIINjO3s_QDx6nedQA_SCe_KqrTjjThQ0T1UTz972gBirvByI4UGOdNCuPAxFNph5VBu2pIi39Qf1GMBl3MEOL1RrGcLUrfAezKxOPxjtTboQu5QizpEhAbG_tAcKo3aopcZSBbWYaHf3qArVP87XDU2bagcmGxAFnMA3XCZqhXvkYLu3PAP3lKgxLXktdhPyZJm4Up3b_BM-J_iPBVML00oQPgvWunfEPs6QxFt1GIfmCfRo4VTym6BVX7W26x7C_AstuGeM8KEYS1wn8g-AiRZTt_hBgnT3VjyRd-2gWkqRJt4W39xx1VvLPxT7D-rGAS6KiANI6IwSespnm0Vg8L7pJwdsmXsbb8zt7sOaQBvnRdWK4hF1Uw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BC86 0
0 109ms
108ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1924647654198136&bg=!ra6lruHNAAZGPLJIZjw7ADQBe5WfOGB6JTaa9W2UsAdxjAW8bxRd2QwDDwi9jlffln6IepaJJi0fYehEuanNKw0ZvZlSAgAAAldSAAAACWgBB5kDOt7e6O-BWytRyNR1DQ5rlCn1v-HZOtIn0gm-XT3zrGGRDVNwsulzJJw6YoiHU_yw_khsqVb8_7-tRaBvd6n8bznwalZoAAGXGHE46AOYp_HvozWjNAN_pZYRB-u-LPrvm3Ll7P1wAsDS8D5Hw36f90zBCHawwwFPCEUfvPoWlddv-xq3d4osviICmxl95SKparX0EWZc7Fd99H4IHmlad2ZjQiIFdTc3-bJWK0Sbh_da_mQtY-9U5mbM2FFcfQMDJ922kmuB6sZcz6KQbFr3NuaEhAZ7UoRSYaAkKJ-_UFEkwdtIORh41pTtYHJkqjTd7yWxWbB37ySWqJuZb9jFhUuMEwWqNJn2e_un5H74dfBg5kUaBZ5gpQGnpX05bNcYgYUWPIEcSKFp-IV36GmfemSUwox9dd1V18kHiOmjRO6y-4ob7uIsRPJQPge6Q4vlj6RwraJYMJwv39zpPZoW85_u9Bc-IR17AiSsVQRYIy85KvL6txR0dCkzIYlOUif4PmtLkajteTZzogoXk0u9JpHhNZtJRuknQN4T2P3pFGURqFu-LBGZ0ab6zpIfRiw5pIaQ1DNKq2DUdbn4N5os27Zmkuyd14S6JajrbWeKt-Fh06ZMo6BNpUe1Iy7BKr6Qn_qSmbHUYJKo6Av9M-VnDNrSTcL_frzZeOS2p-GnMX35XW1iz6Qc5jEp-3LKwtDbcu0lo5g1Gjy_wV53qtKPlVSwGNn8Q_92i7QlCWl2Ylft5JxMQlY4U0JBB1W2-6CuFOHL01A8EdjAPdT5SlN5c8u7yZCWib7KC6CSseDLwesA6OtTwfVaTbo1o3_6MSCVXTUU7KczKqIbf0G1K9fuTtefKRRZnT1_1GzOFE_kuTTPmfLkJMN6YjQWuld5zkfIHn3Segz8_a7Xfu2GSMkgLfXrtEb_a5Ssu9ysdnmTPRcB1K69D6o-kb94DdDleB7gjUuig5fG2DF4g3CJBe_4IFmv-QhvfFRvVwtW5fbiU2Ac05Hf8Vr94NVZAsfZPN_Yq2khGD65OUdFyvoAuDEFz2OBhN5IIPW-c4Pa3TrEnzhIJE88fkoCdc9CUmSrT7aknk-IagS90iMs4bM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FF7A 0
0 107ms
107ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=4096819513968444&bg=!lJell9jNAAZGPLJIZjw7ADQBe5WfOCS2NpyLguywiYEGw0Op9HwWAtNetI6Hzdnwge8fItWGQwbQ7m2vp_hXR87BPdFUAgAAAmtSAAAACmgBB5kDP6kXQps_0xXvQZsnoAKhheWvn2MxsI2zNRaDKIpSv3aMf_lRlVXR3nwCtyDN1sXi634y4U2I5dpUWy50XDsahtSChJLr1sKGWlrXoCC095bn1gmd9Dmbtz5R1dIQTBT6SvwDGGXqYuUNMsuFX5pxsSrioPA-jZ5auWNUufclZkAbYOm3Am3D9TzQVhr1en4cb2sZy-xo7D8ePhEfWL5lbuqlup8BUyaF2HZ8_BwehPHuSr_3SN0q3a5pufZ6I297shflGnwAOe-OuyUJDLSOe1h5FOuczbiIAGPbyDkUlTjGAx0isE4YxtSqRRYoSp-bLOeA9l4Fd5LzgCrWOHKvErv4eRo8JGA_OWGhs7Kvfh47s4Faq_c4i31Y_WKg67KQelVSNCQ9qKmCjilPcKYU9oYDeNip_PyHX1AMjEj_MhRs0oEstGdITlgpRVb0EnRKmCBaeq2GSs6mFvuryUC-6nHsEEx8aVckyHoX8jz5KWYrjkyqkyGN76MbC6E4aubqckcuqFQp75TbjPaCjrnMQZvOn8ws1MFIRarP7vELteWdJ46MScey7XlJIQyq7Ml_moOF67seMjIRWRxM4euhqBeNfLhQLtqN-h2YZ0KWqsG9Ltyl-uu3oToKMysecxvJgw4Seg7W487UIonQJLgZsIDHofoBEUZ3OF2WS43Bbe5iwNEmaIN7cZrVCocCKaaF-My1SsEE3u6GrgS7C6BxUizgBPTlTyZdAZuFSgwGz29ZfjnLXOFvqcmzxppWr5CdTI7qzNEI9xxzoIZephyMgIgYF6y9JCOEIBh4iATYZvdEfUCpDWKTzKrRAdxD6RzuPameKKuvkl0XBYCNybbOSHwHk4CFx5yi-KvFmb0JhmH0AIUfOrznEHjc24HYLy6JRZAeBygsLkIFs9Je0ZJvBE0bIoA0ujSCsS30TYnKB7A0TD7xa0UNeuA9qzTqnd4BIHCVIg733q35dfKs0-NlN-hLFusHJzvASlewDvmbdYfr2xfu7sKQzqgOgVpsTbGqE_1oV8v8TDVl73jo2H7j1MhLUilSZNwWsvoT0amYV26xHzHJ1xTes8FPOan0-PKeKaqPmKiSXreN1DzJkLwjTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 00ED 0
0 110ms
110ms Image
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308210101&jk=3241713059354143&bg=!GxilGFfNAAZGPLJIZjw7ADQBe5WfODrRVUoWckYa1xKm35f2AOzMsLevTASoBCqNQqP0rK9WxzF-ECSJ71GB5XfhExv1AgAAAf5SAAAACmgBB5kDN6KHZBZp1vkzkiySGM7Q5JGQWpmaEU3knKLPk13XiGGxa7ADvr2KURm47h7O-0l1PIDSAJQUDMrD8VtsDqnMeopH_NU9LV2nArvyMKwGARgLfYjkmHOH6J67LtPJg9P4n41XKEtESTQvrSdQfzij_47m_gVhDgTSg_ougzyvD6AEwRCu0CwdrRl3_ylc_WDo-pDjkCozUXWT7-LeoQvEYVWCyRFb0Sv7j3AjWcdPAz7JFBGWt9T-qXvh6MGcw6VV6vXGIXISl8QYANIb_w8lIIiq-kBIEWKCseiQUIZ07xJnXz6c5XULxfCI-GU6QtdFD1qzYg12fjIP_Q8CqPRi5OkaJzf395seG9BnD1p5jiKBjdaNnHC-DW8pDJa-oRpGQgX3kXgSoYDDkN_tip4R61SY95yllO5VSqC_ag-PXZXknRUbXkdUZe2-2VqErH1XQNknI4tBco1VbpEUmIuinnaar1NvYoZixn9HynENCarvM6xktXIqWQJfIQ1E-sy2ykxSe-x37GxKX7kNA1zpmlDrcavv22ChAhXA1mndAppr2iPoeCCtKn3XOp77Hr3Qq74tUnWqsL6OK9XHScQCfWYqcgbm3AceY5Jz9B1hsK1xHBnrx7tGoGhoS40gcoYXYi2A1QmqKWN9o6fw4wG-MbuFyzu244nkPWmdrgsAag_YtyIw7VIC98VR1YRR1Gf_E1gw3U2iVecTKqsa58PuoSgNJM44Et1K1-DPmfL9J2XGMwwKDqfgNTjy-aPWfUKA7B-QJgnJntRKuoOYkXG0FIRaEnHAddhYYBVDDQ3l4PVjGfI3LZTTm9kfe0NVH5lbO4GgIOHYYZHyxRq8xwbIs3g2b5dB2SS8PjhAUvQtPCyx-fhRjjtLAJ-FgPVRO1h2khFZM7N0_KIlNMtzVQyibLjcnF6TopMnYB937MMq3MmNND9ErPeR2yE1BWxw7UwV4m6qeAYI_JduwhqHl-14j0Sea4aEZdU-otLj1C2RctmTe3GDreeywrsv_pVpdFrGAgSo116044pLsPLXI0byHmdG4JExYgrH7l35xVJQrnMCOo2Iq1RZlLqHSC0nBqkXG6cKDjEhG0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame 82E2 6 KB
3 KB 219ms
106ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e66a3f95d8eff3784b94ea554f209c&r=https%3a%2f%2frisu.io%2f&crossorigin=false

