risu.io Open in urlscan Pro
2606:4700:3108::ac42:2902 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://risu.io/PJwna
Effective URL:
https://risu.io/
Submission: On August 24 via api (August 24th 2023, 2:17:11 am UTC) from US — Scanned from US

Summary HTTP 399 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 73 IPs in 9 countries across 65 domains to perform 399 HTTP transactions. The main IP is 2606:4700:3108::ac42:2902, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.

This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 23	2606:4700:310... 2606:4700:3108::ac42:2902	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:402... 2607:f8b0:4020:805::200a	15169 (GOOGLE) (GOOGLE)
8	34.98.102.251 34.98.102.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2607:f8b0:402... 2607:f8b0:4020:806::2003	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
3 17	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:402... 2607:f8b0:4020:807::2003	15169 (GOOGLE) (GOOGLE)
3	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
1 1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
14	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 10	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
4 22	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
35	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
14 22	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
16	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
8	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
4 8	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
4 8	172.104.70.67 172.104.70.67	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
1	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
4 4	2606:ae80:145... 2606:ae80:1451:14::1050	25751 (VALUECLICK) (VALUECLICK)
5 32	172.217.13.130 172.217.13.130	15169 (GOOGLE) (GOOGLE)
6 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	54.82.254.5 54.82.254.5	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 5	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	35.211.118.13 35.211.118.13	19527 (GOOGLE-2) (GOOGLE-2)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
4	34.81.191.174 34.81.191.174	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	72.247.65.83 72.247.65.83	16625 (AKAMAI-AS) (AKAMAI-AS)
8	104.126.114.69 104.126.114.69	16625 (AKAMAI-AS) (AKAMAI-AS)
3 6	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
3	207.244.102.142 207.244.102.142	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4 7	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
5 10	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
6	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
4	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a05:2fab:9535:5baf:82d1	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
4 4	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
4 6	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
9 11	35.173.111.127 35.173.111.127	14618 (AMAZON-AES) (AMAZON-AES)
3 3	3.84.175.74 3.84.175.74	14618 (AMAZON-AES) (AMAZON-AES)
2 2	15.235.42.102 15.235.42.102	16276 (OVH) (OVH)
2	104.126.112.26 104.126.112.26	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.201.146.33 52.201.146.33	14618 (AMAZON-AES) (AMAZON-AES)
2	23.105.12.173 23.105.12.173	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	72.247.69.164 72.247.69.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2 4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
2	202.241.208.57 202.241.208.57	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
2	104.126.112.185 104.126.112.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	63.251.28.233 63.251.28.233	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 4	34.201.254.73 34.201.254.73	14618 (AMAZON-AES) (AMAZON-AES)
2	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	54.236.179.17 54.236.179.17	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:1f18:ed:... 2600:1f18:ed:550e:8870:82d1:4d94:4709	14618 (AMAZON-AES) (AMAZON-AES)
2	50.16.65.194 50.16.65.194	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.202.10.239 34.202.10.239	14618 (AMAZON-AES) (AMAZON-AES)
2	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	100.25.87.174 100.25.87.174	14618 (AMAZON-AES) (AMAZON-AES)
2 4	2600:9000:246... 2600:9000:246d:200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
2 4	54.205.43.202 54.205.43.202	14618 (AMAZON-AES) (AMAZON-AES)
2	18.165.9.109 18.165.9.109	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.28.216 130.211.28.216	15169 (GOOGLE) (GOOGLE)
399	73

23 2606:4700:3108::ac42:2902 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4020:805::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.102.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.102.98.34.bc.googleusercontent.com

assets.risu.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4020:806::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4020:804::2002 (Montreal, Canada) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Fairfax, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4020:807::2004 (Montreal, Canada) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 192.96.203.13 (Manassas, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2620:100:a001::c (United States) 14 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.36.98 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.104.70.67 (Tokyo, Japan) 4 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1680-67.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1451:14::1050 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 172.217.13.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (Seattle, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.254.5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-254-5.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.118.13 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com

r.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.81.191.174 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 174.191.81.34.bc.googleusercontent.com

pmp-beacon.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.247.65.83 (New York, United States) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-65-83.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.126.114.69 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-114-69.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.119.119.147 (United States) 3 redirects

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.244.102.142 (Annandale, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

us-east-ad-track.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 8.43.72.98 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

f894384d37fc5b93a5175da651041d2a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fc01e27960353dff309e337bc043693e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
97a2460711f7e17c8d36d1d6f2900aaf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b62c4a85cdbf818abc7677d0e6144a55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 8.43.72.97 (United States) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a05:2fab:9535:5baf:82d1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.137 (New York, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.155 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.173.111.127 (Ashburn, United States) 9 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-111-127.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.84.175.74 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-84-175-74.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.235.42.102 (Victoria, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-001.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.112.26 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.146.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-146-33.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.105.12.173 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.69.164 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-69-164.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.22.214 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.233 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.201.254.73 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-254-73.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.236.179.17 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-179-17.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:ed:550e:8870:82d1:4d94:4709 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.65.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-65-194.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.10.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-10-239.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.25.87.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-87-174.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:246d:200:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fsa-api.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.205.43.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-43-202.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.9.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-9-109.pit50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.28.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.28.211.130.bc.googleusercontent.com

img.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 f894384d37fc5b93a5175da651041d2a.safeframe.googlesyndication.com fc01e27960353dff309e337bc043693e.safeframe.googlesyndication.com 97a2460711f7e17c8d36d1d6f2900aaf.safeframe.googlesyndication.com b62c4a85cdbf818abc7677d0e6144a55.safeframe.googlesyndication.com	681 KB
61	criteo.com 17 redirects gum.criteo.com — Cisco Umbrella Rank: 435 bidder.criteo.com — Cisco Umbrella Rank: 784 mug.criteo.com — Cisco Umbrella Rank: 2707 cat.va.us.criteo.com — Cisco Umbrella Rank: 2781 ads.us.criteo.com — Cisco Umbrella Rank: 2725 widget.va.us.criteo.com — Cisco Umbrella Rank: 5684 dis.criteo.com — Cisco Umbrella Rank: 626	144 KB
48	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210	755 KB
39	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 csm.us.criteo.net — Cisco Umbrella Rank: 2806	579 KB
31	risu.io 4 redirects risu.io assets.risu.io	1 MB
29	rubiconproject.com 13 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1075 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 617 pixel.rubiconproject.com — Cisco Umbrella Rank: 364	55 KB
26	aralego.com 5 redirects agent.aralego.com — Cisco Umbrella Rank: 259922 ads.aralego.com — Cisco Umbrella Rank: 39006 sync.aralego.com — Cisco Umbrella Rank: 2755 us-east-ad-track.aralego.com	20 KB
20	appier.net 8 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 49608 gocm.c.appier.net — Cisco Umbrella Rank: 2451 pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 361845	10 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	772 KB
14	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14741	205 KB
11	mediawallahscript.com 9 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 2828	7 KB
11	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 166	4 KB
10	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 secure.adnxs.com — Cisco Umbrella Rank: 465	7 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120 www.googleadservices.com — Cisco Umbrella Rank: 150	600 B
6	liadm.com 4 redirects i.liadm.com — Cisco Umbrella Rank: 637 i6.liadm.com — Cisco Umbrella Rank: 2040	3 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 320 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071	4 KB
6	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 352 r.bidswitch.net — Cisco Umbrella Rank: 6585	3 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 360	3 KB
6	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1551	70 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458 ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	1 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	4 KB
4	feebee.tw img.feebee.tw — Cisco Umbrella Rank: 289743 fsa-api.feebee.tw — Cisco Umbrella Rank: 248974	62 KB
4	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	3 KB
4	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 783	2 KB
4	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 688	2 KB
4	casalemedia.com 2 redirects r.casalemedia.com — Cisco Umbrella Rank: 1623	3 KB
4	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 391	1 KB
4	dotomi.com 4 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	2 KB
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 89702 ssl.sitemaji.com — Cisco Umbrella Rank: 236857	28 KB
3	crwdcntrl.net 3 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 803	1 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5239	978 B
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 489	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	170 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	211 KB
2	agkn.com aa.agkn.com — Cisco Umbrella Rank: 532	1 KB
2	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2351
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797	1005 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 765	574 B
2	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1201	1 KB
2	bing.com c.bing.com — Cisco Umbrella Rank: 236	976 B
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1279	2 KB
2	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 3261	377 B
2	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 548	1 KB
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 646	1 KB
2	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 897	521 B
2	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1122	2 KB
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2419	554 B
2	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1498	459 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 681	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 562	558 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 660	2 KB
2	rqtrk.eu 2 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3294	659 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 357	821 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 597	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	5 KB
1	feebee.com.tw fsa-api.feebee.com.tw — Cisco Umbrella Rank: 248973	5 KB
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 13661	520 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2580	552 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	877 B
1	de17a.com d5p.de17a.com — Cisco Umbrella Rank: 4837	125 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6414	552 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 4925	610 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 798	463 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
399	65

	Domain	Requested by
35	static.criteo.net	agent.aralego.com static.criteo.net ads.aralego.com risu.io cat.va.us.criteo.com
29	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
29	pagead2.googlesyndication.com	risu.io pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
23	risu.io	4 redirects risu.io assets.risu.io static.cloudflareinsights.com
22	gum.criteo.com	14 redirects static.criteo.net
20	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
16	bidder.criteo.com	static.criteo.net
14	cdn.aralego.net	agent.aralego.com risu.io ads.aralego.com
14	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
12	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
12	ads.aralego.com	4 redirects agent.aralego.com ads.aralego.com
11	partner.mediawallahscript.com	9 redirects
10	pixel.rubiconproject.com	5 redirects risu.io widget.va.us.criteo.com
10	sync.aralego.com	ads.aralego.com eus.rubiconproject.com
10	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
10	www.gstatic.com	www.recaptcha.net www.gstatic.com googleads.g.doubleclick.net
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com
8	gocm.c.appier.net	4 redirects risu.io ad2.apx.appier.net
8	ad2.apx.appier.net	4 redirects risu.io
8	mug.criteo.com
8	assets.risu.io	risu.io assets.risu.io
7	token.rubiconproject.com	4 redirects eus.rubiconproject.com
7	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
6	secure.adnxs.com	4 redirects
6	cat.va.us.criteo.com	3 redirects risu.io
6	match.adsrvr.org	6 redirects
6	www.googleadservices.com
6	www.recaptcha.net	risu.io www.gstatic.com www.recaptcha.net
5	x.bidswitch.net	3 redirects risu.io widget.va.us.criteo.com
5	fonts.googleapis.com	risu.io assets.risu.io googleads.g.doubleclick.net
4	dpm.demdex.net	2 redirects
4	s.ad.smaato.net	2 redirects
4	i.liadm.com	4 redirects
4	ad.360yield.com	2 redirects
4	r.casalemedia.com	2 redirects
4	ups.analytics.yahoo.com	2 redirects
4	eb2.3lift.com	2 redirects
4	ib.adnxs.com	4 redirects
4	dis.criteo.com
4	csm.us.criteo.net	risu.io
4	secure-assets.rubiconproject.com	4 redirects
4	pmp-beacon.apx.appier.net	ad2.apx.appier.net
4	dclk-match.dotomi.com	4 redirects
3	img.feebee.tw	ad.sitemaji.com
3	sync.crwdcntrl.net	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	us-east-ad-track.aralego.com
3	ads.us.criteo.com	risu.io
3	an.yandex.ru	2 redirects
3	pixel.tapad.com	3 redirects
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ad.sitemaji.com	assets.risu.io risu.io ad.sitemaji.com
3	www.googletagmanager.com	risu.io www.googletagmanager.com www.google-analytics.com
2	aa.agkn.com
2	trends.revcontent.com	risu.io widget.va.us.criteo.com
2	simage2.pubmatic.com	risu.io widget.va.us.criteo.com
2	sync.outbrain.com	risu.io widget.va.us.criteo.com
2	jadserve.postrelease.com	risu.io widget.va.us.criteo.com
2	c.bing.com	risu.io widget.va.us.criteo.com
2	exchange.mediavine.com	risu.io widget.va.us.criteo.com
2	i6.liadm.com
2	matching.ivitrack.com	risu.io widget.va.us.criteo.com
2	ads.stickyadstv.com	risu.io widget.va.us.criteo.com
2	tags.bluekai.com
2	visitor.omnitagjs.com	risu.io widget.va.us.criteo.com
2	tg.socdm.com	risu.io widget.va.us.criteo.com
2	criteo-sync.teads.tv	risu.io widget.va.us.criteo.com
2	sync-t1.taboola.com	risu.io widget.va.us.criteo.com
2	rtb-csync.smartadserver.com	risu.io widget.va.us.criteo.com
2	match.sharethrough.com	risu.io widget.va.us.criteo.com
2	contextual.media.net	risu.io widget.va.us.criteo.com
2	ws.rqtrk.eu	2 redirects
2	widget.va.us.criteo.com	risu.io
2	px.ads.linkedin.com	1 redirects
2	c1.adform.net	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
1	fsa-api.feebee.tw
1	cdnjs.cloudflare.com	ad.sitemaji.com
1	fsa-api.feebee.com.tw	ad.sitemaji.com
1	ssl.sitemaji.com	ad.sitemaji.com
1	b62c4a85cdbf818abc7677d0e6144a55.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	97a2460711f7e17c8d36d1d6f2900aaf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fc01e27960353dff309e337bc043693e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f894384d37fc5b93a5175da651041d2a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	im.bluevoox.com	1 redirects
1	r.bidswitch.net	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	sync.mathtag.com	1 redirects
1	d5p.de17a.com	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	fksnk.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	analytics.google.com	www.googletagmanager.com
1	agent.aralego.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	risu.io
399	99

This site contains links to these domains. Also see Links.

Domain
docs.risu.io
pqina.nl
lin.ee
m.me
docs.google.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-26` - `2024-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
assets.risu.io GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
misc.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-30` - `2023-12-30`	a year	crt.sh
pmp-beacon.apx.appier.net GTS CA 1P5	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.c.appier.net GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2023-10-13`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-09` - `2023-11-07`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
itm.ivitrack.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh

This page contains 71 frames:

Primary Page: https://risu.io/
Frame ID: 5A644511453A4839C767C916730E1B93
Requests: 56 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 3FECB894E62B18B37167A09435BFE308
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html
Frame ID: 772B5C4A28DADB580A380120FCCC527D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692879418&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843417647&bpp=6&bdt=590&idt=341&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3894616484192&frm=20&pv=2&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=372
Frame ID: C13098E925ACDAE0CED7E1F04568D427
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kxzqs8pwx5b
Frame ID: 198958B2E8776C89FBF86A8906115B89
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=d7y7seprtw6
Frame ID: E03FF6B11F84BB7D8DE85952EBF46E7F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA4E4D43EF802BDB6A592CEDF597C763
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 836780DF87B45325A6978ED9F695AE9B
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 597F3C3F4605320A686EB80A98DC0EF7
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: C2271BFB37583EC1F0D507C296B65757
Requests: 5 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 30B0F02CC922FA0AC237AC1B4695ED09
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=7&bdt=1873&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0&nras=2&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2LZytTLT7t&p=https%3A//risu.io&dtd=19
Frame ID: F9813DD614561215A3360AA629C21273
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=1&bdt=1872&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280&nras=3&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LGk4alTwhU&p=https%3A//risu.io&dtd=27
Frame ID: E50D627D6071507F1D68E1470E4CDFD5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=1&bdt=1872&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Xyc0wF0Xqc&p=https%3A//risu.io&dtd=33
Frame ID: C14CC2C18B119A18F0216544D4C59147
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=3&bdt=1872&idt=3&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=iMF0VtJDzJ&p=https%3A//risu.io&dtd=39
Frame ID: 525459A1362252D8E7787733BEE51E29
Requests: 13 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 1868BE978E6B6529F60A8A5FAA91A2F8
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: CD2F37EF70CA006EA229346B1708058B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 74DD882D5840F83C3052EF4BCF131C1D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C5C963EA0C6B61A5FC3A3F0F711EB7B8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: FE8C609DA55A1F4A879035532E7ED415
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: A7A0859D813DAED0FDA06566D0F957CD
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 6EDFAB4AFF40D7715B38B6D3C58B8D16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C0027753B78F4BAB2158BFA01C490EAC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BC4A36C9E1CD54C76BDB98CB6D8A513
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: 7E7C4776BC79726DF1ADA86B7A7B802A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16689A2B06FF1CAF0B774480614FBADD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: 4EDAC2295542FD3BD6DB577B75D82476
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Frame ID: 5EDD7391F70AD1531883E6013F344D2A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: A16C8DF54DBC9CE1A5F3371DF3F8880B
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 506A7FC18598FE6F39635612CC49DA03
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 4AA22DC1AFF01E426DA0AA23E71BA3FC
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: EA6B54C7A79D7103ED0C5E208CEC4DB8
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: AF00A4347083696C9549FEDEB5A8B282
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 0F7E0770BC8329974A352EDE55E39862
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 0F7EAE6555A7610056783110BF2BBA14
Requests: 11 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: B64ED4474A86758CE222B051EEADD53D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F905963C2B3AA74C273CC5FA95C4484E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 968E809AB6E3A2309CDB6E5024F1AB6D
Requests: 4 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: A88FD57A6431BC5CF102E0D7BB93A713
Requests: 4 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 3BEE2D59583FFF08F7EB8AA5CE00734E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: B8E30E24C7D91B950422B16F06364F8B
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: C60A1494B8334D42D91A2D5F9BC615BE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 3CD37945658BEF340E4C98AD840DDDD6
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 8671E5583A55F72DB9A36546E4843F78
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUx7cYYNKc5mwzDfYx65qtWjArTqY6bmTLSkpZ3_y8vGT1Va94pgyY_us8ZTnzqL3zP5GjH5b__1j9UkaAYwFn1kOU37eGfn22WBnufDswq964cQKFlxEzR0dNlHg-ipJEx0n8SliFVkRnDMYceUhvvFpUL8y48YfwEtzoRxU-30J2b5LBb1_y6Gn83an-RdOD0di7qf6pSkgFroZ8oUZ_bRVx44r9bRE0lVAUOo33iXCytWa2NMctU9SDasC-DDmeUc-BN80optpYdL5khZeAA7etqVEvNlCGKKSXHV1ey3xhzgey32rE4np8MCXvsn63404_kJlOlRwXeEcsVyVxn627maMxwwt3W3RNmSvZhlHUC33vWZuc9MfS_EanNWj6v6QHU_ZgDH_VS3sOr5eAo8KPu2ouIdMk3pJbj-4TeQgisopkbdWRSAHMJKpl0jqU9qN0sOnko-WCFB4gS8vMSUi37yhI2Vsq8OTYHNXJXL43CeN5Gld5CKRSo8-Kxzv7aCa0uRapU-iZVoXJ-pXaMGxValljZ3jo
Frame ID: D1F24D17DDCD34AF618431BA0C74B45A
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBVKP1PRFIccJXzKY339pAlAXen2T_QFjHOk1-CkWvbhykypN23y2zTTD7Ad9snJ2nS312zpN0Xp_NtTfjJhEAx2bcCAZgTa0UWDu-52Xh5eLRWE5LGXhA_vfsvHl3QJilSEEMVIzF_jnRtxDFKj46nnJAeVIQ3UyU1lWPgaPTS9ZJb-NHQtNZrm5df2yg80oIafljhB4L9skwF6hfXarBr_esgTDoK9lkJ3PamHjJwf8CYnyhwzENKtE88x3Nz_XyReuyhiFz-YeqIiO2D7kgYUCBYJ4t0q8HBX25MDW0uZRQvd_dA69jXcTFWbYjoGs5vKsWPNItE6D_ZUbOXHr5CjmYzlDKrE7tijpU83bBT1snEoOjZ8JUGtJDEam4ieNnYGqUaXf1zH57Nn_tB4Kzs30tLqm2xpU5n8Q55a5I-98W5aSXoP9NGxzM9ivESrYEvwzRwM9_SV4TGQTuceHgaxTwmaoTKjQ1uh_c5JG2Oe02aQsnbzAiyvuaenVPa7KR1aaqCYJ3IBXbsbd3MWhoOThGPrD-Na1fcgeKjbzs4HjA
Frame ID: 5BAC6058A47355C0AF2F3CA38A98BE46
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F2C3476F83EB69864E8A0288F14D57B2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 1622D339AF63689831507910BD6B3205
Requests: 3 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: BA7B18C997CCD0A4B09D2737200F7FC8
Requests: 9 HTTP requests in this frame

Frame: https://f894384d37fc5b93a5175da651041d2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: C281300458418D9433E3A42B073B9875
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUOiHrFqQVxi_LOUdeaDeNCiNIe8rTKRY5yUHTaWk_zt0JMErpX9OI2URWGnZ5UR0hoPVkRmUj1JN4A8GkBNBv8xcuIhdpLfCITaMPTzQV46AQNWgTQ6oDKUdU_skJxzOAIXWXvTXvlbnftdHn8qc1Z7KBdiYpT5WL6zNsrJ8SXMD4arjcWIqmreUempnDKqmUwG3tQJ7r3ok5liGTwvJpDxOVeUlxZ79FED6r5fHh-txl6U90sZs81sjg-nkYzQHryVUzNtBBLJF31WtMwWgId6-XL7OZfMJGTSyK2uAjz4i2gkfQzWIyQ9ExtVB2ifMCrMc2Y2KJ-v1AthEzl2wjSUosVQixhnUiZqemDhGoQLovgc6P9b0ZAF0MscWEciqxoNwKJ1rKsrhf2yJaYYJ63ZtOnFtIiqJiMtK98xReY96snxeamGmz4PsLRT2ojfpKkU-Dl8okzCGUHAnRIlb7PvihRIT1saOuaU0LcrIbVENZlPcgsQBMnHI1i_Osie3B1WtzFlH9CbiMA9T28gXLL1RqpKcHEMWy0t_eCYEsOyA
Frame ID: 70C9F6ED89AD558DA16C8320B177A181
Requests: 1 HTTP requests in this frame

Frame: https://fc01e27960353dff309e337bc043693e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: EDB66BF9DA674A5B5E31CB9AFBED458D
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9d8de7d01f1a13a91371d95a45&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Frame ID: 61E5F71334F89D5CEFCAF5BB48876D0A
Requests: 1 HTTP requests in this frame

Frame: https://csm.us.criteo.net/all?cppv=3&cpp=xJ18QOPaLlMiPHPDDi2yAnyV759WawNTfzNWtrGlBvD6q-vNwScYvP_M-iVbmSDaCyo30csZsz0WNS8XZ5GQO73PUe9l3vzwPiLqkEtwPcHEqDCVO0eXpBvxjcMUNjwoQJcgrFu9SK5sw4O__ZUczWa1oUVUckDiwcrdPYYEslZ8RSJsdhSNinyV-4P-zR_VwrW4OZIrYtR6dgBLzkZwoqIks-q5f_SxxKSE0SayVF8I4G1EUZIJMQ_vCvg&sds=2&rev=88100&sendBeacon=true
Frame ID: DC0A8DBBC65C85D93949CD1CD8EC1484
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: D224FB130F38B98E09B0AE6BB0C6B871
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/flash/icon/privacy_small.svg
Frame ID: 93C7B99F74EEDDE526CB2E5DA23A57DC
Requests: 9 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Frame ID: 7A8D513DD0BFC4352AB04F30B003EDCB
Requests: 1 HTTP requests in this frame

Frame: https://97a2460711f7e17c8d36d1d6f2900aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: ABFA9B0FC15D69996B69E6AABFF2A3CB
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/flash/icon/privacy_small.svg
Frame ID: 1397AB21BA47134B6F05C33D702D3D10
Requests: 9 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0
Frame ID: D8F47A201BC5C705B2D25EC78C516B68
Requests: 30 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0
Frame ID: E7BF27DC383E6F2358AA91C16CE4BC1B
Requests: 30 HTTP requests in this frame

Frame: https://b62c4a85cdbf818abc7677d0e6144a55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 0ECFA47ECDACD074D492AC17E1D00088
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ECC9496E967D2B1A1F1C93F31C7402DA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9441D7CC1AA93135FC22FA19B4ABEDB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 74E80EE43FD43CB0D7907F3CEC1545B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4558ADF571412C794DB44AC5E66A4889
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37B6C450BFDC19A76CCA5DA5AB09195E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA1D477A4CDEE06D0CE3464B2107362D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B420F47E04B9C58C6275C13469340992
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FADAA15CCDFD19D711AFF71BFAB0DC9
Requests: 2 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: D8726BD6D37EB969744FC9B57BBE7B3D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

短網址。行銷。分析 - Risu.io

Page URL History Show full URLs

http://risu.io/PJwna HTTP 301
https://risu.io/PJwna HTTP 302
https://risu.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

399
Requests

82 %
HTTPS

34 %
IPv6

65
Domains

99
Subdomains

73
IPs

9
Countries

5189 kB
Transfer

12662 kB
Size

102
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.risu.io/xiao-ji-qiao-tooltip/guan-li-hou-tai/duan-wang-zhi-pian
Title: 教學

Search URL Search Domain Scan URL

URL: https://pqina.nl/
Title: Powered by PQINA

Search URL Search Domain Scan URL

URL: https://lin.ee/oFUOKCP

Search URL Search Domain Scan URL

URL: https://m.me/risuiotw
Title: 聯絡我們

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSedWw6hNYi6Xg_VPatPmsfe7DOKPGg3ijSOvZuWu38FefIMCw/viewform?emailAddress=
Title: 問題回報

Search URL Search Domain Scan URL

URL: https://www.facebook.com/risuiotw
Title: 粉絲專頁

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://risu.io/PJwna HTTP 301
https://risu.io/PJwna HTTP 302
https://risu.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 25

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 51

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 100

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=GoauynxxMUpLdkFXRU51bW1nQkZYQ2ZnRHlDSjlmR0dTN2ZtN3dVQ2QzcEtBTU1NdFhOTmkyUFhyazY1TTJYTVc4K0VmNlJXdFozMHRHc2ZVdHl1dmhiQXFIM2xiSTFkblRmYTlnUjlINmt5Y3lUVVllU2U5YmFLV3NXRHVhdjJOZG9jVUc2SHB6V2IvUjlzVk5YVU5UTFB6QVNUb2xxUTdDdStvWG9uTjl2aHRTdzRvSUhkYklXaDlHK1FadnYxbEYxdXF3c3puUzVDaVhPaG9QMkNwSGU3MFU5a084aDNna3BrUnBsajRBaHhWS2pnS0dmMTJDZ2h4ZS9TKzU1WWpOWDBScldwVzREbjllT0JsNUFWSldpN2sydz09fA&cppv=2

Request Chain 103

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=V4K69vlXD52AEEo8nL3mZA&id=ida4mlvgiastit93r

Request Chain 104

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ECWC_-iDD1e-0qHnnL3mZA&id=ida4mlvgiastit93r

Request Chain 117

https://googleads.g.doubleclick.net/pagead/adview?ai=CuVQrmr3mZP60B72hiM0PsPuuwAyt39SVcZ-f2t6yEcSEhZ4LEAEgjofejwFgye6Oi8CkjBCgAbe-l-ECyAEDqQIUmvZJaqh4PqgDAcgDyQSqBLEBT9CVMahHfgm5d6SCbeHG2XSzApPVZ8ekmXFsXVnFZg9PTH583m6A-BbBQQrCdjDj2TjH2Z7Czd92rlAlmuVCmzImML8r1rnXJy5w6vOYBtsM3TS3vspbj6dyM5vuzu8Qq3oFGjNY8m5bHAUH_IYAp0HiPCIlu-rvyH1SEvaPOgwgq_LJMCuXrqVeqlsYHA0Nxndv3hyGDr1tCeylaW6coWdnUV_x2-q4O1yqh2vq-sgnwASP28CnrQSIBamAosZLkgUECAQYAZIFBAgFGASgBgOAB4XwtX-oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxC8TdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgl1aHR0cHM6Ly93d3cuYWxmYWxhdmFsLmNvbS9wcm9kdWN0cy9oZWF0LXRyYW5zZmVyL3BsYXRlLWhlYXQtZXhjaGFuZ2Vycy9icmF6ZWQtcGxhdGUtaGVhdC1leGNoYW5nZXJzL2JyYXplZC1leHBhbnNpb24vgAoByAsB2gwQCgoQkNW43-OmwrcZEgIBA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi05MjA4NzA4MTcwNzgzMTQwGAA&sigh=z9PiDrl-Hng&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWOUSu4ZJcPpTPDx-YAzlWTFQcDdLAvxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfce19c97832d0d420000000000000000%22,%222%22:%220xfd8db10552e770640000000000000000%22,%223%22:%220x7d275f9c13ed4f170000000000000000%22,%224%22:%220x6e89764480a2b64a0000000000000000%22,%225%22:%220xb3490621eadceb100000000000000000%22},%22debug_key%22:%227837735135395470291%22,%22debug_reporting%22:true,%22destination%22:%22https://alfalaval.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22740679479%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229116675993458155761%22}&andc=true