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

54548cc5cb00d4c456cf95a25fbff54675ebc988fa6a3d399284eb8fa4b51981

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 23 Aug 2023 20:21:19 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2932222
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

POST
H2 200 all
csm.us.criteo.net/ Frame 26D7 0
128 B 361ms
123ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=OnOsfwOVN_X1QECOhWC3PXnBIbfrTc-YFLAqzyyiwuqHIFO25wMp2Qz45Ve7wIRc2lGM3JHhdP7ttbAYHwZyZ5mbxm39RABR-TCKDzlFtx92ZB2qnYEhkeBqulY6OUo-68-ZvrRti0YNR1yhPeJlHwiAjQJBFdfjN1NZmhU2RyS_GOK0SFhkViLK7UUIN7uSPi1lO32EGyKD-Jt-EJ-g_Pf5_w5FBAzMVNhKuoKTLUxiCTpMK3m5yfcxB8ziZZaLyaLm3A&sds=2&rev=88100&sendBeacon=true

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 20:21:19 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 26D7 2 KB
1 KB 71ms
65ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:21:20 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 26D7 2 KB
1 KB 73ms
68ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:21:20 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 26D7 308 B
636 B 94ms
89ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Aug 2024 20:21:20 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 26D7 293 B
621 B 74ms
69ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Aug 2024 20:21:20 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 26D7 43 B
347 B 102ms
97ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=b1N0K_BJ7coScDUmyQnLja6P3gQUMOjH_Yy4k4V-Jbt2gDFLjXOcz5Jk_4FcpwpFStMhjEljlxZl8cVAz9Y9-fWm58AtpEjLkx1GVSaS1VFjA65VRpszz8_fROO6ZkwEc8g3-3S9lq2ZmOgbEUpHXHUDKdclvd5sVTfS9ijYCxswcw4B8q-dD5m2cNSflijumX1OePr0NOeKhspl7WNDiVEXYnKifqnHNsFMK4NTux3kSs3dLvy0V3SCb1FXtdAMS414JvsAscFjh2q-My0mgB8GKIXo-nL7f9WURe-pv1W9SKg99jxH7TiK40RfW7zMRrfz9uXomQiNhbussXvzv3yn8lUWnD6iW6EPw5C3HCoISrPyydvmkjtg1GYydZ7qHNZaoihBRcfKF3n_8xzEbvXKHo0Tv-kF7zR0Wfwdbl0lByC66sffUf21Ccct03BL9kEKXEYdVdEIGFTVBtWYdnm5RP0

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4825765
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg
static.criteo.net/design/dt/94147/4762382/ Frame 26D7 75 KB
76 KB 106ms
102ms Image
image/jpeg 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/94147/4762382/d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a8d266bd73470a02cc1410aa3dd29da9d49131f729c0a22de7e0a70ca7d4e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 01 Jun 2023 20:19:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6478fd40-12d81"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77185
expires: Sat, 17 Aug 2024 20:21:20 GMT

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 26D7 2 KB
1 KB 91ms
87ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:21:20 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 26D7 2 KB
1 KB 89ms
85ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 20:21:20 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame ABD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_cm&google_hm=ay0ta2tCWFhjYktHWUtuanhQREZpMXRodUtIZWpReFJ2c...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_gid=CAESEH7vOk-qgWisaLp6wJa81_8&google_cver=1&google_ula=913071,0

43 B
371 B

1076ms
41ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_gid=CAESEH7vOk-qgWisaLp6wJa81_8&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1179262
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&google_gid=CAESEH7vOk-qgWisaLp6wJa81_8&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame ABD9
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-nbZNXHcbKGYKnjxPDFi1thuKHei1cvNtS0hQJw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nbZNXHcbKGYKnjxPDFi1thuKHei1cvNtS0hQJw&expires=30

43 B
510 B

136ms
78ms

Image
image/gif

35.211.178.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nbZNXHcbKGYKnjxPDFi1thuKHei1cvNtS0hQJw&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-nbZNXHcbKGYKnjxPDFi1thuKHei1cvNtS0hQJw&expires=30
Date: Wed, 23 Aug 2023 20:21:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame ABD9
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8394439617809991017

43 B
370 B

56ms
45ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8394439617809991017

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1440083
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:21 GMT
an-x-request-uuid: 49dc5cfd-48da-4977-9008-16b8ec7446d0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8394439617809991017
x-proxy-origin: 104.237.193.28; 104.237.193.28; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame ABD9
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-c2vyVXcbKGYKnjxPDFi1thuKHej1FifqL0NUqQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-c2vyVXcbKGYKnjxPDFi1thuKHej1FifqL0NUqQ

43 B
905 B

144ms
50ms

Image
image/gif

68.67.179.87

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-c2vyVXcbKGYKnjxPDFi1thuKHej1FifqL0NUqQ

Protocol

Server

68.67.179.87 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:21 GMT
an-x-request-uuid: 6b765397-2dbb-48e1-86fc-22f586ed61ea
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 104.237.193.28; 104.237.193.28; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:21 GMT
an-x-request-uuid: 7106dd8c-081e-47db-898e-497786eb3504
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-c2vyVXcbKGYKnjxPDFi1thuKHej1FifqL0NUqQ
cache-control: no-store, no-cache, private
x-proxy-origin: 104.237.193.28; 104.237.193.28; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame ABD9
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&custom=&tag_format=img&tag_action=sync&custom=&cb=4f16d7ad-ab23-4deb-9171-1caf010...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k--kkBXXcbKGYKnjxPDFi1thuKHejQxRvsnvsZKA&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=4f16d7ad-ab23-4de...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=8394439617809991017&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=a0024b20-41f2-11ee-a052-b1dfb974b406?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=a0024b20-41f2-11ee-a052-b1dfb974b406?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=16ffddd187e7fdd822c047bdf7ffc7a&tag_format=img&tag_action=sync&cb=693461907
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=95d71129-6ce8-4401-8b2a-06c120376e97&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=a0024b20-41f2-11ee-a052-b1dfb974b406&cb=1692822082601&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a27cb237-1f23-40db-bded-df15c19a2bdf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822082601

0
410 B

79ms
70ms

Image
text/plain

34.235.86.243

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a27cb237-1f23-40db-bded-df15c19a2bdf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822082601
Protocol: H2
Server: 34.235.86.243 -, , ASN (),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 23 Aug 2023 20:21:22 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx/1.22.0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:22 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=a27cb237-1f23-40db-bded-df15c19a2bdf&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692822082601
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Wed, 23 Aug 2023 20:21:21 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame ABD9 61 B
792 B 1251ms
97ms Image
image/gif 23.52.163.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-vzVmLncbKGYKnjxPDFi1thuKHejrZTGohVHJSw

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.163.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 20:21:21 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Wed, 23 Aug 2023 20:21:21 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame ABD9 42 B
691 B 128ms
46ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-4LMx_ncbKGYKnjxPDFi1thuKHeh0SJmpJ-EdHQ&expires=30
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame ABD9 68 B
279 B 1206ms
43ms Image
image/png 3.227.175.66

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-K8QlcHcbKGYKnjxPDFi1thuKHeiORfmOQQtm9Q
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.175.66 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:21 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame ABD9 43 B
687 B 1150ms
54ms Image
image/gif 23.105.12.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-UMX393cbKGYKnjxPDFi1thuKHeizPqqiFzvbdA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 20:21:20 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame ABD9 0
231 B 1202ms
39ms Image
text/plain 141.226.224.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-M-9wZXcbKGYKnjxPDFi1thuKHeiz9OKorgbQBg
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:21 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 416174

GET
H2 200 um
criteo-sync.teads.tv/ Frame ABD9 23 B
277 B 1214ms
51ms Image
image/gif 23.52.160.7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-elPQJ3cbKGYKnjxPDFi1thuKHejZPRIXn-MdWA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.160.7 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Wed, 23 Aug 2023 20:21:21 GMT
pragma: no-cache
date: Wed, 23 Aug 2023 20:21:21 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame ABD9
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1DARJ3cbKGYKnjxPDFi1thuKHei1v2U7fnBGSA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1DARJ3cbKGYKnjxPDFi1thuKHei1v2U7fnBGSA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