Request Chain 139

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=wZYlJ19VQW51RHF0RTlmR20wVWd5alFnZE4wVWdwMUdmTHk5SUJxVXJoMlJWZnJUa2tlQ2ZnbE8lMkZNRnhLN04yJTJCQzV6WXhXYktDaklSQUVOd3RFNFpGVnA5b2NGMGZLaiUyRllPR2FHMFpnd2Y3MkRRUDdLUEtFMHNFUDNxNGVKY25QeiUyRmRhTGtmS0VCbEo0RHVQMEclMkJ0VmlacXhBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3M2dYHxSR2FtdEhsN0RMa1BVRk1VMm0vaHM2UUE4ZVFQTER3OWJZUUpRUGk5WW56RWtaeENtNi9Jdnd2WHNyZFprdmM3elhPZ2k2MHd6QVJwVy90YWxyQmdSVHJMZDhzczhBQTRCNVVXazhwNWlkdXlBNjRncHZOWkIyeUo1YW9tTXdhUkFScFNuV2pleXR3WHphK3hEZW5yd1grSytrL1d2UC9kRHZSRERqT1NPemwzNGZqNytZOG9CdTd4dk9CUWw1Vk5tdGZPRFNtdnFsV2JZeWpWblZTd2FHd0V3bDNxNys0VHBDOG1CY0REbHl3b0VBQ0pXaC9KN3ZQdHgraVlTdWZXTmYxSC9nWS9TQmw4NkVzS3MzeVJVdz09fA&cppv=2

Request Chain 140

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=wZYlJ19VQW51RHF0RTlmR20wVWd5alFnZE4wVWdwMUdmTHk5SUJxVXJoMlJWZnJUa2tlQ2ZnbE8lMkZNRnhLN04yJTJCQzV6WXhXYktDaklSQUVOd3RFNFpGVnA5b2NGMGZLaiUyRllPR2FHMFpnd2Y3MkRRUDdLUEtFMHNFUDNxNGVKY25QeiUyRmRhTGtmS0VCbEo0RHVQMEclMkJ0VmlacXhBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=X2POT3xnQzZLYWJDM0pzcEJqbm83a0VwK0NMNTNaS01BdTZyLzFCa2dxTEpBY0cvVkk0ODVOb1RPNTZIVmYrUWhTSVc4Y1RUYlByMGt1M1BKNThKTnZ3NDFzamxMOVU1a24zQ0NEb2k4V0ZyZEU1ME9pQUJvZERQeE1MOEk0YlV2OHZERDlkTzdUS0dvbE95U0pDa2QxOG00b3IrMFlZYXBiZENpbm9Jc2MwcW5hS0xMM2ZqZFB1b2RvTHJ3dnVqZ3U3QkZhNVErb0VVU0dqUFlTdUpiNjlKVTM1bXNQZnZjODMwNEFWWm4yVzhHM2t6UkFscUh0Zmx6T09Qd2ZpUnVBVjFjdi9QSVA0aGNXSjJxcElJL29FcFFFQT09fA&cppv=2

Request Chain 141

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=wZYlJ19VQW51RHF0RTlmR20wVWd5alFnZE4wVWdwMUdmTHk5SUJxVXJoMlJWZnJUa2tlQ2ZnbE8lMkZNRnhLN04yJTJCQzV6WXhXYktDaklSQUVOd3RFNFpGVnA5b2NGMGZLaiUyRllPR2FHMFpnd2Y3MkRRUDdLUEtFMHNFUDNxNGVKY25QeiUyRmRhTGtmS0VCbEo0RHVQMEclMkJ0VmlacXhBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5oFpwnxMeUUxNGx2Slhjbkk5bE9HWVJTSWlIbjUrR3g2ZDd6bDJ0YU9HeExPZGgvc2ppMmNJQkFxR3JzRCtQWmtYREtTTndBQ1lMSnNNMXQ1MTVhbXV0S0JublhWUWJMNmdJYmU4WVdZTFdKN1JsMnNKV05UWkp0VHZ0S1BkN081YkdWb0dqdTV1RXdwdFRWcnNTRm1JRnVtZnlzOWR1R05WOWllNjRpRE9RaVJTb1hLYjlwWXdsWStNeGNEUVdTc2dHR1I2Wk12SjRqUStQM2N4UUZFVHpQWnFKUGFnWG9KNGQvbVViSXZDajRTNkVpVUdCZTZhbWpaVFFLS0FzblIxelhlT2k3RGo1Y0gwUFVJellJZkNWN3R4QT09fA&cppv=2

Request Chain 144

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJkLqNnWYRbsEbm9leR5yaI&google_cver=1&google_push=AXcoOmT3OAztaf2Jgj9OxIaNqMp1auyS-sLGcA55elRF5JSH0_DcMS9RiHjIZjjVTwlfG9T3SCEtMnq7D3Jk_RMKuidTCWg6lAnI HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=54b1a8f0c1e4143c&is_secure=true&networkId=14000&version=1&google_gid=CAESEJkLqNnWYRbsEbm9leR5yaI&google_cver=1&google_push=AXcoOmT3OAztaf2Jgj9OxIaNqMp1auyS-sLGcA55elRF5JSH0_DcMS9RiHjIZjjVTwlfG9T3SCEtMnq7D3Jk_RMKuidTCWg6lAnI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIsifrVhCrMAMsIw5xAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEJkLqNnWYRbsEbm9leR5yaI&google_push=AXcoOmT3OAztaf2Jgj9OxIaNqMp1auyS-sLGcA55elRF5JSH0_DcMS9RiHjIZjjVTwlfG9T3SCEtMnq7D3Jk_RMKuidTCWg6lAnI

Request Chain 145

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPabMHtu2jFULQvmqDuZA28&google_cver=1&google_push=AXcoOmSB3vmSVQakHmAMOq_fNeyERchb6w9aLX8p0FMd1Lvkn9QS7rzD65dHG7iThKLD65kaSxF2DaMKrEj9KEOjD-a5Fgo-B15i0g HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPabMHtu2jFULQvmqDuZA28&google_cver=1&google_push=AXcoOmSB3vmSVQakHmAMOq_fNeyERchb6w9aLX8p0FMd1Lvkn9QS7rzD65dHG7iThKLD65kaSxF2DaMKrEj9KEOjD-a5Fgo-B15i0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YThhNjdhYTMtNmMzZS00MTUzLWJhZDEtNmE4MzFlMzE2Y2Qx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1

Request Chain 146

https://fksnk.com/cs/google?google_gid=CAESENLWocZ_ZdVLZnXgobNM2YA&google_cver=1&google_push=AXcoOmQJXwvjrLu6ko-tgoh1DzaRye6JlnGK1QvjQdj2JrmauIhZ16JmIgJQoHo65uNcjlfrGCd1LyMDpCGko2SEIIWtecL-Bz_F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkNBNEQzNDc5RDcyREE2OQ==

Request Chain 147

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFVuiPcWnsdjGxqH5DYbNP8&google_cver=1&google_push=AXcoOmTZ6AMD-dXV2GVdsA9ObROHTDv2VbdbqE63mVGTTLaiCxu1reR1khzKxYsk2HnYxCZQPlLhvZ3B1nd2lGA8yFthhZ76l0fV HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMEqgnk1TaWpnXAruyp0ag2&google_push=AXcoOmTZ6AMD-dXV2GVdsA9ObROHTDv2VbdbqE63mVGTTLaiCxu1reR1khzKxYsk2HnYxCZQPlLhvZ3B1nd2lGA8yFthhZ76l0fV

Request Chain 149

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIOONn7x1WCEG_AGDgKzhzM&google_cver=1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0vSw3eCQ5Qu0ROfFEkJS4y9nEbOw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIOONn7x1WCEG_AGDgKzhzM&google_cver=1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0vSw3eCQ5Qu0ROfFEkJS4y9nEbOw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ5MzI1Mjg5MDM4ODE1MTI1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0vSw3eCQ5Qu0ROfFEkJS4y9nEbOw

Request Chain 151

https://googleads.g.doubleclick.net/pagead/adview?ai=CkKfPm73mZKapBKuUiM0Pq6iLcLfKlIhyjPKa978RnpeYzcoBEAEgjofejwFgye6Oi8CkjBCgAdDZypYDyAEBqAMByAPLBKoEugFP0HPWX_p7zlMWY4N5ULJNEWxtQuNKOxueK7D27t5we1hgOxl5taKVjE9rVQs0wvkwQu5nKEh0fD8es3S9c08uUqhfmu7JCtK5VbrE05HUWJv2MvfVFyHVva4-aBYuKIOSvQUN0mEGVpuoi336v2DKHGARn7i4HjbFbojcsNRaAbQN1N0E7-KZFG7IibXDtaFdEuBttFnxypMihYHY2F7eBBjGaN63iW4CGqkJNhdjICk0466G0Z1pGjrABMGd45WoBIgFkvruxUuSBQQIBBgBkgUECAUYBIAHnpzPkQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDOStIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgl2aHR0cHM6Ly9pbmZvLnNlZWtkZXB0LmNvbS9jLzFWblBFOFJkM1FkTktSa0I_c3JjPWdkJmFkaWQ9NjYyNzQ3NTUwNDU3JnE9a3clMjBlbnRpdHklMjAwOHc5JTIwZiZwdWI9cmlzdS5pbyZrdz17YWR0ZXh0fYAKAcgLAdoMEQoLEMDft4ebwaTEjQESAgED2BMM0BUBgBcBshccChoIABIUcHViLTkyMDg3MDgxNzA3ODMxNDAYAA&sigh=tf0znE8xIdY&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWZeOz14X4yI7JiyZkSVJgDsGW6Y7KlCYuli4eblqGUcNK0oaD3nHhphWjJ0-z6XSecFm1etThGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa50db3ae8a4803460000000000000000%22,%222%22:%220x3cfe68eaa1e8b97f0000000000000000%22,%223%22:%220xe05d347cda6645b10000000000000000%22,%224%22:%220x46335fcac74862ff0000000000000000%22,%225%22:%220x2d7e126247a359a40000000000000000%22},%22debug_key%22:%2213585378855886013831%22,%22debug_reporting%22:true,%22destination%22:%22https://seekdept.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22852667600%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216993215107389628689%22}&andc=true

Request Chain 152

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU08&google_cver=1&google_push=AXcoOmTrSjTgbtBp3YX98oM3SYNei5BlvZgyWZTZFDurfGN5TWQdLycHOH5ml8OLjDou20ftBNIDVMKq6dMvIseolVPiZ6bsx4TmOA HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6bcf93d440d8187a&is_secure=true&networkId=14000&version=1&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU08&google_cver=1&google_push=AXcoOmTrSjTgbtBp3YX98oM3SYNei5BlvZgyWZTZFDurfGN5TWQdLycHOH5ml8OLjDou20ftBNIDVMKq6dMvIseolVPiZ6bsx4TmOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIvHV0OPaL_QNf-XVDAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU08&google_push=AXcoOmTrSjTgbtBp3YX98oM3SYNei5BlvZgyWZTZFDurfGN5TWQdLycHOH5ml8OLjDou20ftBNIDVMKq6dMvIseolVPiZ6bsx4TmOA

Request Chain 153

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED7mrqiatA8ELj6NP5AVZFY&google_cver=1&google_push=AXcoOmSloCTCk2hW4GEikvNRYPjFMtHe3quZkjO9hyA__FP4MwLp5-OZjCkd5XuvtT_0HCfTZNU9nPS1KrPPSFFrLKVVwIwJFfiAvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSloCTCk2hW4GEikvNRYPjFMtHe3quZkjO9hyA__FP4MwLp5-OZjCkd5XuvtT_0HCfTZNU9nPS1KrPPSFFrLKVVwIwJFfiAvA

Request Chain 154

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFVnShQ_KpNjjrPf4CWo61E&google_cver=1&google_push=AXcoOmRxSc4SDPYUwYOO083Y16MpyeIoJXNUmS4tk0i4F5oKFoT0Ei62vaeWwMVgJR-3gwYXIObofl7l4-07t8OVHiMOYRNvS1uwpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxSc4SDPYUwYOO083Y16MpyeIoJXNUmS4tk0i4F5oKFoT0Ei62vaeWwMVgJR-3gwYXIObofl7l4-07t8OVHiMOYRNvS1uwpw

Request Chain 155

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEF35btYpba4g1fv-9s_tXGA&google_cver=1&google_push=AXcoOmTp17Cdo_05goLJS4IxIci9th5dsaeNDlV1CaCKnWai3a0Hkdc1p5W2l3CsmQML_0Dp3xU-JxKvrbg6aQmbSwKj8wwhAenSpg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTp17Cdo_05goLJS4IxIci9th5dsaeNDlV1CaCKnWai3a0Hkdc1p5W2l3CsmQML_0Dp3xU-JxKvrbg6aQmbSwKj8wwhAenSpg

Request Chain 156

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB-uac5r_ErmzJNebDDsXWM&google_cver=1&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU8uitKfb7iP9I6S HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB-uac5r_ErmzJNebDDsXWM&google_cver=1&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU8uitKfb7iP9I6S HTTP 302
https://r.bidswitch.net/sync?bidswitch_ssp_id=google&bsw_custom_parameter=38d46868-8128-44ea-9bc1-752e59c6589b HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=38d46868-8128-44ea-9bc1-752e59c6589b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dgoogle%26bsw_param%3D38d46868-8128-44ea-9bc1-752e59c6589b HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=38d46868-8128-44ea-9bc1-752e59c6589b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dgoogle%26bsw_param%3D38d46868-8128-44ea-9bc1-752e59c6589b HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4cd65fc5-3f36-43eb-b839-4ce8c9e8899f%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dgoogle%252526bsw_param%25253D38d46868-8128-44ea-9bc1-752e59c6589b%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&ttd_puid=4cd65fc5-3f36-43eb-b839-4ce8c9e8899f%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dgoogle%2526bsw_param%253D38d46868-8128-44ea-9bc1-752e59c6589b%2C HTTP 302
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=google&bsw_param=38d46868-8128-44ea-9bc1-752e59c6589b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU8uitKfb7iP9I6S&google_hm=ONRoaIEoROqbwXUuWcZYmw==

Request Chain 157

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED2RkRkcriQxHQd-EBdCCg0&google_cver=1&google_push=AXcoOmR6BFZBhkxVtWEu9VK2TKhK3HtZOvRR8ZudrE_wu_B4JSrR3TO0E5PyPMFdEOrFuWtHMD_h4CSkzPPifWv1f44MTHJgJSHR5P0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmR6BFZBhkxVtWEu9VK2TKhK3HtZOvRR8ZudrE_wu_B4JSrR3TO0E5PyPMFdEOrFuWtHMD_h4CSkzPPifWv1f44MTHJgJSHR5P0&google_hm=QlMuODNmMy1hYzM2LTQ3YjAtYTBhNw==

Request Chain 158

https://an.yandex.ru/mapuid/google/CAESEEVX9InTN4tqutWNwm-_DCk?ext-param=AXcoOmS3MtwpQy0kchI3NWbbfJ5MprnMcDIYTq04A9Gjx9fXU1TlV_JcJKFB76U2hX3e-Djm_TteqCh_-jox9lEjXw68Eh6-iri1lA&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEEVX9InTN4tqutWNwm-_DCk?redir-setuniq=1&ext-param=AXcoOmS3MtwpQy0kchI3NWbbfJ5MprnMcDIYTq04A9Gjx9fXU1TlV_JcJKFB76U2hX3e-Djm_TteqCh_-jox9lEjXw68Eh6-iri1lA&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEVX9InTN4tqutWNwm-_DCk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://googleads.g.doubleclick.net/pagead/adview?ai=CGhvom73mZNHVA7-ZiM0P66GVqA_kpc3BcuC13LbNEZOsqJ7jPhABII6H3o8BYMnujovApIwQoAGItd7cKcgBCagDAcgDywSqBLsBT9BwQBKiE5zcqykCpnoencxav7MC9x9fAZOWPIiGd9znAqoYKhTwGf9vXBakmR2FrXOcDYQ4c0A0w-SLbEh5gMVABogTi6PZQx7LtK29Yx1mkxnOklg2jYjkZ9OtjvSw0AHuc8gQs9yRqLctzWjSAW2Wd4b4MWVHpRatOq95-glrD6wHe0bSawx2tmnVJCi-_nsYbwC3GWXMuAwVWdfpZ-XxqcN3eH-Nu37vLtlfJGiyhKnfgMz7l7OW1cAE-6mR57oEiAXnmd-cTJIFBAgEGAGSBQQIBRgEoAYugAfFlsHNBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEPNB0ggUCIBhEAEYHzICigI6AoBASL39wTqaCWtodHRwczovL3N0LXBjLmtpbmdzZ3JvdXBnYW1lcy5jb20vbGFuZGluZy03Lmh0bWw_bXM9Z29vZ2xlJnV0bV9jYW1wYWlnbj0yMDQ2MTM3NDY5NSZ1dG1fbWVkaXVtPTE1MzIyNDUwMDQ3NYAKAcgLAdoMEQoLELCGiMaG66GzlgESAgEDuBPkA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi05MjA4NzA4MTcwNzgzMTQwGAA&sigh=7QrPqJgd0aE&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWFzbxi0EQK26EkJ7SGzYpx48d2j7y-2M8sLPrDZeejstoD3oYeE6rOQxM9_JvTL15Q8rWyUhBGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x336b65d6c6447a530000000000000000%22,%222%22:%220x2f21a96dcf21e0510000000000000000%22,%223%22:%220x2e901e11bff190fd0000000000000000%22,%224%22:%220xe9603b7cab18bc4f0000000000000000%22,%225%22:%220xd046e1a41c0f298a0000000000000000%22},%22debug_key%22:%222501574575160686010%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200338568%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229891532229549883345%22}&andc=true

Request Chain 171

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r

Request Chain 173

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 177

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 180

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 191

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 195

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 199

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 203

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 214

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=0yhlDV9VQW51RHF0RTlmR20wVWd5alFnZE4zYUJMcCUyRkhpRjZ0bkxTRVNmN2s0V0xXSE9wa2wwaWRPTWExb1hsellWVW1DZG5MaGhUVjZUQmlZTWVzUmR6QklQU21XUnhwNTF6c1FudjVwVkhHVVROT1o2YUdSS2pUY2d0UjJnZSUyRkVoamFaeGhjSDYzSkM5ZnVSdnFoNTNGJTJCUEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5E_Uynw2UjNDRTdqbVE0OXQwWUdKTjc4MWoyUUc4bU1SVWFSNVhsa2pGdG9pNExXaEtTckhab1IzQTFPamhab1J0ak93aVRQR3F6OGxmeUhUdEhLbFo1bDZpRWZUWlVtUEd4em53c3REWG9ydHQ0M2NQZXdIamd5TXZmV3J0K2NlUXpTN0ZxY0syU2QvUXRpNWh0VmtZQktrWkFrMWcvSitpRTE5dXg1UWEzZDRLMW5QL2FaVjBkRXl1SzdKdmhaZ3hieURwOGxYbWdGbzBGblBMNVpQV21mTUhxcDkvRzF5TmRLVHIraXE5Y3VMNUdzVEdZK0FSK3pqSE00K0xXNEFyMS9uMEFnUTQ2YkFhRU1OclQ3dVdaSXBiQT09fA&cppv=2

Request Chain 215

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=0yhlDV9VQW51RHF0RTlmR20wVWd5alFnZE4zYUJMcCUyRkhpRjZ0bkxTRVNmN2s0V0xXSE9wa2wwaWRPTWExb1hsellWVW1DZG5MaGhUVjZUQmlZTWVzUmR6QklQU21XUnhwNTF6c1FudjVwVkhHVVROT1o2YUdSS2pUY2d0UjJnZSUyRkVoamFaeGhjSDYzSkM5ZnVSdnFoNTNGJTJCUEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=c5PQZXx6VEs2ZUpTcUdub3kzQnd4NzBOQWJ3MTlBdTZ4U0FnODI3Y2JpU29BMWdTYjFuTHpCN0Q3cVovRW9ia3NxaG5FS2d6YjMrUHVKZ01pL1FlMGRxYzBwaGtaY2N5SjNzVzlUK1U2RTBYNHlKbWdtYm1SWHBSTTRHUTkyWUZtTm8rZWRpSGV2MURQbWE2dW15U0Y2algrZG9ZbWhMaC9tZ3RKaUg1d3NnNm4rYktoM0NlQzY2NlpadGp5UDhMeXExVVNzMTk0SVBJVDhNeUlpZGVzNExaM0lhZnpsRkN6aDFOZm11N21COXoxTEhBZFhCNE5semkySWNkZG1KTVlML2l0OFpCVllUZGRxS1UralkyZVhRQzFNZz09fA&cppv=2

Request Chain 218

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=0yhlDV9VQW51RHF0RTlmR20wVWd5alFnZE4zYUJMcCUyRkhpRjZ0bkxTRVNmN2s0V0xXSE9wa2wwaWRPTWExb1hsellWVW1DZG5MaGhUVjZUQmlZTWVzUmR6QklQU21XUnhwNTF6c1FudjVwVkhHVVROT1o2YUdSS2pUY2d0UjJnZSUyRkVoamFaeGhjSDYzSkM5ZnVSdnFoNTNGJTJCUEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=q6TzwnwxcW1mdmhDd3V6TzlYUUhtUDJSR00wV3hQdUFIc2lpbDZYYUc4aWl5eXhJK3JaTHdJU1JRWi9YSXMyOFA2WE9KQ0VPYWpxUnF4N1NPbzRzZnRuTGk4RlduWE0zN3NaSGZnR3BDTUFQYjNnNGw2VzBTZEIxRkM0b09JM1IydmszTEJrUjRXQzV0bUluQzJrWFQrRG12QjBKQ1hMZUY5T3crR0pLZDgvZWY4Tml1TzhVRTkzSEJBSTQwaVM1L1BEaW9WeVgwNWhaZm5FN0NiU2lSaVdPVE9NQlFhVTdldGV5SHFSZGhmSzd0SnRSMjEzUXdwdDNOcW9nVHRoeldUZEF0YlYxeWVQMGhKbTVqUGY2Zzc0cWJJZz09fA&cppv=2

Request Chain 219

https://cat.va.us.criteo.com/tpd?dd=tNPjJV9Vc2VyNjZ1dDlXaHN5WDVIVkhoenk1ZiUyQmRBdXZYOXp0alBsOWZ0dDJib1E5d2F5dUVPdmNTcWtBMDgyWTllOXAlMkZLT2R6aGFiMzVrMEVzdk5nbG56TXl0Y3JGS1Y2cVpUMzhaY2lzTVdSNGNtdjhYJTJCWUl5dEJRZiUyRlVlWUFCTWs1NWYxRlljb1BwUE1UVTRQa0duTmdwNVJMcjlRS3RlemcxRWdFQ0tpQTBVaUdVbHlNR09XRDgxUU5IeFd6JTJCb25Cb3AyTWc1QnpkSXpkOGFDdzJWM1dYZEt4Mmp3aXU3bjhtd09WUThRWUlZZEdHYXIxSkx1ZzJXd0NhSko3M09sUWRCN3Y5Tm1GVTlQNjlDOSUyRnYyMWRZY0luZUV2cVRUN0ExMllaekQyU0dhQVMlMkIyd3YlMkZVNCUyQiUyRmZHJTJGamN5Sjh0dFhicmoySFVwUmxxOUZqVVRuR0RDJTJCbEpSRUh2VyUyRnZWOUxaQXdGUlB6Q1BSb1MlMkJNVXF0OEhuNDFET3FaRWRDY2JTYkxmZjFya2NlM2tVJTJGV1luNWMlMkJwOTJmWmdOalBtSWV5ZUJtZ2lGOU9tJTJCUVl2eUZOSmQ0RVYlMkI4ZldJNSUyQllIVFhLRWVFOFlzWHNVN1pzekZLRWVxWnQ3Y2xpUjhoQkN6eSUyRlA2WXdKN2dtNkxIJTJCVGlqcTJpTWtTYkNuJTJCSnY0MGREZVJ5Z2pNTjdqT3dWeTVHZ0F4M3hFZk9sRTc2YXJPQzlyMSUyRmlnR2JyTkk0eTBHbXlaWVVGdzJnaVduYTh1aG5jOE1tU1JBQyUyRnJNMEklMkZnJTJCMCUyQiUyRkJVU0k1MWQzakY5TDc2c0tTUktmTHR3a0pYemw3ZFRLUWhpMW13UTFpQVFlQnBKVzZ1VnVLc2lvdWdGd3NZY3lENFpEaDV6cTBJd0x3OFdKYXJPZUhUV0d0Q3Q0cTF5QkhzeVplWlVnQXR5QTBHT1NuNm43QUd4T0xMeDM2RjRucHJSV2R5cE5raVVzQjVGUnlCTGdwS1FoZ2xYYmtUQjhxOVY5c0Q2NUJFTXRWMTVTZ0ZmMnhya09yd2JVMWxGaHB2elBHRUZZZUhtbnc3M2doMVRtNHJPdWFqakx4cnlzJTJGQUs2VTBqamlheDJxRXI0SGtvQ21udGRZTmFES3VSb01UTVhVQVNwc3QxRFc5WTJxMFhnd2dnQSUyQnk4WWhuaVo0bGJKTGpucDFGRksxJTJCQTdlNFMycmkzcDhRd3YyVjNBbm16UEpiSmElMkY4eVVWUmlnTHNpWmNiaVN3dUF1cHFtbWVJdkdvdEx4QjUxUE1GRFJaVjJMNlFzdG9ENU9OMTg1SVdlN1JOZzMyS25UJTJGckJza1oweUI1bUxWc2N5SFhmcGlqMiUyQngzQ09GaHBKMmxtM3A4cjBVRlpsWEpuRmZSTExYQ2Y1JTJCOTRMSUJiWklRREZoQWdTVTlkS1Ywdmdna1owZ2Z3Qk9LcDB6NHklMkJnYWd4azk5RDQwSmF4R2hCeDhqRTQxWWJlcWlJblRBQ3g5JTJGSGE4MG9oZ2UlMkJNc3lHUiUyRnB2eUhCWDl3WWhVaGptVFFuNWFVVGpzWnpqemNEa1pNUkN0Q0dDN0JXeEI3NjR1T0hwN1RLRmxPaGJGajREeiUyRnQ5TEp6YXJFTm9NZ1FHcEdOYVhsSXdHYWN4JTJGNkw1JTJGNXg0TERCYmFGQVlnMzFpSGpVUE5DblljMUpiU0dEWW93VmdWdG5HeHgwcWN5eFRoWlkyckszVkg5VjJpaHBKTWtJSHI4Q21VSFNoJTJGc29zeWViUGhheHM4eXF2V1Q2MERNcyUyRiUyRkRpTnlLdG45WWR6c1NBRTFKUDhmdENkaTR3blg1SThZdThzSDAza0hFVWREQVYzcXZFNk5nYkFvVkdZN1hUdmJCYVdod2R5NFo0OUZmMXNxWmdWN1ROaGJxQm5xNFpEUE1DcXY4JTJGN3JJU0piU2V6Q2wlMkZMJTJCa09sTDZ6MmtCc0N1TDF2cUFXYnBMQ1FWNThKQUthJTJCQ2xwbkpRZ1dCSnVSUnMxSCUyRnYlMkJjdjhGRTIlMkY3N3U3TDN3ciUyQjZVJTNE HTTP 302
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUx7cYYNKc5mwzDfYx65qtWjArTqY6bmTLSkpZ3_y8vGT1Va94pgyY_us8ZTnzqL3zP5GjH5b__1j9UkaAYwFn1kOU37eGfn22WBnufDswq964cQKFlxEzR0dNlHg-ipJEx0n8SliFVkRnDMYceUhvvFpUL8y48YfwEtzoRxU-30J2b5LBb1_y6Gn83an-RdOD0di7qf6pSkgFroZ8oUZ_bRVx44r9bRE0lVAUOo33iXCytWa2NMctU9SDasC-DDmeUc-BN80optpYdL5khZeAA7etqVEvNlCGKKSXHV1ey3xhzgey32rE4np8MCXvsn63404_kJlOlRwXeEcsVyVxn627maMxwwt3W3RNmSvZhlHUC33vWZuc9MfS_EanNWj6v6QHU_ZgDH_VS3sOr5eAo8KPu2ouIdMk3pJbj-4TeQgisopkbdWRSAHMJKpl0jqU9qN0sOnko-WCFB4gS8vMSUi37yhI2Vsq8OTYHNXJXL43CeN5Gld5CKRSo8-Kxzv7aCa0uRapU-iZVoXJ-pXaMGxValljZ3jo