140ms
51ms

Image
image/gif

35.71.139.29

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1DARJ3cbKGYKnjxPDFi1thuKHei1v2U7fnBGSA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.139.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 23 Aug 2023 20:21:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-1DARJ3cbKGYKnjxPDFi1thuKHei1v2U7fnBGSA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 23 Aug 2023 20:21:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame ABD9 0
398 B 272ms
51ms Image
text/plain 34.200.65.202

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-THmDvncbKGYKnjxPDFi1thuKHejNdsxSJdR3ZQ

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 -, , ASN (),

Reverse DNS

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:21 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame ABD9 43 B
867 B 682ms
194ms Image
image/gif 202.241.208.56

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-YN_nWncbKGYKnjxPDFi1thuKHehKP7sVV9bzSw
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.56 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Wed, 23 Aug 2023 20:21:22 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-YN_nWncbKGYKnjxPDFi1thuKHehKP7sVV9bzSw","cluster_id":0,"gdpr":false,"ipv4":"104.237.193.28","key":"ZOZqQsCo5tIAAE9CGHUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad379"}
X-SO-Key: ZOZqQsCo5tIAAE9CGHUAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad379
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad379.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 43
X-SO-LB-Hostname: a-tgng40014.dc2p.scaleout.jp
X-SO-IP: 104.237.193.28

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame ABD9 49 B
341 B 289ms
46ms Image
image/gif 195.244.31.11

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-SjHZUHcbKGYKnjxPDFi1thuKHehp5nXFcVi-DA

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.11 -, , ASN (),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:21 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame ABD9
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=46vBPgE4ajxo8YTEn5FI9UZJWD7htw32

62 B
545 B

1132ms
126ms

Image
image/gif

23.52.164.232

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=46vBPgE4ajxo8YTEn5FI9UZJWD7htw32
Protocol: H2
Server: 23.52.164.232 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 23 Aug 2023 20:21:21 GMT
content-length: 62
bk-server: 48d5
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=46vBPgE4ajxo8YTEn5FI9UZJWD7htw32
date: Wed, 23 Aug 2023 20:21:19 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 2104149
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame ABD9
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dktdancbKGYKnjxPDFi1thuKHegT3QmJPBN8nw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dktdancbKGYKnjxPDFi1thuKHegT3QmJPBN8nw&C=1

43 B
766 B

53ms
51ms

Image
image/gif

192.40.39.223

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dktdancbKGYKnjxPDFi1thuKHegT3QmJPBN8nw&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:21:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:21:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-dktdancbKGYKnjxPDFi1thuKHegT3QmJPBN8nw&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame ABD9 43 B
618 B 255ms
51ms Image
image/gif 63.251.28.133

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-HBFdTncbKGYKnjxPDFi1thuKHejIQGRKeBj9SQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.133 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 20:21:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1692822081885071-1148

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame ABD9
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Lof3NXcbKGYKnjxPDFi1thuKHeg5gll6LIQrnw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Lof3NXcbKGYKnjxPDFi1thuKHeg5gll6LIQrnw

43 B
446 B

80ms
58ms

Image
image/gif

107.21.146.241

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Lof3NXcbKGYKnjxPDFi1thuKHeg5gll6LIQrnw
Protocol: H2
Server: 107.21.146.241 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 20:21:22 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Lof3NXcbKGYKnjxPDFi1thuKHeg5gll6LIQrnw
access-control-allow-origin: *
date: Wed, 23 Aug 2023 20:21:21 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame ABD9 42 B
274 B 224ms
126ms Image
image/gif 34.117.157.22

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-Cl8jvncbKGYKnjxPDFi1thuKHejLD2h_8-CG_A
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:21 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame ABD9
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw&_li_chk=true&previous_uuid=453b63e046474bdfb6ea0c970b767f73
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw

43 B
548 B

236ms
51ms

Image
image/gif

2600:1f18:ed:550f:88b9:3302:6b1:658

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:88b9:3302:6b1:658 -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-prMkAncbKGYKnjxPDFi1thuKHeiZqxo2NIjjPw
Date: Wed, 23 Aug 2023 20:21:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame ABD9 0
963 B 418ms
216ms Image
text/html 3.222.170.15

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k--pxv5XcbKGYKnjxPDFi1thuKHegO_3hee8Sm3g
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.170.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:22 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame ABD9 42 B
689 B 163ms
39ms Image
image/gif 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-otghAncbKGYKnjxPDFi1thuKHegOtvu1RJz66A
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:20 GMT
last-modified: Tue, 06 Jun 2023 17:34:29 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BFF49F4D3E74AE7ADE1EF0112ACAD0D Ref B: CHGEDGE1318 Ref C: 2023-08-23T20:21:21Z
etag: "4729cb259d98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame ABD9 43 B
538 B 242ms
49ms Image
image/gif 54.163.228.183

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-f64IrHcbKGYKnjxPDFi1thuKHeg0Ealz_D_xIA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.228.183 -, , ASN (),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:22 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame ABD9 0
287 B 251ms
61ms Image
text/plain 64.202.112.159

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-gaji9ncbKGYKnjxPDFi1thuKHejlIODd6K5oRw&initiator=partner
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 20:21:22 GMT
Cache-Control: no-cache
X-TraceId: 85b8505d9657438c52bb54f86e3d9485
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame ABD9 42 B
578 B 229ms
53ms Image
image/gif 162.248.18.37

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-dj0YwXcbKGYKnjxPDFi1thuKHeiVnC0HgM482w
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 23 Aug 2023 20:21:22 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame ABD9 0
0 237ms
62ms Image
application/json 34.233.227.88

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-CkqJV3cbKGYKnjxPDFi1thuKHeh8Xmu6Ipp-DQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.227.88 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2

204

/
s.ad.smaato.net/c/ Frame ABD9
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-R8rSU3cbKGYKnjxPDFi1thuKHeiJyzXh9M9ftQ
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-R8rSU3cbKGYKnjxPDFi1thuKHeiJyzXh9M9ftQ&cookieCheck=1

0
557 B

73ms
70ms

Image
text/plain

2600:9000:2511:d200:1b:5138:8a40:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-R8rSU3cbKGYKnjxPDFi1thuKHeiJyzXh9M9ftQ&cookieCheck=1
Protocol: H2
Server: 2600:9000:2511:d200:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:21:22 GMT
via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: LFuYEbrYwJlPfxto4w4AXhtUPgYID56mzQyUP_PIL_8_1JD8JD-roQ==

Redirect headers

date: Wed, 23 Aug 2023 20:21:22 GMT
via: 1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-R8rSU3cbKGYKnjxPDFi1thuKHeiJyzXh9M9ftQ&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: tccEtJnQ3HcZkrIoe7MV8fTtWj-rUjzaiL88-XnKiD2rNzYoQaFD4w==

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame ABD9
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=5qzQjJbxnMfz4gWxWaKKRduz39XO9LPw
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5qzQjJbxnMfz4gWxWaKKRduz39XO9LPw

42 B
940 B

70ms
55ms

Image
image/gif

52.200.207.228

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5qzQjJbxnMfz4gWxWaKKRduz39XO9LPw

Protocol

HTTP/1.1

Server

52.200.207.228 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v049-0e9a2000d.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: eUQENwczQb8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-2-v049-0ac3873a0.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 1LDtL7e8SKc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=5qzQjJbxnMfz4gWxWaKKRduz39XO9LPw
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame ABD9
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=C1Q1PBi0NCvcuAFr0oiZPFlORLKKLDJs

43 B
656 B

248ms
77ms

Image
image/gif

108.138.128.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=C1Q1PBi0NCvcuAFr0oiZPFlORLKKLDJs
Protocol: H2
Server: 108.138.128.21 -, , ASN (),
Reverse DNS
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 20:21:22 GMT
via: 1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P4
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: munMkyIVFPl5mbPpnpsEmMFqo2RfQltfnVrjO-76CquW_1_IQjhlaw==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=C1Q1PBi0NCvcuAFr0oiZPFlORLKKLDJs
date: Wed, 23 Aug 2023 20:21:21 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1522326
content-length: 0