Request Chain 221

https://cat.va.us.criteo.com/tpd?dd=RaVV4F9qaWpGWU9SMVZEeVJ3ZDg4UGhJenluUmtjalR5Sll5T3hIdTBPbWVSNGMwTnZsWGQyalR3JTJGcnp0Ykhmb1cyaTFxNExla0RTTWZUS3ltaW1sWERSbHJOUUJEejQlMkJSS0d3ZFlmU2JmMlR4eVhLTE9XS0QlMkI4SjFpTnBNQ0luTzJ3OW9ieWolMkZLVFNuWlk3RGVsMkdNQiUyRkYlMkJhZFpDSVcxUVhwQ0liQ1h1UHdiejVMcSUyQm51T2FISDRaOEhDWTNWSDROeDdwWEZPbXAwOTA2JTJGN0xEJTJCa0VFOWloaGlXM0FCbkZhRU93OXg0M1YlMkJIem9rYjZpd0VwcUFETkJHd2RSVWZqYm5heTdzZHpsRXdFU1pZUzIyaGhOWTVrRG40V1BXUGFzMUQ5blhsaFZZdjM3emEzS2FvSE04JTJCN0hrTnF2SjFmSnJHWkclMkZXakZlU0hJUjJqVWhocVFhek92dWRLbnRRcyUyQlc1a2hoUE5NUUcwam4zSnY2b2RjcWo5eWpHMTYzUnpnWTZvWjJzRGtTMWZnSEFPeFo3alA3ZEcwcUYyc3U2WDE0aUNpNngzMmtPTDNCM0ZHdlFlJTJCSFBJS21sWVNVZXpLMmZwRjNmaWpGZHhmYyUyQk9Ndm16UnBiZ3p2RDRxN3BNTHoyblJLeHVwYjBtYkNvRWpsTGVRZFRmUlFrc0kyMG1BYk1JTHFUcnY2TyUyRmFZb0RDSEtQM1RUUkc2UDd1UmpuZUp0VUdBNFEyYjlRU3B3NnFPZmY0RWgwN0lzcEhRbmVRNjVHU3NWSHVheUR1Nk1aWnBkTGk2U2clMkIlMkZxZmxxMUNmT08zVWk5dmVOVTBDTHpsbG90Z1VoSzlvRTRYYjBmckNtUUJ4cmhvd1V6aU5xUlZwRFRlSzl4c3FBS3lvMUlUN3BGcXRURkpaTzVhWXl3QjhiMmZXMDQydmxmTGg2MjI2NmM4ODBPWUN2OTlpJTJCeU1RUllzeVdhTVk3eVN0biUyRnY1bEV5WldVaDFEbkVJbXlRd0M5Qnlxbk1qJTJGSUg4M1Z0bGpuQ25vRW9pc3Y0eXV4Skg2M1VxSG5ZMmhaR29aM2I5anpkNDVNQzBsWFVjRWdKRG1QUlVZV2dYU3ZnS1ZqTyUyRlR2SXFlYjFpTGtTZ2psU2VlQmRIYlNpWFFLZ2huUnpmdEtidHhlUk1nVUJHZ3V2bFdRdlolMkJmdWhNcFlYd0YyeUVIYVVlb0RCMFg3bmpndFFOJTJGUjNhenQ3SVczVjFRVk1YJTJCRDhxWENBNTRGOW1BWjhOSDZ0JTJGQ0plMFc5a3YlMkZOZkVKMFlEa3Z3VWx2aTRHN0xLS3FlNWVQYTBDaFBrN0JXbVg3TGUlMkJnMXBmTUN3cmNNRG42YVBkZXhmTHg5biUyQkZ2cGpHbDJVUEZWQWJKWjUwNXlSekQzJTJGZ29GRFg0dzhaT0c2eFVLSGthc0xWMHpQcmEyTTMwVGpweTNnaG5tTEJsY1hIczdrNSUyRklUcTNWMWR2TmRrcklvdFdyQVlEMmhac0dEWmJadmZuSDBwc05UaU1UTUJnbDlQeGxMMUxDTWxLV0dDVkZhdXNsMEhBVDgxRHBHcCUyRmxVWlFZRFhtUVU1WjVXeHVNRjdpcExoeEV6YnlDZ3lIYyUyRmg0ZUhieTFrVGpuYllJdW9pTFElMkZLRlZKZ3g3ek5UJTJCQVRQTTdoZlNiTm95YVh3OGNaUllHenlOdHRvYUJuUU9WViUyRmdOMXJWUE5nVWcxVUkzZFJucCUyQmlFaER0VCUyQjJGbjhTS2ZMRlI2T1BGOTQzcEljQjQxZ0w2THpNMTgwQlhCWTlVc1RWUUZXaEhNWGIlMkJFT0x3c3Q4V0trUmtlbGFGaDBFWiUyRk5ZdkthQiUyQlRIMFdOSjU3RVBYTnpQNUNsSkglMkZkbmVXTGVrR0dhdjUlMkYwZmlHeXJHYURxaml3dmRZMktkd2R5azV5Z0lqcjh2R0Z6UVQ5OUFGUzVhcFhPeXAlMkZSQ0FmVXA4RiUyRndxVjU5YzFpJTJGQWxJWU1vYXlQU2k0NFZxM0ozUHZxSCUyRjVnWkNUbnI2cHVpSzV6eEF3JTNE HTTP 302
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBVKP1PRFIccJXzKY339pAlAXen2T_QFjHOk1-CkWvbhykypN23y2zTTD7Ad9snJ2nS312zpN0Xp_NtTfjJhEAx2bcCAZgTa0UWDu-52Xh5eLRWE5LGXhA_vfsvHl3QJilSEEMVIzF_jnRtxDFKj46nnJAeVIQ3UyU1lWPgaPTS9ZJb-NHQtNZrm5df2yg80oIafljhB4L9skwF6hfXarBr_esgTDoK9lkJ3PamHjJwf8CYnyhwzENKtE88x3Nz_XyReuyhiFz-YeqIiO2D7kgYUCBYJ4t0q8HBX25MDW0uZRQvd_dA69jXcTFWbYjoGs5vKsWPNItE6D_ZUbOXHr5CjmYzlDKrE7tijpU83bBT1snEoOjZ8JUGtJDEam4ieNnYGqUaXf1zH57Nn_tB4Kzs30tLqm2xpU5n8Q55a5I-98W5aSXoP9NGxzM9ivESrYEvwzRwM9_SV4TGQTuceHgaxTwmaoTKjQ1uh_c5JG2Oe02aQsnbzAiyvuaenVPa7KR1aaqCYJ3IBXbsbd3MWhoOThGPrD-Na1fcgeKjbzs4HjA

Request Chain 236

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 244

https://cat.va.us.criteo.com/tpd?dd=4x3e9F8wQmg0TWNDRU1OWnlhdm1YeGVmZ3RhJTJGbWo4dyUyRkJWT1BXZkI0ZXh3QnVQcE1QU2VKZnNKV3NXOFUlMkJyOThvUUd1VGp4bVAyUzhwZHcxMk5CZ3hsY0l2aUljRE1JT1JzeklGeG1Zd3hrcHpDY1NZT2hPSmhaMlhUY3dMWXNQR05wNkRwd2tFalFNNTY4c1pPRm4yUTR3b3MxZiUyQlpyellMNjF4NEpEY3pzTW8zaiUyRjZnVjVMc3BYTmVPcSUyRkhFYiUyQnVHOG1tJTJCMTRXejNZTXM0eWdRek54dm5CWGI2V0xuRiUyQmdISjF0YnQ2cmRwTWxGb3BWeVNEUXE5eUIlMkZoSTZOckpPcFFvb3FGQVhLaUpKc09CJTJGNUs3SzdnWkFQeDg1dFJ2UUhLMDJocVAyTCUyRjd1SUJ0M2U1V0ptWmJVOTRJTERHN1VCeGNQYlZqalBTWUJUb2s4MEJTdGZEaGUlMkJLJTJGZ3dvOGRzbSUyRmxHelVHbFFvZWQ3UTBBZiUyRjFGODRKWElNUnJKR2lXVndpMkJZUkZPdEdoSiUyQjlveHcwOTY5NlZUMVoxMjhobVdyV1pkVEE2Vk1CJTJGdkhTOWQ4alZTVVJVWXhuVzJCJTJGU1hNa2tHcDNHUXdZVDR3bHhNU3clMkJBbTJzdWRVSHZ6cyUyRlY2Z3ZGZEclMkJYNGElMkZEb2lUMERKNTNwcFNhTnZHcUdvZWlBM1E1QnNpSjBHMlpVJTJGaWxibGlDNGN0eTYzU1ElMkZ0THdJU2wxOTJITzlna0ltWmllWXI0UWx3YXclMkJ4VFloMjlidDRFcTBmQmNOQmJHWnpqY3BxWVpKaEZtck9kUzJ4bVNTN0ZleUlsdzRmYSUyRkhqM1RXcmd3aExJNVFDMlpFNEJmV1M2S3olMkI3a0FjdWt0SzJXV0FIanlhT0wyNlB1Qkg2UElLWGtGNGNyMFE2c1FIZiUyRkhKJTJGcHVFSnRzb3Y3MzdXV2ROMiUyQm1jeUE0emRzMGVvUVNlSHZqSmxsQk1IbjVmVVBLaUkwZXBZQUpNdWdWM1h2SnhHd2VuMUQlMkIlMkZmSGxrZmlFQUgyUmhNTWQyUXJwampqbkpIRHN3Sm5sQkpPbyUyRmFsJTJCeThTVHVJbUllQmFGV0hBUmNQbXV5enZaa3gxZlJsbzJPNSUyQjZWTCUyQk5Cd2REZzVidVZudWN4dEpkMU80MDJGU1hjTHBUb09sQjFVakZkUyUyQlVuNTclMkY2TmJwQlRBd2U3WGluT25hYUVvMXF3UDIwUHcxcWgyMlVWdWdQd1olMkJUWmNEWnRJMlJxNjFxMFBCcyUyQkZha1lER25tWiUyRm9tSTJwWE5RemYlMkI5R2F3Q2hQOTBZQ25nanh5NEZnd2R0NCUyRmJmODR2OGlKNHRFRlE0VVhVTFElMkZlZGhKT1FiN0dCVXA5N2RYUnpUd2pZTHUwYWh4TDlsVUpnaHRrMlMzelZseEY5JTJGNXJHU3NreEtJdGdrUSUyQmRKWSUyQkRubXIwRm4wMjlTOFdRQiUyRkFETzNjeTVrNzBCQkJqSkRzbXF2c0NSa0QlMkZkZFkyak1LYlR5QmlMdG9QbXFvc1ZsdksyJTJGQnNSRVh1NSUyQiUyRnJKd2pJUFRLY3AlMkZRUEFtSVlrUGFQeW4wb1dlSEJod3RBTmtnT0p3QzNkUUJEeEd1aDNBMTNnT2VxUk1oQ2tUOFRBUHhIUHE5ZklzSGdFU2JxT3pndkpzUTk2REVoNThrcU1ZOXJEVTJxVmFpdjNCJTJCN2pjRlVlc3FQRjcwUDNWdmI1VFFaNnpQSTdGQ1FLbzJTUVhZNVNZUkVvbTRUT04lMkJLTWluZ3ZnQ2Z5Z1B1VDNKJTJCVDVEbkF5MGY2aU10WG9Wd1JVUiUyQlpLaEpBT1ZxWFRQWFlSZ2pGWjVYR0ljWXk3YnJlSTB2V1YlMkZKZmpRMGNNYjBPR3Y1cjg3cnZqd2ZsV0p4bXBqeVM3NmVKSVh1WjIlMkY2a1VBcHdqWWRjWUd1VDVXRTlpOWEwenZMJTJGWFBOZSUyRm42M1pzSjgwYkVIQTNYZmI1ZVZUSm8lMkZSa2NKcVpDSkRCZ3RaSnFoaUpVZ2d1Q2lRaWRkUmUxZXhEQ01sYU0lM0Q HTTP 302
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUOiHrFqQVxi_LOUdeaDeNCiNIe8rTKRY5yUHTaWk_zt0JMErpX9OI2URWGnZ5UR0hoPVkRmUj1JN4A8GkBNBv8xcuIhdpLfCITaMPTzQV46AQNWgTQ6oDKUdU_skJxzOAIXWXvTXvlbnftdHn8qc1Z7KBdiYpT5WL6zNsrJ8SXMD4arjcWIqmreUempnDKqmUwG3tQJ7r3ok5liGTwvJpDxOVeUlxZ79FED6r5fHh-txl6U90sZs81sjg-nkYzQHryVUzNtBBLJF31WtMwWgId6-XL7OZfMJGTSyK2uAjz4i2gkfQzWIyQ9ExtVB2ifMCrMc2Y2KJ-v1AthEzl2wjSUosVQixhnUiZqemDhGoQLovgc6P9b0ZAF0MscWEciqxoNwKJ1rKsrhf2yJaYYJ63ZtOnFtIiqJiMtK98xReY96snxeamGmz4PsLRT2ojfpKkU-Dl8okzCGUHAnRIlb7PvihRIT1saOuaU0LcrIbVENZlPcgsQBMnHI1i_Osie3B1WtzFlH9CbiMA9T28gXLL1RqpKcHEMWy0t_eCYEsOyA

Request Chain 246

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLOJ9JVE-X-BNW3 HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT

Request Chain 261

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLOJ9JW4-S-MBJT HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT

Request Chain 287

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=2slzIl9VQW51RHF0RTlmR20wVWd5alFnZE56MVh1Y3BLa1owcFdIcmFBTUJiUWpjd3JxcVVOS3FVVkZuTmxLaE9mSTh1ZnlybktuQVhNeHFjZlNTNHJIRzglMkYzNnhXa0lzMHdPdHJlSGp3dDFZcDM0UzJjSmZ5Uzl3Q00xZk8xSVUlMkJUVU1CSXZPUGFBV2tIOGp6am9DZzVjQ253JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=DevO5nxOSDJuSU9XamlDYXFPS0FKa0V2WUM0eWJST1pFd3JBdng0SGVqNUIrcXZIV01HMlVEZVN3b1JvSjFlWXIrb1pzbWRDZFcwNGtiM1FiSmpWdWFBY3BVNmc4YmNxbGVrQWZGMTRzY0x2MW91NlRKdStwQzU0YXdFeFhxRGN2MHpYRGtXdDdyYUsvT2pXb0JDVnR5VWJHeExwV3EzeklzVHc3aWVycVZRQklsbVdzWUhmNlR0V1pwWUN0OW03REFVOFNzb1gzNmpDVW8raDNza1R1cFM1eXZ4SVJDM3paamg2WEtIbUl1Y0F6UGpKZFo4enVZOGJEWnpjcUZMcnNCbmxBRzZjOTQ4NTRHUmNQUXpoWmpFcnF6dz09fA&cppv=2

Request Chain 288

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLOJ9JW4-S-MBJT

Request Chain 289

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ4ODBlNTA4YjY4NjEwMTVhOTQ4YTEzNzVhOTU1YWMwODdjMjFhNg

Request Chain 290

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/UivKMy1eZ5jIf8l-iZGbew?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dFgitLxE2oJ8RKKb_HMqjb40VTIfOBLAwDw60g--~A

Request Chain 291

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ggZdoKuLSDiFI7r3d7yZKQ&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ggZdoKuLSDiFI7r3d7yZKQ

Request Chain 292

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7pB2ckxsS3GAxT8Gqjfhcg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7pB2ckxsS3GAxT8Gqjfhcg

Request Chain 293

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExPSjlKVzQtUy1NQkpU HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNtRSdSlPoflOdNmHkknX8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPSjlKVzQtUy1NQkpU&google_push=

Request Chain 294

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&gdpr=0&gdpr_consent=&expires=30

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIke3NlEc03af6j2A3C0NTk&google_cver=1

Request Chain 298

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_cm&google_hm=ay1ZRFJiZ24tR0lZenJvV01uY3A1cXFjWTJtcTZTM05ROVNYQmw0QQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0

Request Chain 300

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166

Request Chain 301

https://secure.adnxs.com/setuid?entity=52&code=k-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg

Request Chain 302

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&custom=&tag_format=img&tag_action=sync&custom=&cb=9e31b3b9-24b9-4b0c-b6ff-3d3c12d4601e HTTP 302
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=9e31b3b9-24b9-4b0c-b6ff-3d3c12d4601e&final=true&reqid=4fe2bee0-4224-11ee-b7a3-599cdb20cd85&timestamp=2023-08-24T02%3A17%3A02.158Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4661587944605638166&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=31bcfaf0b9a03328ebdbf3ab752b2658&tag_format=img&tag_action=sync&cb=265944069 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a&cb=1692843422739&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1692843422739 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3de69c50-b115-4aa5-a41a-674288992633&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422739

Request Chain 309

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 310

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true

Request Chain 313

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=iIQyS2fNO6iLtNflQxrP0uVQNS0r5sc9

Request Chain 314

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1

Request Chain 316

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg

Request Chain 318

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA&_li_chk=true&previous_uuid=3d1a96eb52524753be77a2bc36137a01 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA

Request Chain 325

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1

Request Chain 326

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_cm&google_hm=ay1ZRFJiZ24tR0lZenJvV01uY3A1cXFjWTJtcTZTM05ROVNYQmw0QQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0

Request Chain 328

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166

Request Chain 329

https://secure.adnxs.com/setuid?entity=52&code=k-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg

Request Chain 336

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 337

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true

Request Chain 340

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=bPiur-7EBFLAigZGtws3BKxq4HRo3zZS

Request Chain 341

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1

Request Chain 343

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg

Request Chain 345

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA&_li_chk=true&previous_uuid=57bee0a3adb24be9be19045edb1e4c3c HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA

Request Chain 352

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1

Request Chain 353

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&custom=&tag_format=img&tag_action=sync&custom=&cb=ae70413e-f4e5-4744-8f5c-2fe8a2e9d546 HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4661587944605638166&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=31bcfaf0b9a03328ebdbf3ab752b2658&tag_format=img&tag_action=sync&cb=606939038 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a&cb=1692843422778&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1692843422778 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=cacad3bd-f621-47ef-997a-208a2855e066&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422778

Request Chain 369

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gdc0S2iaBm38U-7OSsivjUvWK5dJz3o7 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gdc0S2iaBm38U-7OSsivjUvWK5dJz3o7

Request Chain 370

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=E1cXw-JyHYHqeOAB19-xWgDTinQ-Sf5a HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E1cXw-JyHYHqeOAB19-xWgDTinQ-Sf5a

Request Chain 381

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KK2NP574lX53nKasxgDNEtzv0wLDocHi

Request Chain 382

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Orj9Mq0YabCPZbsvEjrjtn4_MRozYX3W

399 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
risu.io/
Redirect Chain

http://risu.io/PJwna
https://risu.io/PJwna
https://risu.io/

13 KB
5 KB

837ms
836ms

Document
text/html

2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e0ea189f792930700c1367a71ad87b7ec7e781be75f34586628b67ce49d9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fb818979cda4bd5-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 24 Aug 2023 02:16:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 5569ea77-e7a7-4e27-8374-eeec12547fce
x-runtime: 0.028681
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fb818922cbb4bd5-BUF
content-type: text/html; charset=utf-8
date: Thu, 24 Aug 2023 02:16:56 GMT
location: https://risu.io/
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e533ea7a-9cf1-405b-8196-a0a62643dc23
x-runtime: 0.043306
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 5 KB
970 B 165ms
68ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 01:08:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
708 B 166ms
69ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 02:16:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 application-025be2bd.css
assets.risu.io/packs/css/layouts/ 528 KB
67 KB 117ms
25ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:05 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 52
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68120

GET
H2 200 header-419e5bb6.css
assets.risu.io/packs/css/commons/ 226 B
227 B 143ms
51ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/commons/header-419e5bb6.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:05 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 52
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168

GET
H2 200 index-01566233.css
assets.risu.io/packs/css/home/ 131 KB
19 KB 161ms
68ms Stylesheet
text/css 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/css/home/index-01566233.css
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:19:43 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 21434
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19083

GET
H3 200 email-decode.min.js Show response
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
872 B 48ms
48ms Script
application/javascript 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 16:25:27 GMT
server: cloudflare
etag: W/"64e38ff7-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb8189cb9784bd8-BUF
expires: Sat, 26 Aug 2023 02:16:57 GMT

GET
H3 200 rocket-loader.min.js Show response
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 48ms
47ms Script
application/javascript 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Aug 2023 16:25:27 GMT
server: cloudflare
etag: W/"64e38ff7-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7fb8189cc9794bd8-BUF
expires: Sat, 26 Aug 2023 02:16:57 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 144ms
58ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fb8189d3bd64bc7-BUF

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
887 B 59ms
59ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Allison&family=Cabin+Sketch&family=Great+Vibes&family=Kanit:wght@300&family=Niconne&family=Sacramento&family=Share+Tech+Mono&display=swap

Requested by

Host: assets.risu.io
URL: https://assets.risu.io/packs/css/home/index-01566233.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a0e731a7c852f0fadbdc75b0aaf9956616e4133af6eb296d5488f8283d6de85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets.risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 02:16:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 123ms
36ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:29:41 GMT
x-content-type-options: nosniff
age: 20836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 20:29:41 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 127ms
40ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:37:10 GMT
x-content-type-options: nosniff
age: 20387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 20:37:10 GMT

GET
H3 200 bootstrap-icons-dfd0ea12.woff2
assets.risu.io/packs/media/fonts/ 88 KB
88 KB 91ms
34ms Font
application/font-woff2 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 04:57:39 GMT
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 76758
content-type: application/font-woff2
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90528

GET
H2 200 index-2e1e8e88a148c184c660.js Show response
assets.risu.io/packs/js/home/ 1 MB
435 KB 60ms
58ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:19:43 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 21434
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445335

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 887 B
908 B 176ms
68ms Script
text/javascript 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94157ae9b66976e8e9ab87ba7be3275f51f0bcb4fa988b626889ddd47bfccf2d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 588
x-xss-protection: 1; mode=block
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 zh-TW.js Show response
assets.risu.io/javascripts/i18n/ 23 KB
10 KB 33ms
31ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/javascripts/i18n/zh-TW.js?b8928d7ddbc6bd8fd605402c4caed5ba
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:06 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 23 Aug 2023 18:13:03 GMT
server: nginx
age: 51
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10051

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 184ms
80ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad80d2f0384dc52458ef5e03050c484833ceab6cc4b94676ca61adde88193b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51080
x-xss-protection: 0
server: cafe
etag: 15626498931359454083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 254ms
114ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32a7a41de19acc9a4f2b7cc432db547e7ad7a3e122206dffdb8656fe261f046e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50854
x-xss-protection: 0
server: cafe
etag: 5032533350737246073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 header-284b48f4c520b20108dc.js Show response
assets.risu.io/packs/js/commons/ 470 KB
143 KB 34ms
32ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/commons/header-284b48f4c520b20108dc.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:06 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 51
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146149

GET
H2 200 application-bc03df23d8f68313a035.js Show response
assets.risu.io/packs/js/layouts/ 54 KB
17 KB 29ms
28ms Script
application/javascript 34.98.102.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.risu.io/packs/js/layouts/application-bc03df23d8f68313a035.js
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 251.102.98.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:06 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: nginx
age: 51
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://risu.io
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17116

GET
H3

200

invisible.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 3FEC
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
3 KB

40ms
39ms

Script
application/javascript

2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19b82f55efd65bbb18feaa45a80c02c2e6826b1f602380f8269d6b84049f7420

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb8189ed98a4bd8-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 24 Aug 2023 02:16:57 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fb8189e89854bd8-BUF
alt-svc: h3=":443"; ma=86400

POST
H3 200 7fb818979cda4bd5 Show response
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3FEC 0
268 B 52ms
50ms XHR
text/plain 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb818979cda4bd5
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: br
server: cloudflare
cf-ray: 7fb8189fc9944bd8-BUF
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
50 KB 187ms
74ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9054679800c1ebd5227f44791e81f40a87031288dabe02765c8361443e45df5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51254
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:31:21 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/ 392 KB
132 KB 115ms
114ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5741c76e566afd540fc9ce4afcec76fde71dffa6c5108144423cb8cf9a393479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134654
x-xss-protection: 0
server: cafe
etag: 3547958409475800999
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:16:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/ Frame 772B 10 KB
5 KB 123ms
33ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 35949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 16:17:48 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 16:17:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ 450 KB
182 KB 135ms
43ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Origin: https://risu.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185519
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 15:41:36 GMT

GET
H3

200

invisible.js Show response
risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 3FEC
Redirect Chain

https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
3 KB

182ms
181ms

Script
application/javascript

2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Protocol

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a77c56eb6c02e8de1ef88b43de98476616a144fc26ab63e28689caafbf8e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fb818a219ce4bd8-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 24 Aug 2023 02:16:57 GMT
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7fb818a109b64bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 ysm_risu.js Show response
ad.sitemaji.com/ 45 KB
14 KB 134ms
30ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_risu.js
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 17:13:44 GMT
content-encoding: br
via: 1.1 google
last-modified: Thu, 27 Jul 2023 09:23:59 GMT
server: nginx/1.12.1 (Ubuntu)
age: 32593
etag: W/"64c237af-b264"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13616
expires: Thu, 24 Aug 2023 17:13:44 GMT

GET
H3 200 abs027-4bed8014.svg Show response
risu.io/packs/media/abs/ 898 B
567 B 61ms
60ms XHR
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/abs/abs027-4bed8014.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 1770850
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb818a1b9c34bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 gra001-b98babf3.svg Show response
risu.io/packs/media/gra/ 425 B
451 B 61ms
60ms XHR
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/gra/gra001-b98babf3.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 1770850
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb818a1b9c44bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 gen002-c35b3731.svg Show response
risu.io/packs/media/gen/ 2 KB
1 KB 61ms
60ms XHR
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/packs/media/gen/gen002-c35b3731.svg
Requested by: Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 2330679
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb818a1b9c54bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 facebook-icon-43072eec.svg
risu.io/packs/media/brands/ 802 B
601 B 43ms
42ms Image
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 1770850
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb818a1d9c64bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 google-icon-501a643d.svg
risu.io/packs/media/brands/ 1 KB
790 B 41ms
40ms Image
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 1770850
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb818a1d9c74bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 image_page-2402d7aa.jpg
risu.io/packs/media/demo/ 82 KB
82 KB 67ms
65ms Image
image/jpeg 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/image_page-2402d7aa.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 2330679
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb818a1d9c84bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 84081

GET
H3 200 analytic_page-559230f7.jpg
risu.io/packs/media/demo/ 109 KB
109 KB 43ms
42ms Image
image/jpeg 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/analytic_page-559230f7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 2330679
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb818a1d9c94bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 111521

GET
H3 200 social_seo_page-da2061df.jpg
risu.io/packs/media/demo/ 125 KB
125 KB 156ms
155ms Image
image/jpeg 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo/social_seo_page-da2061df.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
age: 2330679
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb818a1d9ca4bd8-BUF
alt-svc: h3=":443"; ma=86400
content-length: 127530

GET
H3 200 qrcode-58d486d7.png
risu.io/packs/media/demo_linebot/ 340 B
590 B 167ms
165ms Image
image/webp 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo_linebot/qrcode-58d486d7.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
cf-cache-status: HIT
age: 2330679
cf-polished: origFmt=png, origSize=432
content-disposition: inline; filename="qrcode-58d486d7.webp"
alt-svc: h3=":443"; ma=86400
content-length: 340
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb818a1d9cb4bd8-BUF