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 18:32:54	Name: _GRECAPTCHA Value: 09AG8ZzsvCLN3gK300yEVr7UtvccR0y5dnus_m_EvFfeTVfjCat5LP_EjBbchZ3fSa5Ck8e9D444IITzgKYttx85g
risu.io/	1970-01-20 23:49:42	Name: ahoy_visitor Value: 68b657d0-6a05-43e7-81e0-332d687565ad
risu.io/	1970-01-20 14:13:42	Name: ahoy_visit Value: ca01424a-686b-4631-a8e5-0fb34601ecb6
.risu.io/	1970-01-20 14:13:43	Name: __cf_bm Value: jqP6bONIYHh9A93Y4fKElXOpxdkXyaXDNrQMo4_7PJo-1692822065-0-AYBxyq6mnMBH7PNHl5Ed1InsDeecXqzcFkHkMK7nj4nZHKILOU6GQEmQAqykIFOdTlGknjJNdxfHoLI7wY3zIzU=
risu.io/	1969-12-31 23:59:59	Name: _risu_session Value: cyr7wdlwD1HXSxiyGtfdX9G5Pq4IK5pKMYEOXVHKOwMc4ZMhggCZguJamccuRRN6AysRYOJlBNqLESz1FJrXpe%2B6PK%2BF0CxaD40B9NAOB9uWI6sOyT2ijF840kswkdEfBe9%2BeEEzRYdYEpPwUX2oSOrrJT9sWhBgF62uwsFtFxVTvNjJI%2Bqu--x%2FzAim7Dl9OQXWlN--puNcpWGJ81sfdTxPi%2FaNtQ%3D%3D
risu.io/	1969-12-31 23:59:59	Name: prefers-color-scheme Value: light
.risu.io/	1970-01-20 23:35:18	Name: __gads Value: ID=ae18374c247db352-220c4658b3e300a8:T=1692822067:RT=1692822067:S=ALNI_MaEKk4uIhA2hMJSrsvb9yI4j5pJkQ
.risu.io/	1970-01-20 23:35:18	Name: __gpi Value: UID=00000d8d65dc8abe:T=1692822067:RT=1692822067:S=ALNI_MZ4PdA8513_oGWz9fFPMgN_kJq9VQ
.risu.io/	1970-01-20 23:49:42	Name: _ga_H814P3QJ03 Value: GS1.1.1692822067.1.0.1692822067.0.0.0
.risu.io/	1970-01-20 22:59:18	Name: cf_clearance Value: fOzrIdRX1TPTIuKIcE7VKiu0TRsMutRx3p53JjkePLA-1692822067-0-1-2a5e6c2d.5efbcd12.7fccc418-0.2.1692822067
.risu.io/	1970-01-20 23:49:42	Name: _ga Value: GA1.2.1151473509.1692822067
.risu.io/	1970-01-20 14:15:08	Name: _gid Value: GA1.2.733943860.1692822068
.risu.io/	1970-01-20 14:13:42	Name: _gat_UA-146086888-1 Value: 1
.aralego.com/	1970-01-20 22:59:18	Name: sspid Value: 653790b0-5c82-3304-b845-4badb4d0b387
.risu.io/	1970-01-20 23:49:42	Name: _ga_ZH634PL121 Value: GS1.2.1692822068.1.0.1692822068.60.0.0
.doubleclick.net/	1970-01-20 23:49:42	Name: IDE Value: AHWqTUkE3y0n0hZ6WxfsV6JDpyqceZbDqqwtBXB1WsJACGrwsKIGSiBJMJ3oITzGOyw
.criteo.com/	1970-01-20 23:35:18	Name: uid Value: 8b1ab1f0-3d8c-4fa9-897e-939bb30cf2f2
.everesttech.net/	1970-01-20 22:59:18	Name: everest_g_v2 Value: g_surferid~ZOZqNgAHoStBkwA4
.simpli.fi/	1970-01-20 23:00:44	Name: suid Value: 3BF35241619B480A92501412065FE32C
.adkernel.com/	1970-01-20 14:33:51	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 14:56:54	Name: ADKUID Value: A6942815729684724525
.mxptint.net/	1970-01-20 23:49:42	Name: mxpim Value: R33646_107E06B8A_C09C0D90.1.64E66A38
.acuityplatform.com/	1970-01-20 22:59:18	Name: auid Value: 817860510236
.acuityplatform.com/	1970-01-20 22:59:18	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRQkBbjmAmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUJAW45gI90aGlyZFBhcnR5VXNlcklkWkNBRVNFRURKT3ZSaFZ3dkFlT1IzN1pRQklDRfv7hnZlcnNpb27C+w=="
.quantserve.com/	1970-01-20 16:23:18	Name: d Value: EFIBCQHjKYEA
.quantserve.com/	1970-01-20 23:43:56	Name: mc Value: 64e66a37-11c69-dfcea-e7bf7
.adsrvr.org/	1970-01-20 23:00:44	Name: TDID Value: 95d71129-6ce8-4401-8b2a-06c120376e97
.yahoo.com/	1970-01-20 22:59:39	Name: A3 Value: d=AQABBDdq5mQCEEh-0XKnH94-3AwiYvze7IUFEgEBAQG752TwZAAAAAAA_eMAAA&S=AQAAAr5LGCSUp9AhnVktyrSn_Z8
.w55c.net/	1970-01-20 23:45:22	Name: wfivefivec Value: 4uf3wRtF1QyUlN5
.mookie1.com/	1970-01-20 23:42:30	Name: id Value: 10594014444350943018
.mookie1.com/	1970-01-20 23:42:30	Name: mdata Value: 1\|10594014444350943018\|1692822071239
.mookie1.com/	1970-01-20 23:42:30	Name: ov Value: d8864585f35fae30d915a949b6bc3b1c
.mathtag.com/	1970-01-20 23:39:37	Name: uuid Value: 793964e6-6a37-4b00-98e6-fc26abab0cc6
.mathtag.com/	1970-01-20 14:56:54	Name: mt_mop Value: 4:1692822071
.adform.net/	1970-01-20 14:58:20	Name: C Value: 1
fksnk.com/	1970-01-20 14:23:46	Name: AWSALBCORS Value: tZQioZBGkm/Q7q04eD9ikzQnoBuLrbUxqEAKKIZE3aR0hLC9kdXsbGszUCUPm45SxZMW/yNGSCkLQVP3v/Y98ntc+WyaIRWldQB3av0X7JvFhFgpZ5wS/aaOVI0K
.fksnk.com/	1970-01-20 16:23:18	Name: f_001 Value: B2C886522A9372DC
.fksnk.com/	1970-01-20 14:15:08	Name: g_001 Value: 1
.w55c.net/	1970-01-20 14:56:54	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 18:32:54	Name: uid Value: 4324107384750297086
.doubleclick.net/	1970-01-20 14:13:45	Name: DSID Value: NO_DATA
.e-volution.ai/	1970-01-20 14:33:51	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 14:56:54	Name: ADKUID Value: A6942815729684724525
.adform.net/	1970-01-20 15:40:06	Name: uid Value: 21069152164566616
.googleadservices.com/	1970-01-20 16:23:18	Name: ar_debug Value: 1
.c.appier.net/	1970-01-20 23:00:44	Name: _auid Value: l4I7UWEfCPOb2jSBN2rmZA
.owneriq.net/	1970-01-20 23:49:42	Name: si Value: Q7461084721435687414P
.owneriq.net/	1970-01-20 14:28:06	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 14:28:06	Name: gguuid Value: 1
.aralego.com/	1970-01-20 22:59:18	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:59:18	Name: gdpr Value: 1
.risu.io/	1970-01-20 23:35:18	Name: cto_bundle Value: AXi2pl93VkVobENFWEt5d1RIbTJURlhEQ2UybHpJNnJmWG0xcml0ckdvZFV2WWpGVEJkcTZzNExOamxKZDFoWUxVM1VWek1MMnV2bTMwb1l6RVpCYXdEYlFtdXRXZUN2MGZTcklDa1VibGxCc3hhS01SamtOR0E4RWhTUHJudyUyRlF0MENlJTJCUVFGcEp3WDYyeFUlMkZuTjNORkhrcWclM0QlM0Q
.rubiconproject.com/	1970-01-20 22:59:18	Name: khaos Value: LLO6JZIP-1S-J3NI
.adsrvr.org/	1970-01-20 23:00:44	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI5KDw45CIkjwQBRIWCgdydWJpY29uEgsI1vOe_ZCIkjwQBRgFIAIoAjILCNjhnI-niJI8EAU4AQ..
.linkedin.com/	1970-01-20 22:59:18	Name: bcookie Value: "v=2&bbe927b6-8cca-47de-88e3-9c88e809f564"
.linkedin.com/	1970-01-20 14:15:08	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2616:u=1:x=1:i=1692822074:t=1692908474:v=2:sig=AQHrcPq_NZ7cGPP0u5iONJQ3JQ2Z868D"
.amazon-adsystem.com/	1970-01-20 23:49:42	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:33:22	Name: ad-id Value: AylgOsWRxUV5nMl_Vx4YY04