GET
H3 200 IMG_0822-19d28120.PNG
risu.io/packs/media/demo_linebot/ 251 KB
252 KB 167ms
166ms Image
image/webp 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/demo_linebot/IMG_0822-19d28120.PNG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
cf-cache-status: HIT
age: 1670675
cf-polished: origFmt=png, origSize=281534
content-disposition: inline; filename="IMG_0822-19d28120.webp"
alt-svc: h3=":443"; ma=86400
content-length: 257502
cf-bgj: imgq:100,h2pri
last-modified: Tue, 30 May 2023 02:32:07 GMT
server: cloudflare
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fb818a1d9cc4bd8-BUF

GET
H3 200 shape-1-c213d1b6.svg
risu.io/packs/media/components/ 10 KB
3 KB 42ms
40ms Image
image/svg+xml 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.io/packs/media/components/shape-1-c213d1b6.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 07:53:50 GMT
server: cloudflare
age: 1670675
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 7fb818a1d9cd4bd8-BUF
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
risu.io/cdn-cgi/ 0
135 B 170ms
168ms XHR
text/plain 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Thu, 24 Aug 2023 02:16:57 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://risu.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fb818a219cf4bd8-BUF

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
600 B 137ms
54ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=risu.io&callback=_gfp_s_&client=ca-pub-9208708170783140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18c2c621d1fb7de7abe4d0823cd51b1057437c7817beb53bef24d0fb27b9d407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C130 120 KB
41 KB 673ms
673ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1692879418&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843417647&bpp=6&bdt=590&idt=341&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3894616484192&frm=20&pv=2&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=372

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4ce18fe442fd51149530692e61bea90ec02be867d200db57e96fe27f6f966e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41534
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:58 GMT
expires: Thu, 24 Aug 2023 02:16:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 78ms
77ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230822&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dea2a3a0130e4b8503624b81eec4868c2ec4a028b27a8c148d04edfba1701ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11782
x-xss-protection: 0

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 1989 54 KB
30 KB 88ms
87ms Document
text/html 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kxzqs8pwx5b

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0670fd0875ec25d06bf4d731f071c7bd30fb9d342ac7bf4fc4c1ff04707af66

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SHfPA6H9VL2UyxmcIZTyMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 30609
content-security-policy: script-src 'report-sample' 'nonce-SHfPA6H9VL2UyxmcIZTyMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame E03F 7 KB
1 KB 64ms
63ms Document
text/html 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=d7y7seprtw6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c06c9932b4b262c56f5863061958a5f80e27b19b8a45c2e7ad0fb6f46b52e1a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5bX35yPX08TSlaOvF5Z7pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1073
content-security-policy: script-src 'report-sample' 'nonce-5bX35yPX08TSlaOvF5Z7pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:58 GMT
expires: Thu, 24 Aug 2023 02:16:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 115ms
33ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 01:33:53 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2585
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 24 Aug 2023 03:33:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 70ms
68ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fb8162729691e34b335840119c3527f06d471cb0300e10a1b781c1cd20d499e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 02:16:58 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame E03F 55 KB
24 KB 225ms
97ms Stylesheet
text/css 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=normal&cb=d7y7seprtw6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 13:30:11 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame E03F 450 KB
181 KB 222ms
96ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185519
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 15:41:36 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 1989 55 KB
24 KB 223ms
98ms Stylesheet
text/css 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 13:30:11 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/ Frame 1989 450 KB
181 KB 285ms
160ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185519
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 15:41:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 152ms
65ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 02:16:58 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

160ms
39ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5920
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kGsVS2dK5GotYR5myIHTFr1BbnlLrnI5dwoLOwg9orDqV053u9mv3nXz1MQaUtUZ3lbF7lYqWyw2DE3l%2F8FbYLBKMtiXYZNS10ggIIJ%2FIqhBXUsybll4n8MX0l5Ts%2FPlDBGgtODaTyFppLUZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb818a59f3f4bcd-BUF

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

POST
H3 200 7fb818979cda4bd5 Show response
risu.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3FEC 0
266 B 44ms
44ms XHR
text/plain 2606:4700:3108::ac42:2902
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.io/cdn-cgi/challenge-platform/h/g/cv/result/7fb818979cda4bd5
Requested by: Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3108::ac42:2902 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: br
server: cloudflare
cf-ray: 7fb818a489e44bd8-BUF
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H2 204 collect
www.google-analytics.com/g/ 0
165 B 62ms
61ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je38l0&_p=1356018601&cid=1052405863.1692843418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692843418&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
107 B 92ms
92ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1356018601&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2F&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=765666406&gjid=782701368&cid=1052405863.1692843418&tid=UA-146086888-1&_gid=488136396.1692843418&_r=1&_slc=1&gtm=45He38l0n81MR8WJDJ&z=386910684

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA4E 13 KB
5 KB 61ms
60ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 460256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:26:02 GMT
expires: Sat, 17 Aug 2024 18:26:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8367 829 B
1 KB 196ms
69ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e47fa8d3fa1d4045c50461ba5487dd03d9c63eac6947fc55683b9cedadaa7f44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XL-gZYTJUjnJSc36l5dIAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-XL-gZYTJUjnJSc36l5dIAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:58 GMT
expires: Thu, 24 Aug 2023 02:16:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame EA4E 37 KB
14 KB 32ms
32ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
341 B 108ms
40ms XHR
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146086888-1&cid=1052405863.1692843418&jid=765666406&gjid=782701368&_gid=488136396.1692843418&_u=YADAAEAAAAAAACAAI~&z=324578593

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Aug 2023 02:16:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 71ms
71ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

395da25a369d735330850a6157241b046840f239c2b2cea31a08d94d4a9b073a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81068
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 24 Aug 2023 02:16:58 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
631 B 40ms
36ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5033
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdPC1OSCZ9nYlqcCAmVCa9E6bN%2BJ83Qdg0X7z4yUMr9uCXtzmX2VeaQbmbkWsYFDQWN7QBT8E289XEi%2Fu6hbqojTM%2BEYhV3nb3z9%2FenOhM3AvHp1LHFBJpWZ9RfGIyaUPTBJfkCbSi9ctLgl1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb818a5ff454bcd-BUF

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 209ms
86ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.23509156064945236&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 3a9c07391f80989cd5cc2e39a76701e0d777f80cff839c1eb1c6d92d9cea7bd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:16:58 GMT
X-Width: 728
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 267ms
144ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.44832114078597374&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: f2edb8a66bf793b36da1eaef8d4109c274551390215962a9e5afe9fb7c3a979b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:16:58 GMT
X-Width: 728
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 218ms
91ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.11523092886695108&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 939a6851c43eebc287f0bcfbc8064ba2357eed3cabe059e8357c4028c622703b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:16:58 GMT
X-Width: 728
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html
Transfer-Encoding: chunked
Connection: close

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 3 KB
2 KB 210ms
85ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.4299913679974865&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: cc80acdb887b847643d49d5e7fb523dcbe7ac8de5c10e9d0b5764dde200c92ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:16:58 GMT
X-Width: 728
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html
Transfer-Encoding: chunked
Connection: close

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 79ms
77ms Image
image/gif 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=1052405863.1692843418&jid=765666406&_u=YADAAEAAAAAAACAAI~&z=952841994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8367 0
0 58ms
57ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230822&jk=1594871160960608&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA4E 0
10 B 43ms
43ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TlwZFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 102ms
38ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je38l0&_p=1356018601&_gaz=1&ul=en-us&sr=1600x1200&cid=1052405863.1692843418&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1692843418&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 47ms
45ms Ping
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=1052405863.1692843418&gtm=45je38l0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1989 2 KB
2 KB 63ms
63ms Image
image/png 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 21:06:24 GMT
x-content-type-options: nosniff
age: 18634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 30 Aug 2023 21:06:24 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1989 15 KB
15 KB 35ms
34ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:11:34 GMT
x-content-type-options: nosniff
age: 385524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 15:11:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1989 15 KB
15 KB 42ms
41ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 16:17:15 GMT
x-content-type-options: nosniff
age: 381583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 16:17:15 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 1989 102 B
134 B 61ms
61ms Other
text/javascript 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kxzqs8pwx5b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 24 Aug 2023 02:16:58 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 597F 128 KB
41 KB 144ms
72ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:16:58 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame C227 128 KB
41 KB 178ms
109ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:16:58 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 30B0 128 KB
41 KB 189ms
123ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:16:58 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/ 154 KB
52 KB 67ms
67ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f679a805af58ded6a5d7ecf19e531bf6532259ebb1d02ec51856a707dd059edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53667
x-xss-protection: 0
server: cafe
etag: 4116900255637091509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:16:58 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F981 436 B
238 B 410ms
408ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=7&bdt=1873&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0&nras=2&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1480&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=2LZytTLT7t&p=https%3A//risu.io&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bfcf58c43488694d6b4061fc36f679397d50e82243c93f1d9c9146220360970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
expires: Thu, 24 Aug 2023 02:16:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E50D 109 KB
39 KB 693ms
692ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=1&bdt=1872&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280&nras=3&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LGk4alTwhU&p=https%3A//risu.io&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac90ebd544435180efe879112a9fe0bf394aa364264ccadd0ddb903a2fdfa4cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39666
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
expires: Thu, 24 Aug 2023 02:16:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C14C 436 B
238 B 458ms
457ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=1&bdt=1872&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Xyc0wF0Xqc&p=https%3A//risu.io&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ff207d89a7a66aa835cceb3138d1445cd1519fc117530c4567c1b77a82e63e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
expires: Thu, 24 Aug 2023 02:16:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5254 117 KB
41 KB 426ms
426ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=3&bdt=1872&idt=3&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=iMF0VtJDzJ&p=https%3A//risu.io&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22b68eaf67cc2d2db631ec11142c1eeba94c7a09d5180daced1c8dcc2f63a168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42034
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
expires: Thu, 24 Aug 2023 02:16:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 1868 128 KB
41 KB 45ms
44ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:16:59 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CD2F 15 KB
6 KB 109ms
37ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:58 GMT
server: Kestrel
server-processing-duration-in-ticks: 224011
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 597F 0
186 B 108ms
39ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=15360661034

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:16:58 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/ Frame 74DD 10 KB
4 KB 34ms
33ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 13179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 22:37:20 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 22:37:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 30B0 3 KB
2 KB 57ms
56ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=42206313638

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ad6adf03f2d56fd10094fb06c89670b63216967b102b23d53abf8d79fe307950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 02:16:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C227 3 KB
2 KB 58ms
58ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=99095091130

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a858016f251faf293ebb4c59c397124b1b9b5cab496f388e5e10eaa5b9ef8cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 events
bidder.criteo.com/csm/ Frame 597F 0
185 B 184ms
180ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:16:58 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 597F 43 B
365 B 39ms
35ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 18 Aug 2024 02:16:59 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 597F 43 B
365 B 32ms
29ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 18 Aug 2024 02:16:59 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1868 3 KB
2 KB 1130ms
1129ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=69234480635

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

193464c2935cfb187584dd9390806f21b3795218d92ba1e6fce16cf14add40d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame 74DD 23 KB
9 KB 33ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5C9 143 B
166 B 36ms
34ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 01:21:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 74DD 3 KB
1 KB 35ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 74DD 20 KB
8 KB 35ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:44 GMT

GET
H3 200 14648744819025902172
tpc.googlesyndication.com/simgad/ Frame 74DD 38 KB
38 KB 41ms
37ms Image
image/gif 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14648744819025902172

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ef7a4804e1e9e498d60c6779fa615fe2818aca5d0c96ec2d30e72fdfec373d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 01:35:42 GMT
x-content-type-options: nosniff
age: 2477
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38826
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 11:24:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Aug 2024 01:35:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74DD 181 KB
57 KB 93ms
88ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 74DD 35 KB
14 KB 61ms
57ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e8be122ac87eb4686d3bdad82d7e241a721dd3381699cc71423626ee7d7a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14411
x-xss-protection: 0
server: cafe
etag: 4500582243027856586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:09:04 GMT

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 1989 33 KB
19 KB 144ms
143ms XHR
application/json 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d97ca50382cda81d066ed39e6260f3e1820cd824a0b00f913a1fb27d219a32c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kxzqs8pwx5b
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19246
x-xss-protection: 1; mode=block
expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CD2F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=GoauynxxMUpLdkFXRU51bW1nQkZYQ2ZnRHlDSjlmR0dTN2ZtN3dVQ2QzcEtBTU1NdFhOTmkyUFhyazY1TTJYTVc4K0VmNlJXdFozMHRHc2ZVdHl1dmhiQXFIM2xiSTFkblRmYTlnUjlINmt5Y3lUVVllU2U5YmFLV3NXRH...

430 B
653 B

105ms
32ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GoauynxxMUpLdkFXRU51bW1nQkZYQ2ZnRHlDSjlmR0dTN2ZtN3dVQ2QzcEtBTU1NdFhOTmkyUFhyazY1TTJYTVc4K0VmNlJXdFozMHRHc2ZVdHl1dmhiQXFIM2xiSTFkblRmYTlnUjlINmt5Y3lUVVllU2U5YmFLV3NXRHVhdjJOZG9jVUc2SHB6V2IvUjlzVk5YVU5UTFB6QVNUb2xxUTdDdStvWG9uTjl2aHRTdzRvSUhkYklXaDlHK1FadnYxbEYxdXF3c3puUzVDaVhPaG9QMkNwSGU3MFU5a084aDNna3BrUnBsajRBaHhWS2pnS0dmMTJDZ2h4ZS9TKzU1WWpOWDBScldwVzREbjllT0JsNUFWSldpN2sydz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ac96ae1aabb5486c2fbf30d3fd66e8afeaa62265a8c5e2f673e8c3bf6b045b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2832003
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=GoauynxxMUpLdkFXRU51bW1nQkZYQ2ZnRHlDSjlmR0dTN2ZtN3dVQ2QzcEtBTU1NdFhOTmkyUFhyazY1TTJYTVc4K0VmNlJXdFozMHRHc2ZVdHl1dmhiQXFIM2xiSTFkblRmYTlnUjlINmt5Y3lUVVllU2U5YmFLV3NXRHVhdjJOZG9jVUc2SHB6V2IvUjlzVk5YVU5UTFB6QVNUb2xxUTdDdStvWG9uTjl2aHRTdzRvSUhkYklXaDlHK1FadnYxbEYxdXF3c3puUzVDaVhPaG9QMkNwSGU3MFU5a084aDNna3BrUnBsajRBaHhWS2pnS0dmMTJDZ2h4ZS9TKzU1WWpOWDBScldwVzREbjllT0JsNUFWSldpN2sydz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 270337
content-length: 0
expires: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame 30B0 0
185 B 31ms
30ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ Frame C227 0
185 B 37ms
34ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:16:58 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 597F
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=V4K69vlXD52AEEo8nL3mZA&id=ida4mlvgiastit93r

3 KB
1 KB

295ms
294ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=V4K69vlXD52AEEo8nL3mZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e5a86a102aa0fd31227b7576ea8ae259cb75fb806210390f81a0d8ef9bdcb603

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Thu, 24 Aug 2023 02:17:00 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=V4K69vlXD52AEEo8nL3mZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame C227
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r

3 KB
1 KB

281ms
281ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 80d6017536dde3090febf2b90d835cad8c338608703f66cbdffb1612a7eeb1b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Thu, 24 Aug 2023 02:17:00 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230822&jk=1594871160960608&bg=!cHOlczzNAAZGPLJIZjw7ADQBe5WfOJA9dFw9cz5kP3rEhyLWVKon-UEHSHvK7UffRjEgSKyoCxC1v3S4fIR5kEHgYcT7AgAAAJVSAAAABWgBBwoAPHtK-Cc-gOhmZ_Z8dnNoSEcSEmifA2mAiXBJAt2mG53rzRoSizf7-6Xwsu4ZSEhKzQnUwHZN1NGtFNm30JkCyotuf7faxH4aBCuy6mCtIaoD6hYet7qlZhZPRqWhKF9bNx2quO1Mf7YikMG5G5W-TMVQwxxWisZzIVW0VE0_DYm9UHOt79gTirtsTgrQDAzIPVq4ifTXqadknl21fekxOoDksRmDLwXb_HPFnQM8g8W0S1KkuoVT731Rj08LLxijctk3_pjM2NdNK0LprCp3AFORzNCiFOaKTc0O8XZVoaMDyD23Fkf24vqVKxwf5vk1EaAgGeIpiEEzg5f0kDLEUAHrzHzdt_r6MM2BNr6LaD7iTqiou3YE__mY8pfBvVEeGMaj59TGXW6FrBgmfsKDOZMuhT5MQcCyfq3qV2BbqawDyrdkSw9wBl2kbzt_VUhjG9mrX0jIHb6dapD1Ozn6-25pPIhrJL54_YNKD-MOjLmOZ1kv94MVyYTE2mISDlbynyqn1C2AS_LN4C9DI44yRH6CRQrAG01Fqqp2eE2e4HhDRBTfTXVBCCbK11D0njGa9Zofi4bCvberbAFg714yofwjGFXPgzlwVg0_WhRwkQP0OisVM4mjFwpd3rqPqRF89Q6xPuuwZ_qqKUNCmxNnBClKTsgk0Z-CDJQ9d6f85ARK6Nho0YjEvcN7CIkyJA828S58fM8tgDXLbKyXqA2DkK1yfBGB9FrcBFUJ03WRst6AF1qPo_IOjPuozu1iRv8v3BoYjctcxD4qn0NdioEcrAb3l0_3lFszXPLHPR_M6cFg0h5DcYDUo2pbknFMPTUC902mfbQUmme1-yJprzSYMXkYzxCFD4ZEKDLLt4PfovrUhRlCs78uzfGBS-9hmEzvW86fO5Eb2dg5qGSwUkavDabrk_-A4v8c38obwNE-sSng2l_BsJRmooCHCR8J2MXGP0fjJABaEikYJiu3D8MGnuHUgqwRDVgHacnL7XRGqyQSvi_5GF5pIL-NWFy6zNXcegErbRtP76FiqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 63e0a2a793d720ddab32c7ad1c79b976.js Show response
www.gstatic.com/mysidia/ Frame 5254 9 KB
4 KB 66ms
63ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/63e0a2a793d720ddab32c7ad1c79b976.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=3&bdt=1872&idt=3&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=iMF0VtJDzJ&p=https%3A//risu.io&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 22:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 22:33:24 GMT

GET
H3 200 b293f88652ab0f749d3615e759df59dc.js Show response
www.gstatic.com/mysidia/ Frame 5254 11 KB
5 KB 68ms
64ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b293f88652ab0f749d3615e759df59dc.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 23:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4722
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 23:21:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5254 15 KB
1 KB 61ms
56ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 00:29:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame 5254 23 KB
9 KB 35ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 5254 3 KB
1 KB 34ms
33ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame 5254 20 KB
8 KB 37ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5254 0
0 69ms
68ms Image
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrVwj3pvqC1VQT2kwHxPwayNbSuoqEmMrE2o-cAWG7wPig2SFJ6JWzz_M3Kqr0TpAbY-itgA5VdBCXGkb32wqbKwnCJw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=3&bdt=1872&idt=3&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=iMF0VtJDzJ&p=https%3A//risu.io&dtd=39
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5254 181 KB
56 KB 92ms
92ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 5254 35 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 01:19:52 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C5C9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
56ms

Document
text/html

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
expires: Thu, 24 Aug 2023 02:16:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 30B0
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ECWC_-iDD1e-0qHnnL3mZA&id=ida4mlvgiastit93r

3 KB
1 KB

290ms
290ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ECWC_-iDD1e-0qHnnL3mZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 3804023e4d1308eec25046ff570e5bd8e970d6541c6b87bd4fe0d55e1d29d5e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Thu, 24 Aug 2023 02:17:00 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=ECWC_-iDD1e-0qHnnL3mZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 74DD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CuVQrmr3mZP60B72hiM0PsPuuwAyt39SVcZ-f2t6yEcSEhZ4LEAEgjofejwFgye6Oi8CkjBCgAbe-l-ECyAEDqQIUmvZJaqh4PqgDAcgDyQSqBLEBT9CVMahHfgm5d6SCbeHG2XSzApPVZ8e...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfce19c97832d0d420000000000000000%22,%222%22:%220xfd8db10552e770640000000000000000%22,%223%22:%220x7d275f...

0
0

146ms
70ms

Fetch
text/css

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfce19c97832d0d420000000000000000%22,%222%22:%220xfd8db10552e770640000000000000000%22,%223%22:%220x7d275f9c13ed4f170000000000000000%22,%224%22:%220x6e89764480a2b64a0000000000000000%22,%225%22:%220xb3490621eadceb100000000000000000%22},%22debug_key%22:%227837735135395470291%22,%22debug_reporting%22:true,%22destination%22:%22https://alfalaval.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22740679479%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229116675993458155761%22}&andc=true

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xfce19c97832d0d420000000000000000","2":"0xfd8db10552e770640000000000000000","3":"0x7d275f9c13ed4f170000000000000000","4":"0x6e89764480a2b64a0000000000000000","5":"0xb3490621eadceb100000000000000000"},"debug_key":"7837735135395470291","debug_reporting":true,"destination":"https://alfalaval.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["740679479"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"9116675993458155761"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Aug 2023 02:16:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Aug 2023 02:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfce19c97832d0d420000000000000000","2":"0xfd8db10552e770640000000000000000","3":"0x7d275f9c13ed4f170000000000000000","4":"0x6e89764480a2b64a0000000000000000","5":"0xb3490621eadceb100000000000000000"},"debug_key":"7837735135395470291","debug_reporting":true,"destination":"https://alfalaval.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["740679479"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"9116675993458155761"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5254 33 KB
33 KB 34ms
34ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:29:39 GMT
x-content-type-options: nosniff
age: 434840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 01:29:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E50D 4 KB
655 B 58ms
57ms Stylesheet
text/css 2607:f8b0:4020:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=1&bdt=1872&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280&nras=3&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LGk4alTwhU&p=https%3A//risu.io&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 02:08:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame E50D 2 KB
892 B 43ms
39ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:48 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame E50D 23 KB
9 KB 33ms
32ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame E50D 3 KB
1 KB 36ms
34ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame E50D 20 KB
8 KB 40ms
37ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43755
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Sep 2023 14:07:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E50D 0
0 72ms
70ms Image
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKx5qx9mcGlqTNzJ2RxrRM_glqFqGooqcimZDbjBJPyYQETfzZFUQy4j0env1u8ukNhE9qyPdxt7bNxoZ8QAeZ7KnmFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=1&bdt=1872&idt=-M&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280&nras=3&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1973&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=LGk4alTwhU&p=https%3A//risu.io&dtd=27
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E50D 181 KB
56 KB 92ms
91ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame E50D 35 KB
15 KB 74ms
72ms Script
text/javascript 2607:f8b0:4020:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 20:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 01:19:52 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 160ms
54ms Preflight
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 02:16:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FE8C 15 KB
6 KB 41ms
40ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 1600632
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A7A0 15 KB
6 KB 43ms
42ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 1909965
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6EDF 15 KB
6 KB 45ms
44ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:16:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 1503015
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C002 143 B
166 B 35ms
34ms Document
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=3&bdt=1872&idt=3&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=iMF0VtJDzJ&p=https%3A//risu.io&dtd=39
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 01:21:35 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8BC4 1 KB
643 B 37ms
35ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 01:27:49 GMT
etag: 48472445140208031
expires: Fri, 25 Aug 2023 01:27:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5254 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b256fcb09121fce28553b5525905d1ad4d31665a3d5bb4fa87c530576683cf6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E7C 37 KB
14 KB 34ms
33ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1668 1 KB
643 B 33ms
32ms Document
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 01:27:49 GMT
etag: 48472445140208031
expires: Fri, 25 Aug 2023 01:27:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 reload Show response
www.recaptcha.net/recaptcha/api2/ Frame 1989 33 KB
19 KB 147ms
145ms XHR
application/json 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cfe90fded93ea0d96c74ec3869afe8e4773c925728c5ff695dbc9d6e6de2570

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&cb=5kxzqs8pwx5b
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 24 Aug 2023 02:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19198
x-xss-protection: 1; mode=block
expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11482507120967986392/ Frame E50D 45 KB
45 KB 37ms
37ms Image
image/jpeg 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11482507120967986392/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6642731e48fb0aadc479d597c5a9ed632bee438798796441f42480e84c4ac31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:27:39 GMT
x-content-type-options: nosniff
age: 49760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45612
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:55:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Aug 2024 12:27:39 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14932120113451990115/ Frame E50D 3 KB
3 KB 40ms
39ms Image
image/jpeg 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14932120113451990115/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

867e294b7e84ef2670c1f04086fedf178f46be6a3c4f188240da2dd8b7b68837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:30:38 GMT
x-content-type-options: nosniff
age: 391581
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3538
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 03:37:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 13:30:38 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FE8C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=wZYlJ19VQW51RHF0RTlmR20wVWd5alFnZE4wVWdwMUdmTHk5SUJxVXJoMlJWZnJUa2tlQ2ZnbE8lMkZNRnhL...
https://mug.criteo.com/sid?cpp=3M2dYHxSR2FtdEhsN0RMa1BVRk1VMm0vaHM2UUE4ZVFQTER3OWJZUUpRUGk5WW56RWtaeENtNi9Jdnd2WHNyZFprdmM3elhPZ2k2MHd6QVJwVy90YWxyQmdSVHJMZDhzczhBQTRCNVVXazhwNWlkdXlBNjRncHZOWkIyeU...

436 B
658 B

33ms
31ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3M2dYHxSR2FtdEhsN0RMa1BVRk1VMm0vaHM2UUE4ZVFQTER3OWJZUUpRUGk5WW56RWtaeENtNi9Jdnd2WHNyZFprdmM3elhPZ2k2MHd6QVJwVy90YWxyQmdSVHJMZDhzczhBQTRCNVVXazhwNWlkdXlBNjRncHZOWkIyeUo1YW9tTXdhUkFScFNuV2pleXR3WHphK3hEZW5yd1grSytrL1d2UC9kRHZSRERqT1NPemwzNGZqNytZOG9CdTd4dk9CUWw1Vk5tdGZPRFNtdnFsV2JZeWpWblZTd2FHd0V3bDNxNys0VHBDOG1CY0REbHl3b0VBQ0pXaC9KN3ZQdHgraVlTdWZXTmYxSC9nWS9TQmw4NkVzS3MzeVJVdz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a0cab722e4965b703922e252b239718fbe5edfe4774b307a6e32cd3894cab4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1592600
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3M2dYHxSR2FtdEhsN0RMa1BVRk1VMm0vaHM2UUE4ZVFQTER3OWJZUUpRUGk5WW56RWtaeENtNi9Jdnd2WHNyZFprdmM3elhPZ2k2MHd6QVJwVy90YWxyQmdSVHJMZDhzczhBQTRCNVVXazhwNWlkdXlBNjRncHZOWkIyeUo1YW9tTXdhUkFScFNuV2pleXR3WHphK3hEZW5yd1grSytrL1d2UC9kRHZSRERqT1NPemwzNGZqNytZOG9CdTd4dk9CUWw1Vk5tdGZPRFNtdnFsV2JZeWpWblZTd2FHd0V3bDNxNys0VHBDOG1CY0REbHl3b0VBQ0pXaC9KN3ZQdHgraVlTdWZXTmYxSC9nWS9TQmw4NkVzS3MzeVJVdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 505777
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A7A0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=wZYlJ19VQW51RHF0RTlmR20wVWd5alFnZE4wVWdwMUdmTHk5SUJxVXJoMlJWZnJUa2tlQ2ZnbE8lMkZNRnhL...
https://mug.criteo.com/sid?cpp=X2POT3xnQzZLYWJDM0pzcEJqbm83a0VwK0NMNTNaS01BdTZyLzFCa2dxTEpBY0cvVkk0ODVOb1RPNTZIVmYrUWhTSVc4Y1RUYlByMGt1M1BKNThKTnZ3NDFzamxMOVU1a24zQ0NEb2k4V0ZyZEU1ME9pQUJvZERQeE1MOE...