.rubiconproject.com/	1970-01-20 22:59:18	Name: audit Value: 1\|ywuDZM3Kmz6kcKvAgqrQvNCwM9sxwnfbdYSMVXn+RPRz+9LtiDVAhobUFDRyUhAEjjjTINuyCpzqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-9208708170783140&fa=4&ifi=8&uci=a!8&btvi=7&xpc=uwSzjoYuf5&p=https%3A//risu.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-9208708170783140&fa=3&ifi=7&uci=a!7&btvi=6&xpc=tCVInjpe3z&p=https%3A//risu.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-9208708170783140&fa=1&ifi=6&uci=a!6&btvi=5&xpc=Fus6eAxN0h&p=https%3A//risu.io Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f488de42d30060b6c98542b416b2a23.safeframe.googlesyndication.com
38264674fc1148a6ac82d3d834810fa2.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
ads.aralego.com
ads.stickyadstv.com
ads.us.criteo.com
aep.mxptint.net
agent.aralego.com
analytics.google.com
assets.risu.io
bidder.criteo.com
c.bing.com
c1.adform.net
cat.va.us.criteo.com
cdn.aralego.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
criteo-sync.teads.tv
csm.us.criteo.net
dacc0f8b0effc3813686706f4733b864.safeframe.googlesyndication.com
dis.criteo.com
dpm.demdex.net
dsp.adkernel.com
e2109701698b8432306d571829546ef7.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
im.bluevoox.com
img.feebee.tw
jadserve.postrelease.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pm.w55c.net
pmp-beacon.apx.appier.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
r.turn.com
risu.io
rtb-csync.smartadserver.com
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssl.sitemaji.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.aralego.com
sync.crwdcntrl.net
sync.mathtag.com
sync.outbrain.com
tags.bluekai.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-east-ad-track.aralego.com
visitor.omnitagjs.com
widget.va.us.criteo.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
104.104.111.6
104.68.110.253
107.21.146.241
108.138.128.21
130.211.28.216
141.226.224.48
142.250.80.34
142.251.40.226
15.235.42.102
151.101.194.49
162.210.196.208
162.248.18.37
172.105.235.90
174.137.133.49
185.167.164.49
192.40.39.223
192.96.203.13
195.244.31.11
2001:4860:4802:38::181
202.241.208.56
207.244.102.141
23.105.12.137
23.200.198.128
23.52.160.7
23.52.163.93
23.52.164.232
2600:1f18:4e9:5a05:dd64:d7a:647:2f6e
2600:1f18:ed:550f:88b9:3302:6b1:658
2600:9000:2511:d200:1b:5138:8a40:93a1
2606:4700:20::681a:467
2606:4700:3108::ac42:2afe
2606:4700::6810:3865
2606:4700::6811:180e
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::200a
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2001
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
3.222.170.15
3.227.175.66
3.33.220.150
34.117.157.22
34.150.170.96
34.200.65.202
34.205.126.51
34.233.227.88
34.235.86.243
34.81.191.174
34.98.102.251
35.186.215.140
35.190.36.98
35.190.90.30
35.211.178.172
35.71.139.29
38.98.69.175
52.200.207.228
52.45.175.185
52.46.128.147
54.159.93.151
54.163.228.183
54.82.170.117
54.82.254.5
60.199.208.47
63.251.28.133
64.202.112.159
67.220.228.202
68.67.179.153
68.67.179.87
69.90.254.78
74.119.119.139
74.119.119.147
74.119.119.150
74.121.140.211
8.43.72.97
8.43.72.98
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4
0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82
05445776284c73caeac0256bd57d40fca075223f178b8d6ef9e20b799516b565
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc286001a0b304bb8d48548024effcd22367781c1eb3b1c5aca68c6239173ed
0f75c632392a31006b17a080947486e1141d45c0b0931b408254e6881541ab0b
0fe2a569fe3a934420bc90226306d3a8112aaf43bdd0f0d61096520b71f02d50
12a7162476d089e09dd598921455d76227425922bc338bb7cc817d4fbddbbb31
1559a5d90feda3133badfc2746da5dc5b0372a72381cda862983dedd4cc11a4c
17abedd1ec38b6794ebc9d980928eadf3471ed93062576856e92a253c1d1cd83
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
1ac4ac7f86677523bd7c860c9c82d4ee1d5e777074bbce445a298043d3c35fd0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bb9d36dd1f9d08b9494348b0af46abb1ad44aef5fd599cbf8c1b4e52f8e73a1
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
206988460897ed9d2f6a07e246da6cb1459b27d9aed8ac5864758f1fa86981b3
213c31f5eb5bbaa48d1f38eee69bb089c8c94eabe88e2b066734d518a2304919
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
255ad71b6a0ec1b2938aede24b0670bd116057201425d66353e828548bee4452
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2669eb3b6b6ea377d2b21a47d0348fb2ea74e32e2f4517255290470f70da3e15
270b3aa45700052f6f29e8c435a1276d30b815cedcce9131237dab727b15cb86
276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c
297b465b5eb03572221cffb800b1c1544433d4bb3c7a412b27f8f73a7293064e
2bc922e3abc5e83c7aefc9d0f4259fb6e4cbb833681e35257f2a35ee878ef19e
3144314285ec2bd217deb4480c087b46b36b7781adffe3b8fe1d6b0bd8549342
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
32467fad06b88e53b0c63f7c6813ab82536211826efa4e1aa25adde5b78216f2
326173cb50d28396625045b6efc00c418eba62ecaa5555731191f1558cda0e26
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1
394e4bdaea69c5e690bfbf625568b3eafcc3627a8364489f996a5615a8f6707c
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e
3eb1f96a2955fe4ae46e7d9a9fe7b516748689dd789c7c8114fbf5b88562dd54
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489
40d997bf30003412b98d2efe704a2982355afb49d5475a6316dd29d4078168a7
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4680e5298925786fb0ed4c25fb2b411ca01f04fcc24ce452e666d0509652ce2a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a0e731a7c852f0fadbdc75b0aaf9956616e4133af6eb296d5488f8283d6de85
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df7496d624a5f84680bf8a0bbe83a74d6db80e47d6aaf717901255c304dfe69
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
4f62e13208fac0c359ba40438be20df823fa84dd95f2cadec1c440f99b8c8e1d
519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df