419 B
646 B

48ms
45ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=X2POT3xnQzZLYWJDM0pzcEJqbm83a0VwK0NMNTNaS01BdTZyLzFCa2dxTEpBY0cvVkk0ODVOb1RPNTZIVmYrUWhTSVc4Y1RUYlByMGt1M1BKNThKTnZ3NDFzamxMOVU1a24zQ0NEb2k4V0ZyZEU1ME9pQUJvZERQeE1MOEk0YlV2OHZERDlkTzdUS0dvbE95U0pDa2QxOG00b3IrMFlZYXBiZENpbm9Jc2MwcW5hS0xMM2ZqZFB1b2RvTHJ3dnVqZ3U3QkZhNVErb0VVU0dqUFlTdUpiNjlKVTM1bXNQZnZjODMwNEFWWm4yVzhHM2t6UkFscUh0Zmx6T09Qd2ZpUnVBVjFjdi9QSVA0aGNXSjJxcElJL29FcFFFQT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1c38444fe38c715c0b107f129c4d80e17e6a47dd61cdd889e1d1409df9350a28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1857644
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=X2POT3xnQzZLYWJDM0pzcEJqbm83a0VwK0NMNTNaS01BdTZyLzFCa2dxTEpBY0cvVkk0ODVOb1RPNTZIVmYrUWhTSVc4Y1RUYlByMGt1M1BKNThKTnZ3NDFzamxMOVU1a24zQ0NEb2k4V0ZyZEU1ME9pQUJvZERQeE1MOEk0YlV2OHZERDlkTzdUS0dvbE95U0pDa2QxOG00b3IrMFlZYXBiZENpbm9Jc2MwcW5hS0xMM2ZqZFB1b2RvTHJ3dnVqZ3U3QkZhNVErb0VVU0dqUFlTdUpiNjlKVTM1bXNQZnZjODMwNEFWWm4yVzhHM2t6UkFscUh0Zmx6T09Qd2ZpUnVBVjFjdi9QSVA0aGNXSjJxcElJL29FcFFFQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 654207
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6EDF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=wZYlJ19VQW51RHF0RTlmR20wVWd5alFnZE4wVWdwMUdmTHk5SUJxVXJoMlJWZnJUa2tlQ2ZnbE8lMkZNRnhL...
https://mug.criteo.com/sid?cpp=5oFpwnxMeUUxNGx2Slhjbkk5bE9HWVJTSWlIbjUrR3g2ZDd6bDJ0YU9HeExPZGgvc2ppMmNJQkFxR3JzRCtQWmtYREtTTndBQ1lMSnNNMXQ1MTVhbXV0S0JublhWUWJMNmdJYmU4WVdZTFdKN1JsMnNKV05UWkp0VHZ0S1...

422 B
647 B

35ms
31ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5oFpwnxMeUUxNGx2Slhjbkk5bE9HWVJTSWlIbjUrR3g2ZDd6bDJ0YU9HeExPZGgvc2ppMmNJQkFxR3JzRCtQWmtYREtTTndBQ1lMSnNNMXQ1MTVhbXV0S0JublhWUWJMNmdJYmU4WVdZTFdKN1JsMnNKV05UWkp0VHZ0S1BkN081YkdWb0dqdTV1RXdwdFRWcnNTRm1JRnVtZnlzOWR1R05WOWllNjRpRE9RaVJTb1hLYjlwWXdsWStNeGNEUVdTc2dHR1I2Wk12SjRqUStQM2N4UUZFVHpQWnFKUGFnWG9KNGQvbVViSXZDajRTNkVpVUdCZTZhbWpaVFFLS0FzblIxelhlT2k3RGo1Y0gwUFVJellJZkNWN3R4QT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ea652f36e75f1beea81cdca2cfd1d8c157c7cd22587e13bb5bb2239e05f544fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1008779
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:16:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5oFpwnxMeUUxNGx2Slhjbkk5bE9HWVJTSWlIbjUrR3g2ZDd6bDJ0YU9HeExPZGgvc2ppMmNJQkFxR3JzRCtQWmtYREtTTndBQ1lMSnNNMXQ1MTVhbXV0S0JublhWUWJMNmdJYmU4WVdZTFdKN1JsMnNKV05UWkp0VHZ0S1BkN081YkdWb0dqdTV1RXdwdFRWcnNTRm1JRnVtZnlzOWR1R05WOWllNjRpRE9RaVJTb1hLYjlwWXdsWStNeGNEUVdTc2dHR1I2Wk12SjRqUStQM2N4UUZFVHpQWnFKUGFnWG9KNGQvbVViSXZDajRTNkVpVUdCZTZhbWpaVFFLS0FzblIxelhlT2k3RGo1Y0gwUFVJellJZkNWN3R4QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 817884
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame E50D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6849b61bf92ff04a17d5f47723004ef7e66f3c66fbd4681d32ce5aba709a5553

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8BC4 35 B
463 B 180ms
30ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECTu7IOswT8vn1FA7DY7Q5Q&google_cver=1&google_push=AXcoOmSTd71K0LmHWHLc6ISVo912VKQDDpAvYqAOcimcMsgwlU4gvJq-M10MqGFPX99bw4EYrS2AVR_SAdMmRXhyJpf5MC7G3nS0aA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BC4
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJkLqNnWYRbsEbm9leR5yaI&google_cver=1&google_push=AXcoOmT3OAztaf2Jgj9OxIaNqMp1auyS-sLGcA55elRF5JSH0_DcMS9...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=54b1a8f0c1e4143c&is_secure=true&networkId=14000&version=1&google_gid=CAESEJkLqNnWYRbsEbm9leR5yaI&google_cver=1&google_push=AXcoOmT3OAzt...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIsifrVhCrMAMsIw5xAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEJkLqNnWYRbsEbm9leR5y...

170 B
188 B

73ms
72ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIsifrVhCrMAMsIw5xAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEJkLqNnWYRbsEbm9leR5yaI&google_push=AXcoOmT3OAztaf2Jgj9OxIaNqMp1auyS-sLGcA55elRF5JSH0_DcMS9RiHjIZjjVTwlfG9T3SCEtMnq7D3Jk_RMKuidTCWg6lAnI

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIsifrVhCrMAMsIw5xAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEJkLqNnWYRbsEbm9leR5yaI&google_push=AXcoOmT3OAztaf2Jgj9OxIaNqMp1auyS-sLGcA55elRF5JSH0_DcMS9RiHjIZjjVTwlfG9T3SCEtMnq7D3Jk_RMKuidTCWg6lAnI
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BC4
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPabMHtu2jFULQvmqDuZA28&google_cver=1&google_push=AXcoOmSB3vmSVQakHmAMOq_fNeyERchb6w9aLX8p0FMd1Lvkn9QS7rzD65dHG7iThKLD65kaSxF2DaMKrEj9KEOjD-...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEPabMHtu2jFULQvmqDuZA28&google_cver=1&google_push=AXcoOmSB3vmSVQakHmAMOq_fNeyERchb6w9aLX8p0FMd1Lvkn9QS7rzD65dHG7iThKLD65kaSxF2DaMKrEj9KEOjD-...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YThhNjdhYTMtNmMzZS00MTUzLWJhZDEtNmE4MzFlMzE2Y2Qx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1

170 B
188 B

64ms
64ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YThhNjdhYTMtNmMzZS00MTUzLWJhZDEtNmE4MzFlMzE2Y2Qx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YThhNjdhYTMtNmMzZS00MTUzLWJhZDEtNmE4MzFlMzE2Y2Qx&google_push&gdpr=0&gdpr_consent=&ttd_tdid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8BC4
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESENLWocZ_ZdVLZnXgobNM2YA&google_cver=1&google_push=AXcoOmQJXwvjrLu6ko-tgoh1DzaRye6JlnGK1QvjQdj2JrmauIhZ16JmIgJQoHo65uNcjlfrGCd1LyMDpCGko2SEIIWtecL-Bz_F
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkNBNEQzNDc5RDcyREE2OQ==

170 B
329 B

63ms
58ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkNBNEQzNDc5RDcyREE2OQ==

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=NkNBNEQzNDc5RDcyREE2OQ==
date: Thu, 24 Aug 2023 02:17:00 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8BC4
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFVuiPcWnsdjGxqH5DYbNP8&google_cver=1&google_push=AXcoOmTZ6AMD-dXV2GVdsA9ObROHTDv2VbdbqE63mVGTTLaiCxu1reR1khzKxYsk2HnYxCZQPlLhvZ3B1nd2lGA8...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMEqgnk1TaWpnXAruyp0ag2&google_push=AXcoOmTZ6AMD-dXV2GVdsA9ObROHTDv2VbdbqE63mVGTTLaiCxu1reR1khzKxYsk2HnYxCZQPlLhvZ3B1nd2lGA8yFthhZ76l0fV

170 B
232 B

105ms
105ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMEqgnk1TaWpnXAruyp0ag2&google_push=AXcoOmTZ6AMD-dXV2GVdsA9ObROHTDv2VbdbqE63mVGTTLaiCxu1reR1khzKxYsk2HnYxCZQPlLhvZ3B1nd2lGA8yFthhZ76l0fV

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 24 Aug 2023 02:17:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MMEqgnk1TaWpnXAruyp0ag2&google_push=AXcoOmTZ6AMD-dXV2GVdsA9ObROHTDv2VbdbqE63mVGTTLaiCxu1reR1khzKxYsk2HnYxCZQPlLhvZ3B1nd2lGA8yFthhZ76l0fV
x-host: tde-deliveryengine-production-6ffbf575ff-hq4vx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 google
d5p.de17a.com/cookies/ Frame 8BC4 35 B
125 B 376ms
120ms Image
image/gif 213.155.156.165
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_gid=CAESELXeOk5jWmMuDA1fWc-iPU4&google_cver=1&google_push=AXcoOmRYBwzbMSLYtbB2fpPOTGNP4R8I09phWXC4acZTuvP7sPklZaxj1auihr7gTEYtJsQbwvMgwfm5Y9LxTWENa4zgGNAISsXvNw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1692879418&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692843418930&bpp=3&bdt=1872&idt=3&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D10f6f3816b9be75a-22b1d5d0b3e30092%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg&gpic=UID%3D00000d8d79554069%3AT%3D1692843418%3ART%3D1692843418%3AS%3DALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=3894616484192&frm=20&pv=1&ga_vid=1052405863.1692843418&ga_sid=1692843418&ga_hid=1356018601&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795921%2C31076996%2C44800659%2C21065725&oid=2&pvsid=1594871160960608&tmod=1745750479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=iMF0VtJDzJ&p=https%3A//risu.io&dtd=39
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.165 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BC4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIOONn7x1WCEG_AGDgKzhzM&google_cver=1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0vSw3e...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIOONn7x1WCEG_AGDgKzhzM&google_cver=1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ5MzI1Mjg5MDM4ODE1MTI1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0vSw3e...

170 B
188 B

70ms
70ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ5MzI1Mjg5MDM4ODE1MTI1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0vSw3eCQ5Qu0ROfFEkJS4y9nEbOw

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzQ5MzI1Mjg5MDM4ODE1MTI1&google_push=AXcoOmRZkC37oBscgjNsu9yzTQ4B80CHk6Uu4OLamIRe1CJu-GR3NJIdguzLC-v635f6vm8qNG0vSw3eCQ5Qu0ROfFEkJS4y9nEbOw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8BC4 0
130 B 145ms
53ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNo_xedEGNECUPMCJpMnBgoxiT7hytDltMYBJ8i15BVo_3Vk5Lfr9al4y46XneHqdFZov4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5254
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkKfPm73mZKapBKuUiM0Pq6iLcLfKlIhyjPKa978RnpeYzcoBEAEgjofejwFgye6Oi8CkjBCgAdDZypYDyAEBqAMByAPLBKoEugFP0HPWX_p7zlMWY4N5ULJNEWxtQuNKOxueK7D27t5we1h...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa50db3ae8a4803460000000000000000%22,%222%22:%220x3cfe68eaa1e8b97f0000000000000000%22,%223%22:%220xe05d34...

0
0

56ms
55ms

Fetch
text/css

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa50db3ae8a4803460000000000000000%22,%222%22:%220x3cfe68eaa1e8b97f0000000000000000%22,%223%22:%220xe05d347cda6645b10000000000000000%22,%224%22:%220x46335fcac74862ff0000000000000000%22,%225%22:%220x2d7e126247a359a40000000000000000%22},%22debug_key%22:%2213585378855886013831%22,%22debug_reporting%22:true,%22destination%22:%22https://seekdept.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22852667600%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216993215107389628689%22}&andc=true

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa50db3ae8a4803460000000000000000","2":"0x3cfe68eaa1e8b97f0000000000000000","3":"0xe05d347cda6645b10000000000000000","4":"0x46335fcac74862ff0000000000000000","5":"0x2d7e126247a359a40000000000000000"},"debug_key":"13585378855886013831","debug_reporting":true,"destination":"https://seekdept.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["852667600"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"16993215107389628689"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Aug 2023 02:17:00 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Aug 2023 02:16:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa50db3ae8a4803460000000000000000","2":"0x3cfe68eaa1e8b97f0000000000000000","3":"0xe05d347cda6645b10000000000000000","4":"0x46335fcac74862ff0000000000000000","5":"0x2d7e126247a359a40000000000000000"},"debug_key":"13585378855886013831","debug_reporting":true,"destination":"https://seekdept.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["852667600"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"16993215107389628689"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1668
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU08&google_cver=1&google_push=AXcoOmTrSjTgbtBp3YX98oM3SYNei5BlvZgyWZTZFDurfGN5TWQdLyc...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6bcf93d440d8187a&is_secure=true&networkId=14000&version=1&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU08&google_cver=1&google_push=AXcoOmTrSjTg...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIvHV0OPaL_QNf-XVDAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU...

170 B
188 B

58ms
57ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIvHV0OPaL_QNf-XVDAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU08&google_push=AXcoOmTrSjTgbtBp3YX98oM3SYNei5BlvZgyWZTZFDurfGN5TWQdLycHOH5ml8OLjDou20ftBNIDVMKq6dMvIseolVPiZ6bsx4TmOA

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIvHV0OPaL_QNf-XVDAAAAAAA&expiration=1692929820&google_cver=1&is_secure=true&google_gid=CAESEAiOOzCvAbq-xGWJUsPEU08&google_push=AXcoOmTrSjTgbtBp3YX98oM3SYNei5BlvZgyWZTZFDurfGN5TWQdLycHOH5ml8OLjDou20ftBNIDVMKq6dMvIseolVPiZ6bsx4TmOA
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1668
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED7mrqiatA8ELj6NP5AVZFY&google_cver=1&google_push=AXcoOmSloCTCk2hW4GEikvNRYPjFMtHe3quZkjO9hyA__FP4MwLp5-OZjCkd5XuvtT_0HCfTZNU9nPS1KrPPSFFr...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSloCTCk2hW4GEikvNRYPjFMtHe3quZkjO9hyA__FP4MwLp5-OZjCkd5XuvtT_0HCfTZNU9nPS1KrPPSFFrLKVVwIwJFfiAvA

170 B
188 B

69ms
69ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSloCTCk2hW4GEikvNRYPjFMtHe3quZkjO9hyA__FP4MwLp5-OZjCkd5XuvtT_0HCfTZNU9nPS1KrPPSFFrLKVVwIwJFfiAvA

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 24 Aug 2023 02:17:00 GMT
Server: MT3 1031 59fd23a master ord ord-pixel-x51 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSloCTCk2hW4GEikvNRYPjFMtHe3quZkjO9hyA__FP4MwLp5-OZjCkd5XuvtT_0HCfTZNU9nPS1KrPPSFFrLKVVwIwJFfiAvA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 24 Aug 2023 02:16:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1668
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFVnShQ_KpNjjrPf4CWo61E&google_cver=1&google_push=AXcoOmRxSc4SDPYUwYOO083Y16MpyeIoJXNUmS4tk0i4F5oKFoT0Ei62vaeWwMVgJR-3gwYXIObof...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxSc4SDPYUwYOO083Y16MpyeIoJXNUmS4tk0i4F5oKFoT0Ei62vaeWwMVgJR-3gwYXIObofl7l4-07t8OVHiMOYRNvS1uwpw

170 B
188 B

64ms
64ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxSc4SDPYUwYOO083Y16MpyeIoJXNUmS4tk0i4F5oKFoT0Ei62vaeWwMVgJR-3gwYXIObofl7l4-07t8OVHiMOYRNvS1uwpw

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 24 Aug 2023 02:16:59 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EAA8FC9278F14464BB0DF46FAEBF7959 Ref B: EWR311000106017 Ref C: 2023-08-24T02:17:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmRxSc4SDPYUwYOO083Y16MpyeIoJXNUmS4tk0i4F5oKFoT0Ei62vaeWwMVgJR-3gwYXIObofl7l4-07t8OVHiMOYRNvS1uwpw
x-li-source-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDodK22XjsBF7/5IlmCQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1668
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEF35btYpba4g1fv-9s_tXGA&google_cver=1&google_push=AXcoOmTp17Cdo_05goLJS4IxIci9th5dsaeNDlV1CaCKnWai3a0Hkdc1p5W2l3CsmQML_0Dp3xU-JxKvrbg...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTp17Cdo_05goLJS4IxIci9th5dsaeNDlV1CaCKnWai3a0Hkdc1p5W2l3CsmQML_0Dp3xU-JxKvrbg6aQmbSwKj8wwhAenSpg

170 B
188 B

60ms
60ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTp17Cdo_05goLJS4IxIci9th5dsaeNDlV1CaCKnWai3a0Hkdc1p5W2l3CsmQML_0Dp3xU-JxKvrbg6aQmbSwKj8wwhAenSpg

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTp17Cdo_05goLJS4IxIci9th5dsaeNDlV1CaCKnWai3a0Hkdc1p5W2l3CsmQML_0Dp3xU-JxKvrbg6aQmbSwKj8wwhAenSpg
Date: Thu, 24 Aug 2023 02:17:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1668
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB-uac5r_ErmzJNebDDsXWM&google_cver=1&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU8uitKf...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEB-uac5r_ErmzJNebDDsXWM&google_cver=1&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU...
https://r.bidswitch.net/sync?bidswitch_ssp_id=google&bsw_custom_parameter=38d46868-8128-44ea-9bc1-752e59c6589b
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=38d46868-8128-44ea-9bc1-752e59c6589b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=38d46868-8128-44ea-9bc1-752e59c6589b&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=4cd65fc5-3f36-43eb-b839-4ce8c9e8899f%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&ttd_puid=4cd65fc5-3f36-43eb-b839-4ce8c9e8899f%2Chttps%253A%252F%252Fx.bidswitch.net%...
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=google&bsw_param=38d46868-8128-44ea-9bc1-752e59c6589b
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU8uitKfb7iP9I6S&google_hm=ONRoaIEoROqbwXUuWcZYmw==

170 B
188 B

207ms
207ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU8uitKfb7iP9I6S&google_hm=ONRoaIEoROqbwXUuWcZYmw==

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR9GsFIfW64YOFHagJ3R8H9POzVCXAsw4_J1nSyTWmWG2rnoyfhdKqJZDZPYL0ldm3kje93VJQe16e1gU8uitKfb7iP9I6S&google_hm=ONRoaIEoROqbwXUuWcZYmw==
Date: Thu, 24 Aug 2023 02:17:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1668
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED2RkRkcriQxHQd-EBdCCg0&google_cver=1&google_push=AXcoOmR6BFZBhkxVtWEu9VK2TKhK3HtZOvRR8ZudrE_wu_B4JSrR3TO0E...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmR6BFZBhkxVtWEu9VK2TKhK3HtZOvRR8ZudrE_wu_B4JSrR3TO0E5PyPMFdEOrFuWtHMD_h4CSkzPPifWv1f44MTHJgJSHR5P0&google_hm=QlMuODNmMy1hYzM...

170 B
188 B

70ms
70ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmR6BFZBhkxVtWEu9VK2TKhK3HtZOvRR8ZudrE_wu_B4JSrR3TO0E5PyPMFdEOrFuWtHMD_h4CSkzPPifWv1f44MTHJgJSHR5P0&google_hm=QlMuODNmMy1hYzM2LTQ3YjAtYTBhNw==

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmR6BFZBhkxVtWEu9VK2TKhK3HtZOvRR8ZudrE_wu_B4JSrR3TO0E5PyPMFdEOrFuWtHMD_h4CSkzPPifWv1f44MTHJgJSHR5P0&google_hm=QlMuODNmMy1hYzM2LTQ3YjAtYTBhNw==
Date: Thu, 24 Aug 2023 02:17:00 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 1668
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEEVX9InTN4tqutWNwm-_DCk?ext-param=AXcoOmS3MtwpQy0kchI3NWbbfJ5MprnMcDIYTq04A9Gjx9fXU1TlV_JcJKFB76U2hX3e-Djm_TteqCh_-jox9lEjXw68Eh6-iri1lA&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEEVX9InTN4tqutWNwm-_DCk?redir-setuniq=1&ext-param=AXcoOmS3MtwpQy0kchI3NWbbfJ5MprnMcDIYTq04A9Gjx9fXU1TlV_JcJKFB76U2hX3e-Djm_TteqCh_-jox9lEjXw68Eh6-iri1lA&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEVX9InTN4tqutWNwm-_DCk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

179ms
179ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 08 Aug 2024 02:17:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1668 0
40 B 83ms
55ms Image
text/html 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Len2U3U2SEo9G4awkkdUEi1L-RKfXPrJNzAoy0GiWyYTj_W5exBN4-7DezY3QyzGDuKBwkKwE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C002
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
59ms

Document
text/html

2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:00 GMT
expires: Thu, 24 Aug 2023 02:17:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EDA 37 KB
14 KB 49ms
47ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 79ms
50ms Preflight
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 02:17:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E50D 16 KB
16 KB 44ms
35ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:12:32 GMT
x-content-type-options: nosniff
age: 435868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 01:12:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E50D 15 KB
15 KB 41ms
32ms Font
font/woff2 2607:f8b0:4020:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 20:47:37 GMT
x-content-type-options: nosniff
age: 19763
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 20:47:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E50D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGhvom73mZNHVA7-ZiM0P66GVqA_kpc3BcuC13LbNEZOsqJ7jPhABII6H3o8BYMnujovApIwQoAGItd7cKcgBCagDAcgDywSqBLsBT9BwQBKiE5zcqykCpnoencxav7MC9x9fAZOWPIiGd9z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x336b65d6c6447a530000000000000000%22,%222%22:%220x2f21a96dcf21e0510000000000000000%22,%223%22:%220x2e901e...

0
0

57ms
56ms

Fetch
text/css

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x336b65d6c6447a530000000000000000%22,%222%22:%220x2f21a96dcf21e0510000000000000000%22,%223%22:%220x2e901e11bff190fd0000000000000000%22,%224%22:%220xe9603b7cab18bc4f0000000000000000%22,%225%22:%220xd046e1a41c0f298a0000000000000000%22},%22debug_key%22:%222501574575160686010%22,%22debug_reporting%22:true,%22destination%22:%22https://kingsgroupgames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200338568%22],%224%22:[%2208-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229891532229549883345%22}&andc=true

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x336b65d6c6447a530000000000000000","2":"0x2f21a96dcf21e0510000000000000000","3":"0x2e901e11bff190fd0000000000000000","4":"0xe9603b7cab18bc4f0000000000000000","5":"0xd046e1a41c0f298a0000000000000000"},"debug_key":"2501574575160686010","debug_reporting":true,"destination":"https://kingsgroupgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200338568"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"9891532229549883345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Aug 2023 02:17:00 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 24 Aug 2023 02:17:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x336b65d6c6447a530000000000000000","2":"0x2f21a96dcf21e0510000000000000000","3":"0x2e901e11bff190fd0000000000000000","4":"0xe9603b7cab18bc4f0000000000000000","5":"0xd046e1a41c0f298a0000000000000000"},"debug_key":"2501574575160686010","debug_reporting":true,"destination":"https://kingsgroupgames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200338568"],"4":["08-24"],"6":["true"]},"priority":"500","source_event_id":"9891532229549883345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EDD 37 KB
14 KB 81ms
80ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 86ms
85ms Preflight
text/html 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 02:17:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 1868 43 B
365 B 30ms
29ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 18 Aug 2024 02:17:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 1868 43 B
365 B 31ms
30ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 18 Aug 2024 02:17:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 1868 0
185 B 229ms
228ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H3

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 1868
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r

3 KB
1 KB

288ms
287ms

Script
text/html

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1f55600e58333fe772e636995888e91df62b346f08d4219de5072915f1f0e77c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: text/html; charset=utf-8
cache-control: no-store
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date: Thu, 24 Aug 2023 02:17:00 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=eIBNmCFHDNifHq6mnL3mZA&id=ida4mlvgiastit93r
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 140

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame C227 12 B
222 B 867ms
197ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:01 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame A16C
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

36ms
35ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5922
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjM5c1jp6DRE%2F1rq4R7gW77%2BO7yACrlFtPzA4WqzGwZo8%2F3RUjWoRJ%2FguE6%2F%2Bjcc%2FfLqUoESlq8B1rHB%2Fvi%2FaC0LOcJ%2FGj1WjrlH3%2FzGcOxqFdwO5aZ%2FwE8IlExzm7b4n1oUtnk9R2UJ5dJeuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb818b36c924bbb-BUF

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 gcm
gocm.c.appier.net/ Frame A16C 42 B
350 B 328ms
328ms Image
image/gif 172.104.70.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 24 Aug 2023 02:17:00 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 597F 12 B
222 B 1048ms
389ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:01 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame 506A 42 B
350 B 318ms
318ms Image
image/gif 172.104.70.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 24 Aug 2023 02:17:00 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 506A
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

222ms
222ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5922
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5ZZQCspo3bB3iIVSDCsAAnRObYdFpAQmvGnHwpS5Ys%2F3yf77T4afiXUqTUllx1YRDRrsuiGKyhuwgylZJsajJK5F9N6e9nDTqxdm6yEZcNW1ga9MMj3ouUZym25mKopTW2JqhWDE8NjXAde4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb818b37c934bbb-BUF

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 30B0 12 B
223 B 843ms
196ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:01 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H2 200 gcm
gocm.c.appier.net/ Frame 4AA2 42 B
350 B 307ms
307ms Image
image/gif 172.104.70.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 24 Aug 2023 02:17:00 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 4AA2
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

247ms
247ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5922
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9QnvRq5crJ%2FB42lUk5RcGZnnH%2BCWmNEEarKY4I%2BrwRx110JjLD4BgrOdRllosJp4KLnte59wtRUDM9lTzl4h4AegiX9O3XwavgCIlRzMMPqZf8YhNMKNkiRiOC9rg3Z53Xv46me305Pm5q6XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb818b37c944bbb-BUF

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame A16C 975 B
762 B 35ms
35ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5035
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2B4S7SfmmDPyu4GTXxYMfVVJ1XqHFJJ5v4ArWP20rIUL1lkDarROOm%2Fibn6es%2BH6porEglBbisYBehaPOjIb9lHcIZQ40HgCBpvOsQrw5IMyzmRZmLBvGBIS4TfTqPWKECX1KcuR3C51uZeO%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb818b4ec9d4bbb-BUF

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame A16C 46 B
485 B 189ms
32ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 86e84307e71be0bee507b94a2f72717cb0b55611557ba5411db202109adf92a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame A16C 3 KB
2 KB 224ms
96ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.46103481746583896&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5541f0d7331121ef9745617580cb08e1640d2f184e19ff3c8d7208bdaf9f168f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Transfer-Encoding: chunked
X-SspId: 5ab23481-88dd-3545-9e21-d555b8587ca3
Connection: close
X-Width: 728
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 506A 975 B
762 B 36ms
35ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5035
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgW2gQVPKzS5K%2BWQ87CPBLt3ASwwj6DF2eV955Y1NSQQoX30sGAatMwvszK%2FBdABb%2B6hOUGGgzFySGNtFvBegvQrjK095whBiFtBLpcZOYgWgIlyqR%2FIN6scrP189IHp1yRxDKV9u6L1reyJFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb818b50c9e4bbb-BUF

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 506A 46 B
485 B 179ms
31ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 86e84307e71be0bee507b94a2f72717cb0b55611557ba5411db202109adf92a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 506A 3 KB
2 KB 208ms
93ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6648984265801836&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 41e15d20c612a399661886f62b4aa8dde978b0ee52d8b81915b5b0a9b123da77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Transfer-Encoding: chunked
X-SspId: 5ab23481-88dd-3545-9e21-d555b8587ca3
Connection: close
X-Width: 728
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 4AA2 975 B
762 B 98ms
97ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5035
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDfdMHdJTaJJUVVw2OBV6nmyvwn1lpSO%2FHQG7yYZLF8K83zPK41TbUGETqxI1KTEHXjFB3RlVR%2Fc5ZXe49lKbKu03e4d52vxoQMol%2Fzo6zyR8bIXgcw95%2BSrlalk74HGiHM2O3WNysm6V7r9Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb818b52c9f4bbb-BUF

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 4AA2 46 B
485 B 195ms
44ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 86e84307e71be0bee507b94a2f72717cb0b55611557ba5411db202109adf92a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 4AA2 3 KB
2 KB 186ms
77ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9353397323486172&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7ca8c3e024af46a80d808a6976dcb662de483763ddb3e55bbc277dca33f37aad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Transfer-Encoding: chunked
X-SspId: 5ab23481-88dd-3545-9e21-d555b8587ca3
Connection: close
X-Width: 728
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame EA6B 714 B
741 B 34ms
34ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5035
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb818b6ecad4bbb-BUF
content-encoding: br
content-type: text/html
date: Thu, 24 Aug 2023 02:17:01 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8ufNpVBnIu9JM4xoYpx21UHmsz2OVsTM4Yvb4m2j2f2xh2iTuhc9Gr3hc4Xn3bj6VmrkNvOdPAIkUNSW725VriaigJtK8SqMct32IuSFAaF27CoC3bnr5GVg9fsYTtmMFGkUE8FPHUOt8PC%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AF00
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

97ms
26ms

Document
text/html

104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 02:17:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 24 Aug 2023 02:17:01 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame A16C 35 B
384 B 104ms
43ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 0F7E 714 B
748 B 35ms
35ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5035
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb818b6ecae4bbb-BUF
content-encoding: br
content-type: text/html
date: Thu, 24 Aug 2023 02:17:01 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5XTWzPXc2j15ZQoFhr47SbijZwuFO3G%2BlBihSMFfbQcUe8rQLSPd21UVgKrsu34mIZ1NFfUjwkBT0oLWzbrkLFFHVguzp3J%2F4ieBLzG3K6%2FnNIOo56DShZ5LMohBlyTWTD63%2FR0E1DJ2YRmDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 506A 35 B
384 B 118ms
43ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0F7E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

98ms
26ms

Document
text/html

104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 02:17:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 24 Aug 2023 02:17:01 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame B64E 128 KB
41 KB 38ms
38ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:17:01 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F905 714 B
746 B 37ms
37ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5035
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb818b6ecaf4bbb-BUF
content-encoding: br
content-type: text/html
date: Thu, 24 Aug 2023 02:17:01 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFwGU1dAGna37g8zQt1ydwWajhnZ0LIlmxRgpAeRw3%2BN4DeY7eDv42EDW2jhoGAhnwsD6ALSUA3%2FS7LxbBbDdK9X%2FMFDQyypIRrksIzNWMRO4IebMMwtcdBwexRNduJ39uhSMTenKBSZ2yinxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 4AA2 35 B
384 B 111ms
35ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 968E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

99ms
28ms

Document
text/html

104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 02:17:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 24 Aug 2023 02:17:01 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame A88F 128 KB
41 KB 41ms
40ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:17:01 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 3BEE 128 KB
41 KB 44ms
44ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:17:01 GMT

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 1868 12 B
222 B 392ms
389ms XHR
application/json 34.81.191.174
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Requested by

Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.81.191.174 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

174.191.81.34.bc.googleusercontent.com

Software

Resource Hash

ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:01 GMT
access-control-expose-headers
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 12
content-type: application/json; charset=utf-8

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame B8E3
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

36ms
36ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5923
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BzFg34ChEs1csxJ8oS7oV6E3fkffNM2%2BuFgTZxCprZXka%2Bjb4y02%2BFvO9JxG0Wc36VrpPkjpTaMbrnc3QFVclZqhz2NN3MBNog3%2FmCXWn8lLfGJdIeeFOjMTUcQ1SAMbnVr3WhAsgezpMyN9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb818b7acb44bbb-BUF

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 gcm
gocm.c.appier.net/ Frame B8E3 42 B
350 B 186ms
185ms Image
image/gif 172.104.70.67
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.70.67 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1680-67.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 24 Aug 2023 02:17:01 GMT
cache-control: no-store
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C60A 15 KB
6 KB 36ms
36ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 1462718
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A88F 3 KB
2 KB 67ms
67ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&bundle=0yhlDV9VQW51RHF0RTlmR20wVWd5alFnZE4zYUJMcCUyRkhpRjZ0bkxTRVNmN2s0V0xXSE9wa2wwaWRPTWExb1hsellWVW1DZG5MaGhUVjZUQmlZTWVzUmR6QklQU21XUnhwNTF6c1FudjVwVkhHVVROT1o2YUdSS2pUY2d0UjJnZSUyRkVoamFaeGhjSDYzSkM5ZnVSdnFoNTNGJTJCUEElM0QlM0Q&cb=52284578192

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

99823cbdf1f0e2ff7ee0669ccc5efba70f9b79fa36d4eabc8031f2bd78d2aa11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3CD3 15 KB
6 KB 35ms
35ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 939783
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame B64E 3 KB
2 KB 44ms
44ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

05483c3321220f804854eca17db1220189874b5e1752453ea096b160b6dc2e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8671 15 KB
6 KB 34ms
34ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1901482
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3BEE 3 KB
2 KB 189ms
188ms XHR
application/json 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d5e75257334e984dfcef9830aa2ebee333e31d3b914d7d53cf3442e300fe4fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EA6B 97 KB
28 KB 95ms
94ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ba81cd2150a1838b3ec68248f6cab7225aea0ab25edd547f0c97eb3553a57f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28701
x-xss-protection: 0
server: cafe
etag: 133 / 19593 / 31077296 / config-hash: 7318857149872976337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:17:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0F7E 98 KB
28 KB 147ms
147ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8d59772a54b68296b892f12c676e1b20f682466dc331771448ff2e41c066d14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28920
x-xss-protection: 0
server: cafe
etag: 613 / 19593 / m202308170101 / config-hash: 7318857149872976337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:17:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F905 98 KB
28 KB 170ms
170ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6a847324c10602a3916401d5b80f0c994d2ebe46cd932f8f8dc278678ba5e583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28921
x-xss-protection: 0
server: cafe
etag: 595 / 19593 / m202308170101 / config-hash: 7318857149872976337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:17:01 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C60A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=0yhlDV9VQW51RHF0RTlmR20wVWd5alFnZE4zYUJMcCUyRkhpRjZ0bkxTRVNmN2s0V0xXSE9wa2wwaWRPTWEx...
https://mug.criteo.com/sid?cpp=5E_Uynw2UjNDRTdqbVE0OXQwWUdKTjc4MWoyUUc4bU1SVWFSNVhsa2pGdG9pNExXaEtTckhab1IzQTFPamhab1J0ak93aVRQR3F6OGxmeUhUdEhLbFo1bDZpRWZUWlVtUEd4em53c3REWG9ydHQ0M2NQZXdIamd5TXZmV3...

430 B
653 B

31ms
30ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5E_Uynw2UjNDRTdqbVE0OXQwWUdKTjc4MWoyUUc4bU1SVWFSNVhsa2pGdG9pNExXaEtTckhab1IzQTFPamhab1J0ak93aVRQR3F6OGxmeUhUdEhLbFo1bDZpRWZUWlVtUEd4em53c3REWG9ydHQ0M2NQZXdIamd5TXZmV3J0K2NlUXpTN0ZxY0syU2QvUXRpNWh0VmtZQktrWkFrMWcvSitpRTE5dXg1UWEzZDRLMW5QL2FaVjBkRXl1SzdKdmhaZ3hieURwOGxYbWdGbzBGblBMNVpQV21mTUhxcDkvRzF5TmRLVHIraXE5Y3VMNUdzVEdZK0FSK3pqSE00K0xXNEFyMS9uMEFnUTQ2YkFhRU1OclQ3dVdaSXBiQT09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8d0814e30ccc6696af1dc6a00f80574e1a8d1e599ebf71429f367792781c32d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1018684
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5E_Uynw2UjNDRTdqbVE0OXQwWUdKTjc4MWoyUUc4bU1SVWFSNVhsa2pGdG9pNExXaEtTckhab1IzQTFPamhab1J0ak93aVRQR3F6OGxmeUhUdEhLbFo1bDZpRWZUWlVtUEd4em53c3REWG9ydHQ0M2NQZXdIamd5TXZmV3J0K2NlUXpTN0ZxY0syU2QvUXRpNWh0VmtZQktrWkFrMWcvSitpRTE5dXg1UWEzZDRLMW5QL2FaVjBkRXl1SzdKdmhaZ3hieURwOGxYbWdGbzBGblBMNVpQV21mTUhxcDkvRzF5TmRLVHIraXE5Y3VMNUdzVEdZK0FSK3pqSE00K0xXNEFyMS9uMEFnUTQ2YkFhRU1OclQ3dVdaSXBiQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 582940
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3CD3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=0yhlDV9VQW51RHF0RTlmR20wVWd5alFnZE4zYUJMcCUyRkhpRjZ0bkxTRVNmN2s0V0xXSE9wa2wwaWRPTWEx...
https://mug.criteo.com/sid?cpp=c5PQZXx6VEs2ZUpTcUdub3kzQnd4NzBOQWJ3MTlBdTZ4U0FnODI3Y2JpU29BMWdTYjFuTHpCN0Q3cVovRW9ia3NxaG5FS2d6YjMrUHVKZ01pL1FlMGRxYzBwaGtaY2N5SjNzVzlUK1U2RTBYNHlKbWdtYm1SWHBSTTRHUT...

422 B
648 B

30ms
30ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=c5PQZXx6VEs2ZUpTcUdub3kzQnd4NzBOQWJ3MTlBdTZ4U0FnODI3Y2JpU29BMWdTYjFuTHpCN0Q3cVovRW9ia3NxaG5FS2d6YjMrUHVKZ01pL1FlMGRxYzBwaGtaY2N5SjNzVzlUK1U2RTBYNHlKbWdtYm1SWHBSTTRHUTkyWUZtTm8rZWRpSGV2MURQbWE2dW15U0Y2algrZG9ZbWhMaC9tZ3RKaUg1d3NnNm4rYktoM0NlQzY2NlpadGp5UDhMeXExVVNzMTk0SVBJVDhNeUlpZGVzNExaM0lhZnpsRkN6aDFOZm11N21COXoxTEhBZFhCNE5semkySWNkZG1KTVlML2l0OFpCVllUZGRxS1UralkyZVhRQzFNZz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

f2227e4ecfe11639fe09be14c441b217c8baa4c1652f33b434a4df5b3702caa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1273256
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=c5PQZXx6VEs2ZUpTcUdub3kzQnd4NzBOQWJ3MTlBdTZ4U0FnODI3Y2JpU29BMWdTYjFuTHpCN0Q3cVovRW9ia3NxaG5FS2d6YjMrUHVKZ01pL1FlMGRxYzBwaGtaY2N5SjNzVzlUK1U2RTBYNHlKbWdtYm1SWHBSTTRHUTkyWUZtTm8rZWRpSGV2MURQbWE2dW15U0Y2algrZG9ZbWhMaC9tZ3RKaUg1d3NnNm4rYktoM0NlQzY2NlpadGp5UDhMeXExVVNzMTk0SVBJVDhNeUlpZGVzNExaM0lhZnpsRkN6aDFOZm11N21COXoxTEhBZFhCNE5semkySWNkZG1KTVlML2l0OFpCVllUZGRxS1UralkyZVhRQzFNZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 517464
content-length: 0
expires: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame B64E 0
185 B 32ms
32ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ Frame A88F 0
185 B 34ms
34ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8671
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=0yhlDV9VQW51RHF0RTlmR20wVWd5alFnZE4zYUJMcCUyRkhpRjZ0bkxTRVNmN2s0V0xXSE9wa2wwaWRPTWEx...
https://mug.criteo.com/sid?cpp=q6TzwnwxcW1mdmhDd3V6TzlYUUhtUDJSR00wV3hQdUFIc2lpbDZYYUc4aWl5eXhJK3JaTHdJU1JRWi9YSXMyOFA2WE9KQ0VPYWpxUnF4N1NPbzRzZnRuTGk4RlduWE0zN3NaSGZnR3BDTUFQYjNnNGw2VzBTZEIxRkM0b0...

419 B
650 B

32ms
31ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=q6TzwnwxcW1mdmhDd3V6TzlYUUhtUDJSR00wV3hQdUFIc2lpbDZYYUc4aWl5eXhJK3JaTHdJU1JRWi9YSXMyOFA2WE9KQ0VPYWpxUnF4N1NPbzRzZnRuTGk4RlduWE0zN3NaSGZnR3BDTUFQYjNnNGw2VzBTZEIxRkM0b09JM1IydmszTEJrUjRXQzV0bUluQzJrWFQrRG12QjBKQ1hMZUY5T3crR0pLZDgvZWY4Tml1TzhVRTkzSEJBSTQwaVM1L1BEaW9WeVgwNWhaZm5FN0NiU2lSaVdPVE9NQlFhVTdldGV5SHFSZGhmSzd0SnRSMjEzUXdwdDNOcW9nVHRoeldUZEF0YlYxeWVQMGhKbTVqUGY2Zzc0cWJJZz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4a6260c49284d3889ad5745d71f9cafb4a171237baf84e13d62dea7c2eaa7d2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1566628
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=q6TzwnwxcW1mdmhDd3V6TzlYUUhtUDJSR00wV3hQdUFIc2lpbDZYYUc4aWl5eXhJK3JaTHdJU1JRWi9YSXMyOFA2WE9KQ0VPYWpxUnF4N1NPbzRzZnRuTGk4RlduWE0zN3NaSGZnR3BDTUFQYjNnNGw2VzBTZEIxRkM0b09JM1IydmszTEJrUjRXQzV0bUluQzJrWFQrRG12QjBKQ1hMZUY5T3crR0pLZDgvZWY4Tml1TzhVRTkzSEJBSTQwaVM1L1BEaW9WeVgwNWhaZm5FN0NiU2lSaVdPVE9NQlFhVTdldGV5SHFSZGhmSzd0SnRSMjEzUXdwdDNOcW9nVHRoeldUZEF0YlYxeWVQMGhKbTVqUGY2Zzc0cWJJZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 287909
content-length: 0
expires: 0

GET
H2

200

ajs.php Show response
ads.us.criteo.com/delivery/r/ Frame D1F2
Redirect Chain

https://cat.va.us.criteo.com/tpd?dd=tNPjJV9Vc2VyNjZ1dDlXaHN5WDVIVkhoenk1ZiUyQmRBdXZYOXp0alBsOWZ0dDJib1E5d2F5dUVPdmNTcWtBMDgyWTllOXAlMkZLT2R6aGFiMzVrMEVzdk5nbG56TXl0Y3JGS1Y2cVpUMzhaY2lzTVdSNGNtdjhYJ...
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8...

53 KB
20 KB

169ms
89ms

Script
text/javascript

2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUx7cYYNKc5mwzDfYx65qtWjArTqY6bmTLSkpZ3_y8vGT1Va94pgyY_us8ZTnzqL3zP5GjH5b__1j9UkaAYwFn1kOU37eGfn22WBnufDswq964cQKFlxEzR0dNlHg-ipJEx0n8SliFVkRnDMYceUhvvFpUL8y48YfwEtzoRxU-30J2b5LBb1_y6Gn83an-RdOD0di7qf6pSkgFroZ8oUZ_bRVx44r9bRE0lVAUOo33iXCytWa2NMctU9SDasC-DDmeUc-BN80optpYdL5khZeAA7etqVEvNlCGKKSXHV1ey3xhzgey32rE4np8MCXvsn63404_kJlOlRwXeEcsVyVxn627maMxwwt3W3RNmSvZhlHUC33vWZuc9MfS_EanNWj6v6QHU_ZgDH_VS3sOr5eAo8KPu2ouIdMk3pJbj-4TeQgisopkbdWRSAHMJKpl0jqU9qN0sOnko-WCFB4gS8vMSUi37yhI2Vsq8OTYHNXJXL43CeN5Gld5CKRSo8-Kxzv7aCa0uRapU-iZVoXJ-pXaMGxValljZ3jo

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b9e47eab6bd9bc07917a458f397f54c74f481c1726f115254039c74d6668e0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13292331
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
location: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUx7cYYNKc5mwzDfYx65qtWjArTqY6bmTLSkpZ3_y8vGT1Va94pgyY_us8ZTnzqL3zP5GjH5b__1j9UkaAYwFn1kOU37eGfn22WBnufDswq964cQKFlxEzR0dNlHg-ipJEx0n8SliFVkRnDMYceUhvvFpUL8y48YfwEtzoRxU-30J2b5LBb1_y6Gn83an-RdOD0di7qf6pSkgFroZ8oUZ_bRVx44r9bRE0lVAUOo33iXCytWa2NMctU9SDasC-DDmeUc-BN80optpYdL5khZeAA7etqVEvNlCGKKSXHV1ey3xhzgey32rE4np8MCXvsn63404_kJlOlRwXeEcsVyVxn627maMxwwt3W3RNmSvZhlHUC33vWZuc9MfS_EanNWj6v6QHU_ZgDH_VS3sOr5eAo8KPu2ouIdMk3pJbj-4TeQgisopkbdWRSAHMJKpl0jqU9qN0sOnko-WCFB4gS8vMSUi37yhI2Vsq8OTYHNXJXL43CeN5Gld5CKRSo8-Kxzv7aCa0uRapU-iZVoXJ-pXaMGxValljZ3jo
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 351350
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H/1.1 200
OK impr
us-east-ad-track.aralego.com/v1/cdb/ Frame B64E 35 B
258 B 147ms
33ms Image
image/gif 207.244.102.142
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-east-ad-track.aralego.com/v1/cdb/impr?iid=189eaf15-4f6d-4fd8-82f7-57f549fa7587&byr=572ede970349848769d6ae6e&impr=&cpm=0.0501091293990612
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.244.102.142 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: undefined
Date: Thu, 24 Aug 2023 02:17:01 GMT
Access-Control-Allow-Credentials: true
Connection: close
X-Powered-By: Express
Content-Length: 35
Content-Type: image/gif

GET
H2

200

ajs.php Show response
ads.us.criteo.com/delivery/r/ Frame 5BAC
Redirect Chain

https://cat.va.us.criteo.com/tpd?dd=RaVV4F9qaWpGWU9SMVZEeVJ3ZDg4UGhJenluUmtjalR5Sll5T3hIdTBPbWVSNGMwTnZsWGQyalR3JTJGcnp0Ykhmb1cyaTFxNExla0RTTWZUS3ltaW1sWERSbHJOUUJEejQlMkJSS0d3ZFlmU2JmMlR4eVhLTE9XS...
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8...

53 KB
20 KB

147ms
66ms

Script
text/javascript

2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBVKP1PRFIccJXzKY339pAlAXen2T_QFjHOk1-CkWvbhykypN23y2zTTD7Ad9snJ2nS312zpN0Xp_NtTfjJhEAx2bcCAZgTa0UWDu-52Xh5eLRWE5LGXhA_vfsvHl3QJilSEEMVIzF_jnRtxDFKj46nnJAeVIQ3UyU1lWPgaPTS9ZJb-NHQtNZrm5df2yg80oIafljhB4L9skwF6hfXarBr_esgTDoK9lkJ3PamHjJwf8CYnyhwzENKtE88x3Nz_XyReuyhiFz-YeqIiO2D7kgYUCBYJ4t0q8HBX25MDW0uZRQvd_dA69jXcTFWbYjoGs5vKsWPNItE6D_ZUbOXHr5CjmYzlDKrE7tijpU83bBT1snEoOjZ8JUGtJDEam4ieNnYGqUaXf1zH57Nn_tB4Kzs30tLqm2xpU5n8Q55a5I-98W5aSXoP9NGxzM9ivESrYEvwzRwM9_SV4TGQTuceHgaxTwmaoTKjQ1uh_c5JG2Oe02aQsnbzAiyvuaenVPa7KR1aaqCYJ3IBXbsbd3MWhoOThGPrD-Na1fcgeKjbzs4HjA

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e97b517ee951e27ca183317604c73dbfbb49f28d27cfb8200ebad5cbc1e6d513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9584992
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
location: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBVKP1PRFIccJXzKY339pAlAXen2T_QFjHOk1-CkWvbhykypN23y2zTTD7Ad9snJ2nS312zpN0Xp_NtTfjJhEAx2bcCAZgTa0UWDu-52Xh5eLRWE5LGXhA_vfsvHl3QJilSEEMVIzF_jnRtxDFKj46nnJAeVIQ3UyU1lWPgaPTS9ZJb-NHQtNZrm5df2yg80oIafljhB4L9skwF6hfXarBr_esgTDoK9lkJ3PamHjJwf8CYnyhwzENKtE88x3Nz_XyReuyhiFz-YeqIiO2D7kgYUCBYJ4t0q8HBX25MDW0uZRQvd_dA69jXcTFWbYjoGs5vKsWPNItE6D_ZUbOXHr5CjmYzlDKrE7tijpU83bBT1snEoOjZ8JUGtJDEam4ieNnYGqUaXf1zH57Nn_tB4Kzs30tLqm2xpU5n8Q55a5I-98W5aSXoP9NGxzM9ivESrYEvwzRwM9_SV4TGQTuceHgaxTwmaoTKjQ1uh_c5JG2Oe02aQsnbzAiyvuaenVPa7KR1aaqCYJ3IBXbsbd3MWhoOThGPrD-Na1fcgeKjbzs4HjA
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 530222
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H/1.1 200
OK impr
us-east-ad-track.aralego.com/v1/cdb/ Frame A88F 35 B
258 B 131ms
32ms Image
image/gif 207.244.102.142
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-east-ad-track.aralego.com/v1/cdb/impr?iid=b9b9100b-432d-4bce-a574-3b834d10c237&byr=572ede970349848769d6ae6e&impr=&cpm=0.0501091293990612
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.244.102.142 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: undefined
Date: Thu, 24 Aug 2023 02:17:01 GMT
Access-Control-Allow-Credentials: true
Connection: close
X-Powered-By: Express
Content-Length: 35
Content-Type: image/gif

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B8E3 975 B
770 B 35ms
35ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5036
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VERDssgI%2BwGojNb%2Fs5W%2FXfc%2F%2BJ5Byj8i%2BCG95fBovobIWrzaD8APKkeAMMrbJuL1U%2FYWnES92AlOuPhk6uSronXEeKiC5OLrWl%2FV8zpFEvXM3vBqFzfqmOKzogvEGMPUbD03eq%2F2f3tdNNJuGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb818b7fcb64bbb-BUF

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame B8E3 46 B
485 B 92ms
31ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?ucfUid=5ab23481-88dd-3545-9e21-d555b8587ca3&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 86e84307e71be0bee507b94a2f72717cb0b55611557ba5411db202109adf92a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame B8E3 3 KB
2 KB 137ms
76ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.545557511948237&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=5ab23481-88dd-3545-9e21-d555b8587ca3&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 4c3108dde36ee11584c4e3afb31d13b0d4a46f179512e35799e0d1fee305532f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
X-Height: 90
X-AdStyle: banner
Transfer-Encoding: chunked
X-SspId: 5ab23481-88dd-3545-9e21-d555b8587ca3
Connection: close
X-Width: 728
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://risu.io
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials: true
X-AdSource: CDB
X-Adtype: html

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/ Frame EA6B 403 KB
127 KB 35ms
34ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 11:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52549
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129871
x-xss-protection: 0
server: cafe
etag: 10423821264569162327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 11:41:12 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0F7E 34 KB
10 KB 28ms
27ms Script
text/html 104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33382
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:23 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AF00 34 KB
10 KB 46ms
45ms Script
text/html 104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33382
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:23 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 968E 34 KB
10 KB 26ms
26ms Script
text/html 104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33382
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:23 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame 0F7E 402 KB
127 KB 45ms
45ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50239
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 12:19:42 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 3BEE 0
185 B 36ms
35ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0F7E 284 B
921 B 152ms
39ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 636a4452fa95aad32992c06634d4089f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 968E 284 B
934 B 140ms
36ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: b9bd3ce43b0f5c29a708abe94979ac15
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F2C3 714 B
746 B 38ms
38ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
age: 5035
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb818b8acbb4bbb-BUF
content-encoding: br
content-type: text/html
date: Thu, 24 Aug 2023 02:17:01 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuxLzl95Efwli7mk3w0FixdTlfbgiWWCvKzRLS%2Fe2CtujVVs75Xn1DgqYj%2BMmbQemV51rtPmXQiSN0241DqE%2BLrXs6TGo49TvUSKTnDdeHiV191lPBRFBCjiFTLhrF%2Ff74DbDGfweoSIfMU3tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame B8E3 35 B
384 B 98ms
34ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1622
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

34ms
34ms

Document
text/html

104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 02:17:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 24 Aug 2023 02:17:01 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame F905 402 KB
127 KB 48ms
48ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50239
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 12:19:42 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame AF00 284 B
921 B 138ms
38ms Image
image/jpg 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 636a4452fa95aad32992c06634d4089f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F2C3 98 KB
28 KB 95ms
95ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7fdac102920b5ce661aa470d99f640ea168356a41b5e86b167061d0c502c5f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28928
x-xss-protection: 0
server: cafe
etag: 152 / 19593 / 31077271 / config-hash: 7318857149872976337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Aug 2023 02:17:01 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame BA7B 128 KB
41 KB 42ms
41ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:17:01 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1622 34 KB
10 KB 44ms
44ms Script
text/html 104.126.114.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.114.69 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-114-69.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Aug 2023 11:33:03 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33382
Connection: keep-alive
Content-Length: 10116
Expires: Thu, 24 Aug 2023 11:33:23 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EA6B 492 B
262 B 92ms
91ms XHR
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4369024524673245&correlator=161516009805031&eid=31077255%2C31077296%2C31075594&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692843421640&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=ycvbrlhop0bb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1523962857.1692843422&ga_sid=1692843422&ga_hid=783139544&ga_fc=false&dlt=1692843421305&idt=301&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1a3f938fa71d2bb9fc4a4f3b0a1c022080fec6db190c88b8b64788462493c60a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f894384d37fc5b93a5175da651041d2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C281 6 KB
3 KB 154ms
57ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f894384d37fc5b93a5175da651041d2a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:01 GMT
expires: Fri, 23 Aug 2024 02:17:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ajs.php Show response
ads.us.criteo.com/delivery/r/ Frame 70C9
Redirect Chain

https://cat.va.us.criteo.com/tpd?dd=4x3e9F8wQmg0TWNDRU1OWnlhdm1YeGVmZ3RhJTJGbWo4dyUyRkJWT1BXZkI0ZXh3QnVQcE1QU2VKZnNKV3NXOFUlMkJyOThvUUd1VGp4bVAyUzhwZHcxMk5CZ3hsY0l2aUljRE1JT1JzeklGeG1Zd3hrcHpDY1NZT...
https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8...