54548cc5cb00d4c456cf95a25fbff54675ebc988fa6a3d399284eb8fa4b51981
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54dab2bedb5006b60481315c7d4a78dde034eb7b1c35f581ed895099c2892ad3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b2fee7c4f399f3758274040014063be9cfed77a00b1d61739cb7c188b33135
56a0626c8be9b03e890b2ced5c31391b7daed4170ccc191b5e4149612f9d19a3
58ecdaf936fd855b173fdbaa17efa5519ed0b29d09eb29b74f4fc9e8ce12ae7a
5a0b09e6d8f8ade649374f317abedab311184f7c2f00e79ef1877a4e31083afe
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5c9f8b5d455d212485456e05664479c766f5e9f7b24258d5d03f6a3eb67f45b4
5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663c95194c3c9bc096b798d2c52f778d6238e3a706f41e25178f835b283ea0ea
6a694012139ac989b8d93c5ca419387862741caeab980beaa39464a8f4130edf
6ad9e64df0f533f52c3d3e236e972a9bb93c6cd2afc7612c78308b987b00743b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d509917722497ec9d91004cc743ce9072177a26eef90e1321285901adcb1908
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73869b617442e19404f24ff1f22c1566fd6d8134daa8b07079a8479962235736
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
778efa64aa4be45ecdb9b2ce706f988796aa990bfaeabe6b07ab8257306d8e8a
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
7de3fdca70203a1efd21f4b7a85567eecb2ffc6882bce46491be7617e1b32882
836416f32bd9c52366ba8a62540fb3df4fcc3f83d0baf81ef2e1ba9a4e74b0da
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8af5d40ebbb0f31a26609b63dedc61a7efb25973d5a06398475eead114ef1aaa
8bc42ec99e5e025e0f1d3e723c8c147316d27888198e2a97c98ad9d88d384b6d
8ca4c98f6f87d2a2302cdb48cf16ef41220c6e773c2774eb46ab698869d1b16b
8e95cc773f9f3c3bd10680c51b097850a765ad1dbccce6808f3720e0ce344956
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94942ef19abbc0ff5ea34bf07358f3ffa47935353af549d4328dae360a5cddfd
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
95473022bfd6b1c9f466aadb3fa3358627c0b4a58c246b638da2a6e09a0790e8
96870ef0ac424244e2aae2fdab4f5ce0ecd12c420e37a2fe6ee745fabca3c4d7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfdf8980dc5a167bc4e196a81a7eeade1a569100944065c6a33eb70ae9bc0c8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a6aa47e6d3c5008cc119b6317abf89338afb4419b7c28ba2b2d29236359bf3a1
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7
a8479a6f16e08c9d11ebe35047e178c876418d065871b8458d23e959500c948d
a8d266bd73470a02cc1410aa3dd29da9d49131f729c0a22de7e0a70ca7d4e89e
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
ae79208b44891a64af6b3b02b9885bfd0356ddd5205bde12216a13b929d35673
aea4914ec35b1f1afcdf364b60f994e2e4c67aa2367771a05b143c875c0b59c4
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b31edf96ae36393ae66939551c70b53238fee7dc8973233f958dffeefd9c8426
b3b55c5b6344f234106c263de0efa62a24ba34b14e6ad944e72006b1b22b7d19
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c
b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b
b97e0256e317d8f435870a5a7487c034ac9d5defe5f23d8e3ff49b2056629752
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9c14fcedd709d77383eabf30ad01ffb98b5efcb4dacfc6afd2bdea048f8092
bc70ad2683ea006d3419de0f487b0dc733d098fe67c4c1613ab5f10d0e2459a0
be5ee38340fa7a003a15d727909a8601c5cf0502152a897e93041ba3c5aa4b9d
bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c3ea1ee0bbdfcb25504539f24fdc9090fc8b186b4e268935215ca7060cfb3d80
c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c8c30a0a9a4cde1612638ba2b1231eee1f45a0e52d7fb10e777e07f1a2d4eefe
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf67ed858ee82a8a81206202c9b0398ad42289769088da80a1d0a411b1267f12
cf6877322edcf63a86c913fd62df29368e6b068c995bf7488a56dd8b5aa3ba6d
d044d9a7cacf4246f83bcb7afd24e0d66b385ada84d09d4c3fe2ad76c0a39e60
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d51263920ae18a577246a396448ee6073b489f44d2034b7c1eb596ba13bb0af6
d88c08beef797985ca71bc9e6b44ab1ec4f1edaaf1619f3a2ad6328696b45003
d9907cf5914d7b10aa17cfd11537757d77ce2d173929ab6b27253fae0067e896
dc6251e15947a6d44e8d5591d7443d57bbe184f68721e6b2b812f663a874e649
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec5c46b919ea06d6b80a51c9391cef334e0394f53f82b866410a8a880341c59
e164230857d90f13deb487218956a42ff08d7129a903af9166970311fbccfab6
e23323fd0282189e480879d3e4b9c546b573d35d7f4cba8bde792d071cfdee4b
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6
e34f872b9151916377799200883c6497e1ad42ac957a9ff66ed134874548d630
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84
ebf18c4d17e379d9890f9b3ab26a55cc3bd83f8c4fbd63d0069f66d7443ca2f3
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ed1ce47524bed59de056bfb4f3dfe8c9fa7b152fe7ae95a4c39538c27c9258f0
ed92e7e27a928f1441bf4deafc0b48a6f092acde07e3bb0b9783aa1f3e54fe46
edcee285d53072d471a520cf4f06657c69cc9d9fa5933a225c15e889a2466a3d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb89f2bba149a69b61efdd0ac209b112281bdc0e6c66ea217ef45d88935d27b
f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647
f348fa3100d7991275fa708991b53104734de289031905b1b0278fd5f8e8461d
f38887a1f3c839356ff31c68fd8a5c544bd4137297a79c94bb427552336bf0b2
f40c1cf624ba1814521ef43989b4e31129ef1609304bee02438a75e540d8ec1e

risu.io Open in urlscan Pro 2606:4700:3108::ac42:2afe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

432 Requests

85 %HTTPS

33 %IPv6

69 Domains

103 Subdomains

75 IPs

5 Countries

5516 kBTransfer

14351 kBSize

59 Cookies

6 Outgoing links

Page URL History

Redirected requests

432 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

risu.io Open in urlscan Pro
2606:4700:3108::ac42:2afe Public Scan

Screenshot
Live screenshot

Full Image

432
Requests

85 %
HTTPS

33 %
IPv6

69
Domains

103
Subdomains

75
IPs

5
Countries

5516 kB
Transfer

14351 kB
Size

59
Cookies

432 HTTP transactions
3 data transactions