52 KB
20 KB

49ms
49ms

Script
text/javascript

2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUOiHrFqQVxi_LOUdeaDeNCiNIe8rTKRY5yUHTaWk_zt0JMErpX9OI2URWGnZ5UR0hoPVkRmUj1JN4A8GkBNBv8xcuIhdpLfCITaMPTzQV46AQNWgTQ6oDKUdU_skJxzOAIXWXvTXvlbnftdHn8qc1Z7KBdiYpT5WL6zNsrJ8SXMD4arjcWIqmreUempnDKqmUwG3tQJ7r3ok5liGTwvJpDxOVeUlxZ79FED6r5fHh-txl6U90sZs81sjg-nkYzQHryVUzNtBBLJF31WtMwWgId6-XL7OZfMJGTSyK2uAjz4i2gkfQzWIyQ9ExtVB2ifMCrMc2Y2KJ-v1AthEzl2wjSUosVQixhnUiZqemDhGoQLovgc6P9b0ZAF0MscWEciqxoNwKJ1rKsrhf2yJaYYJ63ZtOnFtIiqJiMtK98xReY96snxeamGmz4PsLRT2ojfpKkU-Dl8okzCGUHAnRIlb7PvihRIT1saOuaU0LcrIbVENZlPcgsQBMnHI1i_Osie3B1WtzFlH9CbiMA9T28gXLL1RqpKcHEMWy0t_eCYEsOyA

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b1cde5d7735829afde0598870c51c7207f9c947f7064915dc7fc322a08632fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5122510
pragma: no-cache
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
location: https://ads.us.criteo.com/delivery/r/ajs.php?u=%7c9U2clCyStSbUKEEYxWukpOmw3gZybWLutdrS31yU4Nw%3d%7c&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQbxWxI1zLrWADLkRcRzxwPee1Vw5xHMlQguTSg6d55aHL6yKbUrnx7LdMtwg0B8B4Lb7sl7WjcBUOiHrFqQVxi_LOUdeaDeNCiNIe8rTKRY5yUHTaWk_zt0JMErpX9OI2URWGnZ5UR0hoPVkRmUj1JN4A8GkBNBv8xcuIhdpLfCITaMPTzQV46AQNWgTQ6oDKUdU_skJxzOAIXWXvTXvlbnftdHn8qc1Z7KBdiYpT5WL6zNsrJ8SXMD4arjcWIqmreUempnDKqmUwG3tQJ7r3ok5liGTwvJpDxOVeUlxZ79FED6r5fHh-txl6U90sZs81sjg-nkYzQHryVUzNtBBLJF31WtMwWgId6-XL7OZfMJGTSyK2uAjz4i2gkfQzWIyQ9ExtVB2ifMCrMc2Y2KJ-v1AthEzl2wjSUosVQixhnUiZqemDhGoQLovgc6P9b0ZAF0MscWEciqxoNwKJ1rKsrhf2yJaYYJ63ZtOnFtIiqJiMtK98xReY96snxeamGmz4PsLRT2ojfpKkU-Dl8okzCGUHAnRIlb7PvihRIT1saOuaU0LcrIbVENZlPcgsQBMnHI1i_Osie3B1WtzFlH9CbiMA9T28gXLL1RqpKcHEMWy0t_eCYEsOyA
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 260037
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0

GET
H/1.1 200
OK impr
us-east-ad-track.aralego.com/v1/cdb/ Frame 3BEE 35 B
258 B 96ms
32ms Image
image/gif 207.244.102.142
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-east-ad-track.aralego.com/v1/cdb/impr?iid=d2e8a75e-c20d-4760-a3e7-a099b18cb7e3&byr=572ede970349848769d6ae6e&impr=&cpm=0.0501091293990612
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.244.102.142 Annandale, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: undefined
Date: Thu, 24 Aug 2023 02:17:01 GMT
Access-Control-Allow-Credentials: true
Connection: close
X-Powered-By: Express
Content-Length: 35
Content-Type: image/gif

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame 1622
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLOJ9JVE-X-BNW3
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT

35 B
266 B

96ms
33ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:01 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
Expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0F7E 491 B
262 B 88ms
88ms XHR
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1511243895911813&correlator=4169586893868764&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692843421727&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=zlcc457x560&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=269471190.1692843422&ga_sid=1692843422&ga_hid=633569794&ga_fc=false&dlt=1692843421308&idt=394&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

544a824d5c2de09319750435d5d9d001ef1b5be51bac958814ec686573cf72f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fc01e27960353dff309e337bc043693e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDB6 6 KB
3 KB 69ms
57ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc01e27960353dff309e337bc043693e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:01 GMT
expires: Fri, 23 Aug 2024 02:17:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame 61E5 6 KB
3 KB 106ms
33ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9d8de7d01f1a13a91371d95a45&r=https%3a%2f%2frisu.io%2f&crossorigin=false

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d6928dd27077e7736a13a9a4c95a3c4049d551bacfdb1f09c24f40ceb361d433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 24 Aug 2023 02:17:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 3250527
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

POST
H2 200 all
csm.us.criteo.net/ Frame DC0A 0
128 B 100ms
31ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=xJ18QOPaLlMiPHPDDi2yAnyV759WawNTfzNWtrGlBvD6q-vNwScYvP_M-iVbmSDaCyo30csZsz0WNS8XZ5GQO73PUe9l3vzwPiLqkEtwPcHEqDCVO0eXpBvxjcMUNjwoQJcgrFu9SK5sw4O__ZUczWa1oUVUckDiwcrdPYYEslZ8RSJsdhSNinyV-4P-zR_VwrW4OZIrYtR6dgBLzkZwoqIks-q5f_SxxKSE0SayVF8I4G1EUZIJMQ_vCvg&sds=2&rev=88100&sendBeacon=true

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DC0A 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame DC0A 2 KB
1 KB 42ms
40ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DC0A 308 B
636 B 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DC0A 293 B
621 B 41ms
40ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame DC0A 43 B
347 B 34ms
33ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=R0q95fBJ7coScDUmyQnLja6P3gSByQ1jtqmm-BbCC-6Q5PhvkXVboWh9ZXdt_MxAQ_gz_9plximNz8hRNEoo1BTY7o5b0u3KM20qrU2QKu0eK2kNUY4xAULYa8agAY2IjydBgQTEwT3wJ-C0rEH6PbMW5-Hl6zTf-aXdLBPFBAox58Nk_J6OR1e9NqVdeAyv8bviVeVlLmNb2y2fy0euk5us2471nj7C4GTcHdzUndzAAraC65uc2jaSMjLVY55ocZoziYqOfKHUQ6uqnB3gmdup2e1Y_z07zduBWHH3pkO0QByhAyFEq0pXHE1SBzkCblWAhWPuRQL-06oSNozX4cDqnFoxelNOVx9xAU4UbJzp9011d4Oez6R65MZhEJiR3PN8Ilw9V3ruDUcVQalGddvXZkAfC0mYVid2jLAFFHAbkc0WrHLqQvjCdm2ll5aV9bURlw

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3634165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg
static.criteo.net/design/dt/94147/4762382/ Frame DC0A 75 KB
76 KB 33ms
32ms Image
image/jpeg 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/94147/4762382/d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a8d266bd73470a02cc1410aa3dd29da9d49131f729c0a22de7e0a70ca7d4e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 01 Jun 2023 20:19:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6478fd40-12d81"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77185
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DC0A 2 KB
1 KB 39ms
39ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DC0A 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D224 15 KB
6 KB 39ms
37ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 940634
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame BA7B 0
185 B 48ms
48ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&bundle=2slzIl9VQW51RHF0RTlmR20wVWd5alFnZE56MVh1Y3BLa1owcFdIcmFBTUJiUWpjd3JxcVVOS3FVVkZuTmxLaE9mSTh1ZnlybktuQVhNeHFjZlNTNHJIRzglMkYzNnhXa0lzMHdPdHJlSGp3dDFZcDM0UzJjSmZ5Uzl3Q00xZk8xSVUlMkJUVU1CSXZPUGFBV2tIOGp6am9DZzVjQ253JTNEJTNE&cb=28982432692

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame 968E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLOJ9JW4-S-MBJT
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT

35 B
266 B

98ms
33ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:02 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLOJ9JW4-S-MBJT
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
Expires: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 93C7 2 KB
1 KB 35ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: cat.va.us.criteo.com
URL: https://cat.va.us.criteo.com/tpd?dd=tNPjJV9Vc2VyNjZ1dDlXaHN5WDVIVkhoenk1ZiUyQmRBdXZYOXp0alBsOWZ0dDJib1E5d2F5dUVPdmNTcWtBMDgyWTllOXAlMkZLT2R6aGFiMzVrMEVzdk5nbG56TXl0Y3JGS1Y2cVpUMzhaY2lzTVdSNGNtdjhYJTJCWUl5dEJRZiUyRlVlWUFCTWs1NWYxRlljb1BwUE1UVTRQa0duTmdwNVJMcjlRS3RlemcxRWdFQ0tpQTBVaUdVbHlNR09XRDgxUU5IeFd6JTJCb25Cb3AyTWc1QnpkSXpkOGFDdzJWM1dYZEt4Mmp3aXU3bjhtd09WUThRWUlZZEdHYXIxSkx1ZzJXd0NhSko3M09sUWRCN3Y5Tm1GVTlQNjlDOSUyRnYyMWRZY0luZUV2cVRUN0ExMllaekQyU0dhQVMlMkIyd3YlMkZVNCUyQiUyRmZHJTJGamN5Sjh0dFhicmoySFVwUmxxOUZqVVRuR0RDJTJCbEpSRUh2VyUyRnZWOUxaQXdGUlB6Q1BSb1MlMkJNVXF0OEhuNDFET3FaRWRDY2JTYkxmZjFya2NlM2tVJTJGV1luNWMlMkJwOTJmWmdOalBtSWV5ZUJtZ2lGOU9tJTJCUVl2eUZOSmQ0RVYlMkI4ZldJNSUyQllIVFhLRWVFOFlzWHNVN1pzekZLRWVxWnQ3Y2xpUjhoQkN6eSUyRlA2WXdKN2dtNkxIJTJCVGlqcTJpTWtTYkNuJTJCSnY0MGREZVJ5Z2pNTjdqT3dWeTVHZ0F4M3hFZk9sRTc2YXJPQzlyMSUyRmlnR2JyTkk0eTBHbXlaWVVGdzJnaVduYTh1aG5jOE1tU1JBQyUyRnJNMEklMkZnJTJCMCUyQiUyRkJVU0k1MWQzakY5TDc2c0tTUktmTHR3a0pYemw3ZFRLUWhpMW13UTFpQVFlQnBKVzZ1VnVLc2lvdWdGd3NZY3lENFpEaDV6cTBJd0x3OFdKYXJPZUhUV0d0Q3Q0cTF5QkhzeVplWlVnQXR5QTBHT1NuNm43QUd4T0xMeDM2RjRucHJSV2R5cE5raVVzQjVGUnlCTGdwS1FoZ2xYYmtUQjhxOVY5c0Q2NUJFTXRWMTVTZ0ZmMnhya09yd2JVMWxGaHB2elBHRUZZZUhtbnc3M2doMVRtNHJPdWFqakx4cnlzJTJGQUs2VTBqamlheDJxRXI0SGtvQ21udGRZTmFES3VSb01UTVhVQVNwc3QxRFc5WTJxMFhnd2dnQSUyQnk4WWhuaVo0bGJKTGpucDFGRksxJTJCQTdlNFMycmkzcDhRd3YyVjNBbm16UEpiSmElMkY4eVVWUmlnTHNpWmNiaVN3dUF1cHFtbWVJdkdvdEx4QjUxUE1GRFJaVjJMNlFzdG9ENU9OMTg1SVdlN1JOZzMyS25UJTJGckJza1oweUI1bUxWc2N5SFhmcGlqMiUyQngzQ09GaHBKMmxtM3A4cjBVRlpsWEpuRmZSTExYQ2Y1JTJCOTRMSUJiWklRREZoQWdTVTlkS1Ywdmdna1owZ2Z3Qk9LcDB6NHklMkJnYWd4azk5RDQwSmF4R2hCeDhqRTQxWWJlcWlJblRBQ3g5JTJGSGE4MG9oZ2UlMkJNc3lHUiUyRnB2eUhCWDl3WWhVaGptVFFuNWFVVGpzWnpqemNEa1pNUkN0Q0dDN0JXeEI3NjR1T0hwN1RLRmxPaGJGajREeiUyRnQ5TEp6YXJFTm9NZ1FHcEdOYVhsSXdHYWN4JTJGNkw1JTJGNXg0TERCYmFGQVlnMzFpSGpVUE5DblljMUpiU0dEWW93VmdWdG5HeHgwcWN5eFRoWlkyckszVkg5VjJpaHBKTWtJSHI4Q21VSFNoJTJGc29zeWViUGhheHM4eXF2V1Q2MERNcyUyRiUyRkRpTnlLdG45WWR6c1NBRTFKUDhmdENkaTR3blg1SThZdThzSDAza0hFVWREQVYzcXZFNk5nYkFvVkdZN1hUdmJCYVdod2R5NFo0OUZmMXNxWmdWN1ROaGJxQm5xNFpEUE1DcXY4JTJGN3JJU0piU2V6Q2wlMkZMJTJCa09sTDZ6MmtCc0N1TDF2cUFXYnBMQ1FWNThKQUthJTJCQ2xwbkpRZ1dCSnVSUnMxSCUyRnYlMkJjdjhGRTIlMkY3N3U3TDN3ciUyQjZVJTNE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 93C7 2 KB
1 KB 34ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 93C7 308 B
636 B 35ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 93C7 293 B
621 B 35ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame 7A8D 6 KB
3 KB 36ms
34ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4f6457544fbd104768db75306a1b1f86f995e8dc1c9510fa76aa5d511dd76dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 24 Aug 2023 02:17:01 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 3440738
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg
static.criteo.net/design/dt/94147/4762382/ Frame 93C7 75 KB
76 KB 35ms
32ms Image
image/jpeg 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/94147/4762382/d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a8d266bd73470a02cc1410aa3dd29da9d49131f729c0a22de7e0a70ca7d4e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 01 Jun 2023 20:19:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6478fd40-12d81"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77185
expires: Sun, 18 Aug 2024 02:17:01 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 93C7 0
127 B 32ms
32ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=tT006ePaLlMiPHPDBIfCw75BAutCOVTYAABBjnO80D9IVEp74Vmx_ry7b5KdoY6DVqm84ELO4fhXr8RTu1R4XJAUaBl-dbLrCwIJ_0CLxu6hvHojqPlIQeB8wLuC6YXxsxrW5ZHGFiZ2tzWbY8kesLAoAExcnVwdCS8oCc-PmvNWyaIgGGezo_yOzUV7y-D4vP6MaD1Cz5c1N4uh6gcKhp_K3sv3uvH1AnRRA9a97L0R4Ni-BXm4JkYbRfU8GQamDWq5tQ&sds=2&rev=88100&sendBeacon=true

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 93C7 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 93C7 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 93C7 43 B
347 B 31ms
30ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=x5dmA_BJ7coScDUmyQnLja6P3gTLgvz0_GlPHzp_2Ft8CZQYs4KnwKcQ43HwpdGPf7ZYOWiP_1WQm9hbi7ILuzgKBRuNzZztY0Z1PDiwdGLp4QLpW4fZtSnDOfLdFPmnGvwXQcdaH-HjDRb6NyaRdnpGFU0kZe3TRQ9OO2_cvRgbhmXmkihFtyonLgw2ufmikJ4HRdNqxwowXZ_5_BnOoYpH517eIrPOc3JaybT1RzCfeNLllT6UsUcYcL8gUDmbS5R8Kmtv4LaYF9tvbWBtE6TbWDB836xb4w5U-MW0FQYA7sunQ4Ox3DrRypx01h4Vsyw1LfDIV2Mdaq188H_NqMTq3O9rLScWub07RgzjmzSTyC_HS1sCK5W7RDsjV1Tz-deIvYLxthSrnmMDLWyno-sy-uNSq_Fhx_I6WxB4UZZAhFZkrPiKxMyC3PzvsbVYT1RrpiIQiT2U15eTTAQYRy-GFHE

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2011310
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F905 492 B
265 B 88ms
87ms XHR
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1544939008770719&correlator=3840532354124440&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692843421856&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=h8oel7ons9hf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1014614625.1692843422&ga_sid=1692843422&ga_hid=1052102395&ga_fc=false&dlt=1692843421311&idt=533&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ed366cbf649bb6dcef9922c1c1c92d8fd8098992c18082e4b5b3dd75e78f7030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
97a2460711f7e17c8d36d1d6f2900aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ABFA 6 KB
3 KB 74ms
54ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97a2460711f7e17c8d36d1d6f2900aaf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:01 GMT
expires: Fri, 23 Aug 2024 02:17:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame BA7B 0
185 B 32ms
31ms Ping
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://risu.io
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame BA7B 43 B
365 B 29ms
29ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame BA7B 43 B
365 B 30ms
30ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame F2C3 402 KB
127 KB 35ms
34ms Script
text/javascript 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 10:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56222
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 10:39:59 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1397 2 KB
1 KB 34ms
30ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: cat.va.us.criteo.com
URL: https://cat.va.us.criteo.com/tpd?dd=4x3e9F8wQmg0TWNDRU1OWnlhdm1YeGVmZ3RhJTJGbWo4dyUyRkJWT1BXZkI0ZXh3QnVQcE1QU2VKZnNKV3NXOFUlMkJyOThvUUd1VGp4bVAyUzhwZHcxMk5CZ3hsY0l2aUljRE1JT1JzeklGeG1Zd3hrcHpDY1NZT2hPSmhaMlhUY3dMWXNQR05wNkRwd2tFalFNNTY4c1pPRm4yUTR3b3MxZiUyQlpyellMNjF4NEpEY3pzTW8zaiUyRjZnVjVMc3BYTmVPcSUyRkhFYiUyQnVHOG1tJTJCMTRXejNZTXM0eWdRek54dm5CWGI2V0xuRiUyQmdISjF0YnQ2cmRwTWxGb3BWeVNEUXE5eUIlMkZoSTZOckpPcFFvb3FGQVhLaUpKc09CJTJGNUs3SzdnWkFQeDg1dFJ2UUhLMDJocVAyTCUyRjd1SUJ0M2U1V0ptWmJVOTRJTERHN1VCeGNQYlZqalBTWUJUb2s4MEJTdGZEaGUlMkJLJTJGZ3dvOGRzbSUyRmxHelVHbFFvZWQ3UTBBZiUyRjFGODRKWElNUnJKR2lXVndpMkJZUkZPdEdoSiUyQjlveHcwOTY5NlZUMVoxMjhobVdyV1pkVEE2Vk1CJTJGdkhTOWQ4alZTVVJVWXhuVzJCJTJGU1hNa2tHcDNHUXdZVDR3bHhNU3clMkJBbTJzdWRVSHZ6cyUyRlY2Z3ZGZEclMkJYNGElMkZEb2lUMERKNTNwcFNhTnZHcUdvZWlBM1E1QnNpSjBHMlpVJTJGaWxibGlDNGN0eTYzU1ElMkZ0THdJU2wxOTJITzlna0ltWmllWXI0UWx3YXclMkJ4VFloMjlidDRFcTBmQmNOQmJHWnpqY3BxWVpKaEZtck9kUzJ4bVNTN0ZleUlsdzRmYSUyRkhqM1RXcmd3aExJNVFDMlpFNEJmV1M2S3olMkI3a0FjdWt0SzJXV0FIanlhT0wyNlB1Qkg2UElLWGtGNGNyMFE2c1FIZiUyRkhKJTJGcHVFSnRzb3Y3MzdXV2ROMiUyQm1jeUE0emRzMGVvUVNlSHZqSmxsQk1IbjVmVVBLaUkwZXBZQUpNdWdWM1h2SnhHd2VuMUQlMkIlMkZmSGxrZmlFQUgyUmhNTWQyUXJwampqbkpIRHN3Sm5sQkpPbyUyRmFsJTJCeThTVHVJbUllQmFGV0hBUmNQbXV5enZaa3gxZlJsbzJPNSUyQjZWTCUyQk5Cd2REZzVidVZudWN4dEpkMU80MDJGU1hjTHBUb09sQjFVakZkUyUyQlVuNTclMkY2TmJwQlRBd2U3WGluT25hYUVvMXF3UDIwUHcxcWgyMlVWdWdQd1olMkJUWmNEWnRJMlJxNjFxMFBCcyUyQkZha1lER25tWiUyRm9tSTJwWE5RemYlMkI5R2F3Q2hQOTBZQ25nanh5NEZnd2R0NCUyRmJmODR2OGlKNHRFRlE0VVhVTFElMkZlZGhKT1FiN0dCVXA5N2RYUnpUd2pZTHUwYWh4TDlsVUpnaHRrMlMzelZseEY5JTJGNXJHU3NreEtJdGdrUSUyQmRKWSUyQkRubXIwRm4wMjlTOFdRQiUyRkFETzNjeTVrNzBCQkJqSkRzbXF2c0NSa0QlMkZkZFkyak1LYlR5QmlMdG9QbXFvc1ZsdksyJTJGQnNSRVh1NSUyQiUyRnJKd2pJUFRLY3AlMkZRUEFtSVlrUGFQeW4wb1dlSEJod3RBTmtnT0p3QzNkUUJEeEd1aDNBMTNnT2VxUk1oQ2tUOFRBUHhIUHE5ZklzSGdFU2JxT3pndkpzUTk2REVoNThrcU1ZOXJEVTJxVmFpdjNCJTJCN2pjRlVlc3FQRjcwUDNWdmI1VFFaNnpQSTdGQ1FLbzJTUVhZNVNZUkVvbTRUT04lMkJLTWluZ3ZnQ2Z5Z1B1VDNKJTJCVDVEbkF5MGY2aU10WG9Wd1JVUiUyQlpLaEpBT1ZxWFRQWFlSZ2pGWjVYR0ljWXk3YnJlSTB2V1YlMkZKZmpRMGNNYjBPR3Y1cjg3cnZqd2ZsV0p4bXBqeVM3NmVKSVh1WjIlMkY2a1VBcHdqWWRjWUd1VDVXRTlpOWEwenZMJTJGWFBOZSUyRm42M1pzSjgwYkVIQTNYZmI1ZVZUSm8lMkZSa2NKcVpDSkRCZ3RaSnFoaUpVZ2d1Q2lRaWRkUmUxZXhEQ01sYU0lM0Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1397 2 KB
1 KB 33ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1397 308 B
636 B 36ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1397 293 B
621 B 43ms
39ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg
static.criteo.net/design/dt/94147/4762382/ Frame 1397 75 KB
76 KB 37ms
33ms Image
image/jpeg 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/94147/4762382/d19c0d94d69a4dbc88b86d21a5076c21_image_ad_728x90.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a8d266bd73470a02cc1410aa3dd29da9d49131f729c0a22de7e0a70ca7d4e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 01 Jun 2023 20:19:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6478fd40-12d81"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77185
expires: Sun, 18 Aug 2024 02:17:01 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1397 0
127 B 32ms
31ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=1vRD8-PaLlMiPHPDdNUfeaSeLSwfTzk29DZVWqtr2bkPDbuBb9i9xSSbcqu2pY3PZxl8Z2TSG5bdbBc2kT190ObKgZ31ctXPGLyNiRvlzeJ4_YTYM2TNPukXbT6QN8k7Qd0pyifFqAiA16lL7tRaFBQyxlUz-ys16PVIi05W7JSDXdRH0CPsgLeKX5gSJkJ6dn_sqBo0870G9VHFPO-_lq3tvngp-eNB1nYiQTz5LS13ESFc7pihLVr75mq-8iPFimtEgA&sds=2&rev=88100&sendBeacon=true

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1397 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1397 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Aug 2024 02:17:01 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 1397 43 B
347 B 31ms
31ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=WlOEZPBJ7coScDUmyQnLja6P3gSD9Itp9QVv-5DNNAyxlQz0YC0aBgl0z-jEfI0DWcDXXJFRRWoibBHQa1Vbrb60svPdjyBbZmwznwDVpDhmDWsrHBtu1cjIya1Tkycsre1ZEjXvZ5Y3L0dErrEOQTRP0VpYdm3E1fdUHwRB2Awy1kUpwcd0sc7H0v_caXhOqY6ngQeqmeD0NxSI1ktjFbirUrI3bm5DZ46rKj_RCTK-k32lCzb5t9qq_qjR9FbSyYZQsEJX6ZsxLynsmm5Bl3m96lRbcohRUWwyfzah0xHp55DC5Je3LLTZqYnm3ifMDrOJaCWRYmjBKE1RmbVJVjYA0N1S6vGB80_Ka8Kp8wVTXBLacPWsJMVd1loENZ3_QIOcSVyYvnGsfdxBnt0OhvqVo1FBWjDPHLWe5VYB6rWxBmIXNNvrdkDdteQbhMKg-bmbCTyzfOYJYbgYyR3bV5R8nxM3MkOCenxozWauyj9rRmJb

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2304215
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D224
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=2slzIl9VQW51RHF0RTlmR20wVWd5alFnZE56MVh1Y3BLa1owcFdIcmFBTUJiUWpjd3JxcVVOS3FVVkZuTmxL...
https://mug.criteo.com/sid?cpp=DevO5nxOSDJuSU9XamlDYXFPS0FKa0V2WUM0eWJST1pFd3JBdng0SGVqNUIrcXZIV01HMlVEZVN3b1JvSjFlWXIrb1pzbWRDZFcwNGtiM1FiSmpWdWFBY3BVNmc4YmNxbGVrQWZGMTRzY0x2MW91NlRKdStwQzU0YXdFeF...

430 B
651 B

31ms
31ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DevO5nxOSDJuSU9XamlDYXFPS0FKa0V2WUM0eWJST1pFd3JBdng0SGVqNUIrcXZIV01HMlVEZVN3b1JvSjFlWXIrb1pzbWRDZFcwNGtiM1FiSmpWdWFBY3BVNmc4YmNxbGVrQWZGMTRzY0x2MW91NlRKdStwQzU0YXdFeFhxRGN2MHpYRGtXdDdyYUsvT2pXb0JDVnR5VWJHeExwV3EzeklzVHc3aWVycVZRQklsbVdzWUhmNlR0V1pwWUN0OW03REFVOFNzb1gzNmpDVW8raDNza1R1cFM1eXZ4SVJDM3paamg2WEtIbUl1Y0F6UGpKZFo4enVZOGJEWnpjcUZMcnNCbmxBRzZjOTQ4NTRHUmNQUXpoWmpFcnF6dz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

64a7d35edc992fa4bf6b8f0624266a59c76253bc92f80bd9f0a20cc253dd7105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1049679
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=DevO5nxOSDJuSU9XamlDYXFPS0FKa0V2WUM0eWJST1pFd3JBdng0SGVqNUIrcXZIV01HMlVEZVN3b1JvSjFlWXIrb1pzbWRDZFcwNGtiM1FiSmpWdWFBY3BVNmc4YmNxbGVrQWZGMTRzY0x2MW91NlRKdStwQzU0YXdFeFhxRGN2MHpYRGtXdDdyYUsvT2pXb0JDVnR5VWJHeExwV3EzeklzVHc3aWVycVZRQklsbVdzWUhmNlR0V1pwWUN0OW03REFVOFNzb1gzNmpDVW8raDNza1R1cFM1eXZ4SVJDM3paamg2WEtIbUl1Y0F6UGpKZFo4enVZOGJEWnpjcUZMcnNCbmxBRzZjOTQ4NTRHUmNQUXpoWmpFcnF6dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 448872
content-length: 0
expires: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLOJ9JW4-S-MBJT

0
157 B

132ms
131ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLOJ9JW4-S-MBJT
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 01DDDC0B436D4086AFD9D706B6A54B90 Ref B: EWR311000106017 Ref C: 2023-08-24T02:17:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDodLWRD+idnAseToRMw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLOJ9JW4-S-MBJT
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 636a4452fa95aad32992c06634d4089f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ4ODBlNTA4YjY4NjEwMTVhOTQ4YTEzNzVhOTU1YWMwODdjMjFhNg

170 B
188 B

61ms
61ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ4ODBlNTA4YjY4NjEwMTVhOTQ4YTEzNzVhOTU1YWMwODdjMjFhNg

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWQ4ODBlNTA4YjY4NjEwMTVhOTQ4YTEzNzVhOTU1YWMwODdjMjFhNg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 636a4452fa95aad32992c06634d4089f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/UivKMy1eZ5jIf8l-iZGbew?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dFgitLxE2oJ8RKKb_HMqjb40VTIfOBLAwDw60g--~A

42 B
678 B

36ms
35ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dFgitLxE2oJ8RKKb_HMqjb40VTIfOBLAwDw60g--~A
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 24 Aug 2023 02:17:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-dFgitLxE2oJ8RKKb_HMqjb40VTIfOBLAwDw60g--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0F7E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ggZdoKuLSDiFI7r3d7yZKQ&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ggZdoKuLSDiFI7r3d7yZKQ

43 B
479 B

69ms
68ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ggZdoKuLSDiFI7r3d7yZKQ

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F772AH71GF0T1145557Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ggZdoKuLSDiFI7r3d7yZKQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0F7E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7pB2ckxsS3GAxT8Gqjfhcg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7pB2ckxsS3GAxT8Gqjfhcg

43 B
479 B

111ms
111ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7pB2ckxsS3GAxT8Gqjfhcg

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B4BH9Y7G81AEPD0G2KZP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=7pB2ckxsS3GAxT8Gqjfhcg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0F7E
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExPSjlKVzQtUy1NQkpU
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBNtRSdSlPoflOdNmHkknX8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPSjlKVzQtUy1NQkpU&google_push=

170 B
188 B

60ms
58ms

Image
image/png

172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPSjlKVzQtUy1NQkpU&google_push=

Protocol

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExPSjlKVzQtUy1NQkpU&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0F7E
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&gdpr=0&gdpr_consent=&expires=30

42 B
678 B

37ms
37ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0F7E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIke3NlEc03af6j2A3C0NTk&google_cver=1

42 B
678 B

50ms
36ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIke3NlEc03af6j2A3C0NTk&google_cver=1
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIke3NlEc03af6j2A3C0NTk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EA6B 15 KB
11 KB 67ms
67ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9df06013322d65bdb07e706f97dcdbcf6393d2a7b41f55e76ed2c05e5c9ea1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11709
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0F7E 15 KB
11 KB 88ms
87ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95dabe064835e8550609f5687740538f362d3f22661bd58a457c7e24142ab590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11753
x-xss-protection: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D8F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_cm&google_hm=ay1ZRFJiZ24tR0lZenJvV01uY3A1cXFjWTJtcTZTM05RO...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0

43 B
369 B

97ms
31ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 884359
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame D8F4 43 B
235 B 53ms
46ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-oPcYQX-GIYzroWMncp5qqcY2mq58nMnd-f2mcQ&expires=30
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D8F4
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166

43 B
370 B

50ms
32ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1628197
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
an-x-request-uuid: ed95468d-afa8-40ae-bf61-4ee5662853d0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166
x-proxy-origin: 96.9.246.195; 96.9.246.195; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame D8F4
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg

43 B
903 B

37ms
34ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
an-x-request-uuid: 8825bd4b-4616-4d55-8c58-23bee7ce38c1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.195; 96.9.246.195; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
an-x-request-uuid: fd09ed23-25b7-4b28-9df0-e9950b094202
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.246.195; 96.9.246.195; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame D8F4
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&custom=&tag_format=img&tag_action=sync&custom=&cb=9e31b3b9-24b9-4b0c-b6ff-3d3c12d...
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=9e31b3b9-24b9-4b0...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4661587944605638166&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=31bcfaf0b9a03328ebdbf3ab752b2658&tag_format=img&tag_action=sync&cb=265944069
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a&cb=1692843422739&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3de69c50-b115-4aa5-a41a-674288992633&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422739

0
410 B

51ms
51ms

Image
text/plain

35.173.111.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3de69c50-b115-4aa5-a41a-674288992633&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422739
Protocol: H2
Server: 35.173.111.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-111-127.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx/1.22.0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=3de69c50-b115-4aa5-a41a-674288992633&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422739
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Thu, 24 Aug 2023 02:17:01 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame D8F4 61 B
791 B 162ms
60ms Image
image/gif 104.126.112.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_dEKin-GIYzroWMncp5qqcY2mq7uaGOBGQsniw

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 02:17:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 24 Aug 2023 02:17:02 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame D8F4 42 B
678 B 40ms
33ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-F_U5ZH-GIYzroWMncp5qqcY2mq7aTqeK88Ii0A&expires=30
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame D8F4 68 B
280 B 155ms
42ms Image
image/png 52.201.146.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-C3SDTn-GIYzroWMncp5qqcY2mq4-Gj5d5DkgWA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-146-33.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame D8F4 43 B
688 B 130ms
30ms Image
image/gif 23.105.12.173
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HxLfu3-GIYzroWMncp5qqcY2mq4hvQpnQKt-GA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.173 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D8F4 0
230 B 143ms
31ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-0_Zeb3-GIYzroWMncp5qqcY2mq6ogncXUTIxrA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31748

GET
H2 200 um
criteo-sync.teads.tv/ Frame D8F4 23 B
277 B 151ms
39ms Image
image/gif 72.247.69.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-dI_BZ3-GIYzroWMncp5qqcY2mq6B8jFD8xgJBA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-69-164.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 24 Aug 2023 02:17:02 GMT
pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame D8F4
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

47ms
47ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame D8F4
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true

0
17 B

42ms
41ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true
date: Thu, 24 Aug 2023 02:17:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame D8F4 43 B
863 B 574ms
198ms Image
image/gif 202.241.208.57
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-jf6A6n-GIYzroWMncp5qqcY2mq4wj7ATAHcVkA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.57 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Thu, 24 Aug 2023 02:17:02 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-jf6A6n-GIYzroWMncp5qqcY2mq4wj7ATAHcVkA","cluster_id":0,"gdpr":false,"ipv4":"96.9.246.195","key":"ZOa9nsCo5sIAAMrx7WAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad137"}
X-SO-Key: ZOa9nsCo5sIAAMrx7WAAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad137
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad137.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 3
Content-Length: 43
X-SO-LB-Hostname: a-tgng40004.dc2p.scaleout.jp
X-SO-IP: 96.9.246.195

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame D8F4 49 B
180 B 124ms
25ms Image
image/gif 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-GbrTYX-GIYzroWMncp5qqcY2mq7vm30uI6QMVg

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame D8F4
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=iIQyS2fNO6iLtNflQxrP0uVQNS0r5sc9

62 B
546 B

196ms
91ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=iIQyS2fNO6iLtNflQxrP0uVQNS0r5sc9
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 24 Aug 2023 02:17:02 GMT
content-length: 62
bk-server: c4d2
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=iIQyS2fNO6iLtNflQxrP0uVQNS0r5sc9
date: Thu, 24 Aug 2023 02:17:01 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 660665
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame D8F4
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1

43 B
766 B

26ms
25ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame D8F4 43 B
616 B 119ms
33ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-9bgAPn-GIYzroWMncp5qqcY2mq6c70tfcGBAwQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1692843422273069-249

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame D8F4
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg

43 B
447 B

48ms
47ms

Image
image/gif

34.201.254.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg
Protocol: H2
Server: 34.201.254.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-254-73.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:02 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg
access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:02 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame D8F4 42 B
103 B 166ms
105ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-_MHNG3-GIYzroWMncp5qqcY2mq4-I-nG4czxrw
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame D8F4
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA&_li_chk=true&previous_uuid=3d1a96eb52524753be77a2bc36137a01
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA

43 B
548 B

151ms
33ms

Image
image/gif

2600:1f18:ed:550e:8870:82d1:4d94:4709
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:8870:82d1:4d94:4709 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:02 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA
Date: Thu, 24 Aug 2023 02:17:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame D8F4 0
963 B 136ms
37ms Image
text/html 50.16.65.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-94JffH-GIYzroWMncp5qqcY2mq4cQ02GO4l_DQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.65.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-65-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame D8F4 42 B
690 B 119ms
42ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-ZY_tZX-GIYzroWMncp5qqcY2mq6dFWHRTAGUKQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 43D1E872DBFD44B2837BE171C04D92CA Ref B: EWR311000108053 Ref C: 2023-08-24T02:17:02Z
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame D8F4 43 B
539 B 156ms
39ms Image
image/gif 34.202.10.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-mDGHrX-GIYzroWMncp5qqcY2mq6gKIBeg32EDQ
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.10.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-10-239.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame D8F4 0
287 B 129ms
31ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-sr6PKn-GIYzroWMncp5qqcY2mq4c-BeC6foJrA&initiator=partner
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:02 GMT
Cache-Control: no-cache
X-TraceId: 463613d3a1fdf36e7535edc4f5d03cac
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame D8F4 42 B
577 B 91ms
33ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-xd--Sn-GIYzroWMncp5qqcY2mq4bCN108rx0VA
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 23 Aug 2023 21:36:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame D8F4 0
0 98ms
42ms Image
application/json 100.25.87.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-kHk6L3-GIYzroWMncp5qqcY2mq5QF8sS1njBBg
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.87.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-87-174.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2

204

/
s.ad.smaato.net/c/ Frame D8F4
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1

0
555 B

66ms
65ms

Image
text/plain

2600:9000:246d:200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1
Protocol: H2
Server: 2600:9000:246d:200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
via: 1.1 105f0a444f68cb77cde9660c45a62eb0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PIT50-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: s6B76L0ggOLxscKzjHYfD93X57z1cU_C4KcdbETJ-6Vo1tP4mGcImg==

Redirect headers

date: Thu, 24 Aug 2023 02:17:02 GMT
via: 1.1 105f0a444f68cb77cde9660c45a62eb0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PIT50-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: iYKxkcixTi6us3q6tIgfqqeSVowAq7iTHtt4hfS4xxRmAuNn-ALsiw==

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E7BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_cm&google_hm=ay1ZRFJiZ24tR0lZenJvV01uY3A1cXFjWTJtcTZTM05RO...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0

43 B
370 B

88ms
30ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 599148
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&google_gid=CAESEJNAjP4JEVVMJc4r_4biTSo&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame E7BF 43 B
235 B 86ms
50ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-oPcYQX-GIYzroWMncp5qqcY2mq58nMnd-f2mcQ&expires=30
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E7BF
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166

43 B
370 B

50ms
29ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1161641
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
an-x-request-uuid: f301034a-1c8d-4331-9801-a3a2eccda833
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4661587944605638166
x-proxy-origin: 96.9.246.195; 96.9.246.195; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame E7BF
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg

43 B
903 B

73ms
72ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
an-x-request-uuid: b27ff66b-8587-4939-9e55-b892a04e3a7c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.246.195; 96.9.246.195; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
an-x-request-uuid: 19eeb777-7891-421f-8bb9-a2c70981f9c5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-Qu2m6H-GIYzroWMncp5qqcY2mq7PZGLE_ZtYvg
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.246.195; 96.9.246.195; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame E7BF 61 B
791 B 142ms
58ms Image
image/gif 104.126.112.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_dEKin-GIYzroWMncp5qqcY2mq7uaGOBGQsniw

Requested by

Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 02:17:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 24 Aug 2023 02:17:02 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame E7BF 42 B
678 B 42ms
38ms Image
image/gif 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-F_U5ZH-GIYzroWMncp5qqcY2mq7aTqeK88Ii0A&expires=30
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame E7BF 68 B
278 B 138ms
43ms Image
image/png 52.201.146.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-C3SDTn-GIYzroWMncp5qqcY2mq4-Gj5d5DkgWA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-146-33.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E7BF 43 B
688 B 144ms
62ms Image
image/gif 23.105.12.173
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-HxLfu3-GIYzroWMncp5qqcY2mq4hvQpnQKt-GA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.173 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 24 Aug 2023 02:17:01 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E7BF 0
229 B 126ms
32ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-0_Zeb3-GIYzroWMncp5qqcY2mq6ogncXUTIxrA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31748

GET
H2 200 um
criteo-sync.teads.tv/ Frame E7BF 23 B
277 B 134ms
40ms Image
image/gif 72.247.69.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-dI_BZ3-GIYzroWMncp5qqcY2mq6B8jFD8xgJBA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-69-164.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 24 Aug 2023 02:17:02 GMT
pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame E7BF
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

52ms
52ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-1VPod3-GIYzroWMncp5qqcY2mq6Y9FsO-fI2rA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame E7BF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true

0
121 B

39ms
39ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-Y7e3cn-GIYzroWMncp5qqcY2mq4xctGTtRjbVQ&verify=true
date: Thu, 24 Aug 2023 02:17:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame E7BF 43 B
867 B 583ms
191ms Image
image/gif 202.241.208.57
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-jf6A6n-GIYzroWMncp5qqcY2mq4wj7ATAHcVkA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.57 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Thu, 24 Aug 2023 02:17:02 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-jf6A6n-GIYzroWMncp5qqcY2mq4wj7ATAHcVkA","cluster_id":0,"gdpr":false,"ipv4":"96.9.246.195","key":"ZOa9nsCo5ucAADf4IN4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40188"}
X-SO-Key: ZOa9nsCo5ucAADf4IN4AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40188
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad141.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 43
X-SO-LB-Hostname: a-tgng40016.dc2p.scaleout.jp
X-SO-IP: 96.9.246.195

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame E7BF 49 B
341 B 121ms
24ms Image
image/gif 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-GbrTYX-GIYzroWMncp5qqcY2mq7vm30uI6QMVg

Requested by

Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame E7BF
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=bPiur-7EBFLAigZGtws3BKxq4HRo3zZS

62 B
546 B

122ms
89ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=bPiur-7EBFLAigZGtws3BKxq4HRo3zZS
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 24 Aug 2023 02:17:02 GMT
content-length: 62
bk-server: 41a8
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=bPiur-7EBFLAigZGtws3BKxq4HRo3zZS
date: Thu, 24 Aug 2023 02:17:01 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1034274
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame E7BF
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1

43 B
766 B

27ms
25ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-W8Y2XH-GIYzroWMncp5qqcY2mq7uCUa1-tCe7g&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame E7BF 43 B
617 B 120ms
33ms Image
image/gif 63.251.28.233
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-9bgAPn-GIYzroWMncp5qqcY2mq6c70tfcGBAwQ
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.251.28.233 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Aug 2023 02:17:02 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1692843422280042-311

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E7BF
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg

43 B
446 B

49ms
48ms

Image
image/gif

34.201.254.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg
Protocol: H2
Server: 34.201.254.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-254-73.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:02 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-hxo1w3-GIYzroWMncp5qqcY2mq70HPJJSV8tNg
access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:02 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame E7BF 42 B
274 B 183ms
104ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-_MHNG3-GIYzroWMncp5qqcY2mq4-I-nG4czxrw
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:01 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame E7BF
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA&_li_chk=true&previous_uuid=57bee0a3adb24be9be19045edb1e4c3c
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA

43 B
548 B

137ms
30ms

Image
image/gif

2600:1f18:ed:550e:8870:82d1:4d94:4709
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:8870:82d1:4d94:4709 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:02 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-64F9P3-GIYzroWMncp5qqcY2mq7_g2ea8sfOMA
Date: Thu, 24 Aug 2023 02:17:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 4

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E7BF 0
960 B 127ms
38ms Image
text/html 50.16.65.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-94JffH-GIYzroWMncp5qqcY2mq4cQ02GO4l_DQ
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.65.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-65-194.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame E7BF 42 B
286 B 120ms
43ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-ZY_tZX-GIYzroWMncp5qqcY2mq6dFWHRTAGUKQ
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 158C9D7BE9DF41EEA4F3924923E772B5 Ref B: EWR311000108053 Ref C: 2023-08-24T02:17:02Z
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame E7BF 43 B
537 B 175ms
57ms Image
image/gif 34.202.10.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-mDGHrX-GIYzroWMncp5qqcY2mq6gKIBeg32EDQ
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.10.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-10-239.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E7BF 0
287 B 135ms
31ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-sr6PKn-GIYzroWMncp5qqcY2mq4c-BeC6foJrA&initiator=partner
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 02:17:02 GMT
Cache-Control: no-cache
X-TraceId: 5715e18a30e2f83ecd383f974810a676
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E7BF 42 B
428 B 107ms
33ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-xd--Sn-GIYzroWMncp5qqcY2mq4bCN108rx0VA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 23 Aug 2023 21:36:42 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame E7BF 0
0 147ms
43ms Image
application/json 100.25.87.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-kHk6L3-GIYzroWMncp5qqcY2mq5QF8sS1njBBg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=159467&cb=64e6bd9dd6832cd601e4948c3280899c&r=https%3a%2f%2frisu.io%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.87.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-87-174.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2

204

/
s.ad.smaato.net/c/ Frame E7BF
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1

0
557 B

71ms
71ms

Image
text/plain

2600:9000:246d:200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1
Protocol: H2
Server: 2600:9000:246d:200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
via: 1.1 105f0a444f68cb77cde9660c45a62eb0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PIT50-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: Vazu8mE9X0wbZ73ZHy64LoTsdcnWZmNJUk_35XkQj3_XVIcHhxPOTw==

Redirect headers

date: Thu, 24 Aug 2023 02:17:02 GMT
via: 1.1 105f0a444f68cb77cde9660c45a62eb0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PIT50-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-2XBg9H-GIYzroWMncp5qqcY2mq7thhMqLwl-TA&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: htEO9vKPdWQ8pOGQRG0-zrVFXVbSKpjtX68p7AkeyB1isYDQmHbhIw==

GET
H2

204

/
partner.mediawallahscript.com/ Frame E7BF
Redirect Chain

https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YDRbgn-GIYzroWMncp5qqcY2mq6S3NQ9SXBl4A&custom=&tag_format=img&tag_action=sync&custom=&cb=ae70413e-f4e5-4744-8f5c-2fe8a2e...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=4661587944605638166&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=31bcfaf0b9a03328ebdbf3ab752b2658&tag_format=img&tag_action=sync&cb=606939038
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=a8a67aa3-6c3e-4153-bad1-6a831e316cd1&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=4fe99cb0-4224-11ee-86ec-f14a1ca0c61a&cb=1692843422778&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=cacad3bd-f621-47ef-997a-208a2855e066&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422778

0
410 B

38ms
37ms

Image
text/plain

35.173.111.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=cacad3bd-f621-47ef-997a-208a2855e066&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422778
Protocol: H2
Server: 35.173.111.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-111-127.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx/1.22.0
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=cacad3bd-f621-47ef-997a-208a2855e066&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1692843422778
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Thu, 24 Aug 2023 02:17:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F905 15 KB
11 KB 82ms
82ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8929c2d710050538ac7cd426cb1a4f4bccef276b231828e8e30ad4204a2d650e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11741
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EA6B 17 KB
6 KB 58ms
57ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 02:17:02 GMT

GET
H2 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame BA7B 108 KB
12 KB 28ms
26ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: risu.io
URL: https://risu.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 15:51:26 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 09:25:25 GMT
server: nginx/1.12.1 (Ubuntu)
age: 37536
etag: W/"64dc9605-1af49"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11702
expires: Thu, 24 Aug 2023 15:51:26 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2C3 492 B
263 B 89ms
89ms XHR
text/plain 172.217.13.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1567255413331521&correlator=2433974548760535&eid=31076398%2C31077253%2C31077255%2C31077271%2C44799390&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692843422140&lmt=1644422353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=4okwa3bsvizo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=315854468.1692843422&ga_sid=1692843422&ga_hid=1167754676&ga_fc=false&dlt=1692843421573&idt=522&adks=64515409&frm=8

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.13.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5f451a962510c58a226a4e6007636fde230065b7881a411377e36f64815ec7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b62c4a85cdbf818abc7677d0e6144a55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0ECF 6 KB
3 KB 73ms
59ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b62c4a85cdbf818abc7677d0e6144a55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:02 GMT
expires: Fri, 23 Aug 2024 02:17:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F7E 17 KB
6 KB 79ms
78ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 02:17:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F905 17 KB
6 KB 139ms
138ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 02:17:02 GMT

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame BA7B 17 B
160 B 729ms
230ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: text/plain; charset=utf-8
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: max-age=86400, public
server: nginx
content-length: 17
expires: Fri, 25 Aug 2023 02:17:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ECC9 13 KB
5 KB 37ms
35ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 460260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:26:02 GMT
expires: Sat, 17 Aug 2024 18:26:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D944 829 B
560 B 80ms
74ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

160c9dfdb2ff07ffd41734510f016ac2c2e97e14a7ca96cc58c338d2e9ebd848

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e14XWQVQXhVFmEoAkx-8ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-e14XWQVQXhVFmEoAkx-8ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:02 GMT
expires: Thu, 24 Aug 2023 02:17:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F2C3 15 KB
11 KB 83ms
72ms XHR
application/json 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86550f9231ac0b01979ba968952348369036c182ee511f33eaa64cd5b71c0781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11731
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame ECC9 37 KB
14 KB 44ms
32ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 74E8 13 KB
5 KB 42ms
34ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 460260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:26:02 GMT
expires: Sat, 17 Aug 2024 18:26:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4558 829 B
560 B 69ms
63ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5af8d0a3e2b702f8cbaffb5db7e69fd7e5714324d7ad0da3d3a766386c5d8afc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iq5AlX9fqoqB6r-TVXYZ-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-iq5AlX9fqoqB6r-TVXYZ-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:02 GMT
expires: Thu, 24 Aug 2023 02:17:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D944 0
0 58ms
57ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308220101&jk=4369024524673245&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E7BF
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=gdc0S2iaBm38U-7OSsivjUvWK5dJz3o7
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gdc0S2iaBm38U-7OSsivjUvWK5dJz3o7

42 B
940 B

43ms
43ms

Image
image/gif

54.205.43.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gdc0S2iaBm38U-7OSsivjUvWK5dJz3o7

Protocol

HTTP/1.1

Server

54.205.43.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-43-202.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-va6-1-v049-074109a14.edge-va6.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tBOfs5uATj4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v049-0f0b5a843.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5sNX0S+ASdQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=gdc0S2iaBm38U-7OSsivjUvWK5dJz3o7
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D8F4
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=E1cXw-JyHYHqeOAB19-xWgDTinQ-Sf5a
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E1cXw-JyHYHqeOAB19-xWgDTinQ-Sf5a

42 B
940 B

43ms
43ms

Image
image/gif

54.205.43.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E1cXw-JyHYHqeOAB19-xWgDTinQ-Sf5a

Protocol

HTTP/1.1

Server

54.205.43.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-43-202.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v049-0ac3873a0.edge-va6.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4LDWNrIKTpA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-2-v049-0438bd599.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nKq9EdRgTEc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=E1cXw-JyHYHqeOAB19-xWgDTinQ-Sf5a
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F2C3 17 KB
6 KB 73ms
73ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Aug 2023 02:17:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37B6 13 KB
5 KB 36ms
34ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 460260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:26:02 GMT
expires: Sat, 17 Aug 2024 18:26:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA1D 829 B
559 B 65ms
63ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06e479d0f9e5f9c5b795b001346138b2d195a0916aa18a76a18b8510d42e2a4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qVGwbAUfIDHMLS9ga1LFgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-qVGwbAUfIDHMLS9ga1LFgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:02 GMT
expires: Thu, 24 Aug 2023 02:17:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4558 0
0 57ms
55ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1511243895911813&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 74E8 37 KB
14 KB 35ms
34ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 37B6 37 KB
14 KB 34ms
34ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B420 13 KB
5 KB 36ms
34ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 460260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 18:26:02 GMT
expires: Sat, 17 Aug 2024 18:26:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8FAD 829 B
560 B 81ms
80ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc49e36b202495f2ec0f608254a1a65005a377a45d130fe1343594864f3d7a38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IIbkF5AAwxC0yJLW05UuKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-IIbkF5AAwxC0yJLW05UuKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 02:17:02 GMT
expires: Thu, 24 Aug 2023 02:17:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA1D 0
0 53ms
52ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1544939008770719&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ECC9 0
10 B 32ms
32ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NW8KBA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame D8F4
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KK2NP574lX53nKasxgDNEtzv0wLDocHi

43 B
655 B

188ms
54ms

Image
image/gif

18.165.9.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KK2NP574lX53nKasxgDNEtzv0wLDocHi
Protocol: H2
Server: 18.165.9.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-9-109.pit50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
via: 1.1 6a64ca833316a620747aecc574b6d1e0.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: PIT50-P1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: exbSASqSq4agBSJQVhp-mh8rOm0T6RfxuIoqDNttzBZOC61LM9z-cA==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KK2NP574lX53nKasxgDNEtzv0wLDocHi
date: Thu, 24 Aug 2023 02:17:01 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 778983
content-length: 0

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame E7BF
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Orj9Mq0YabCPZbsvEjrjtn4_MRozYX3W

43 B
656 B

185ms
51ms

Image
image/gif

18.165.9.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Orj9Mq0YabCPZbsvEjrjtn4_MRozYX3W
Protocol: H2
Server: 18.165.9.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-9-109.pit50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 02:17:02 GMT
via: 1.1 6a64ca833316a620747aecc574b6d1e0.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: PIT50-P1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: ZKb32b0i7MGDPJyumpeonyvJ6-QMMUVxMerjL1YhI6GSRUthdam0HA==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Orj9Mq0YabCPZbsvEjrjtn4_MRozYX3W
date: Thu, 24 Aug 2023 02:17:02 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 896704
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8FAD 0
0 57ms
57ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=1567255413331521&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame B420 37 KB
14 KB 33ms
32ms Script
text/javascript 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 421650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 05:09:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 74E8 0
10 B 34ms
33ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gA0NFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 37B6 0
10 B 35ms
34ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5UorOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B420 0
10 B 33ms
33ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KEyXkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.us.criteo.net/ Frame DC0A 0
127 B 33ms
33ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: risu.io
URL: https://risu.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://risu.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Aug 2023 02:17:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 campaign.php Show response
fsa-api.feebee.com.tw/maji/v2/ Frame BA7B 7 KB
5 KB 268ms
245ms Fetch
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=us
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 1f2d504ff5d4476dc0d41c6e62481c2175657c9405927a55c7e3c6d2ff5c8443

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://risu.io
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EA6B 0
0 109ms
109ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308220101&jk=4369024524673245&bg=!pKelp-jNAAZGPLJIZjw7ADQBe5WfOO2XWbDlFluQdyhoCkENoa8wTy2v_4V1nIeXTjFrtsWi4tWNZxSqYjzr-s5b6YgCAgAAANBSAAAABmgBBwoAYH2A28dSYzPvnsf4pYGJOQTibju6Ms36SIVARqFfWiG6eVdo-60nhGBJ0qQOm1p5CfHLjiwR0Y_Dxt6-9K4DnOZn-eR4Zh82iQs7RD8ow_bm48p4ljjGn2oEs6mmEDkYepkDGF7cGfHATqYEzmylFRsYa2GukEAtMVtQ8eirrwX_NQfWpqi-QLpkhyPNu2NoARRs8do9kfG5fN4hACLqeLrLc6tI69tF2WXN9uCrrxo4y0XrqH3PfGnyzumn7qN08eAcp1-hBkwC2ELADOdTH4Odd92QMUmFxGphI341k45etwubKNMTWUayRM3PWR3J6dKbD9sPUDMN86kog0oGEWa83B0btHmAU-818qINc7EvMfKdiPVnEV-ElkXbhfp4CnYOyIoi7nwiWrgalPFp_Plu8HS9l-MpBgYKU_MiXFfF2BfGwpnYxc1KxGbMdG-cEPmPEV5e4oRHMG_VWHnKThruj3lrCflDGbOdFeIGSP_S2udZoyGcvprwE8UQQ0tekX0UNobXEL8woJiNx9UbBcPMVl7NCXTnQCk-n5fbUmHKkE5fMS9r1DhvLsmMplTYhUC6V3OkvpXd0NkSLM6wura6C-5D5yK_8F7uWmia21ZbT6PoIn4UGTLMLbSRxeNcvhUsuQSCLWuliAGzGSSQ7DRB-cpOJ5di4JHuWh73tL-OTtzSW3Sl8VdL3tqVX35rzKuZAwJSLnP9QvXDtiiUnNhgTKJ9lzmlLD-DZyMWb6yK0NBONcsu3CfYmUSwLdXtYnVofXiPjpPH7Wp-qt9pa5xjP10X6H6YGD-fQqwYongeK_xld_wHzByEOBy0RxCFnwKwU1tOZYsGgzmwfn7fsOgdROTT502tkPb8q_0VL_YyLPXctdf0vkepmMlTw3LgxxoKU9nYASSUscK3xPH0BzSTH615MPKg9FDHP1C9uJnvscTY279sXPIoHzD0cci4qKghLq7JU-APZ4Fof-lHV01Eu5Wsio-C5rZc6SFQujsJWLSWcIp3-qaYMr6362LGLxF2EYn0gkopXLAYygkG-9ggm-yuJLr7E3eRsYg-Ve5khmQ6jkATT3mbbHYDhR55BCPjDTJKoOG0zT7uZzFZqV1ZKjO58M0VAyHH7u11eupZ56bD_bPzpTLjSBOVi2A4p05BHEgWeja7cpv8hbEW4hh10qstPb4a5-xDYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame D872 70 KB
5 KB 104ms
42ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2437810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4220
last-modified: Thu, 22 Jun 2023 10:45:16 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494263c-107c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wooAncl8%2FgMMYe7Y6tqjbRKkDvYbCgOBS62TwHXQUiOvgQFyB%2F0cJ2cF3VVvLLPZ2mtZepoLvuaZAA3OwKKS9YPZy9TLu0s%2Fwg%2BO6Yyyh%2FRKSmjhl8XpRiK2DsssI9hT6%2BYqq7kwl0RfwUZ6tATAW1St"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb818c36dab4bcf-BUF
expires: Tue, 13 Aug 2024 02:17:03 GMT

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame D872 7 KB
3 KB 55ms
54ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 12:30:41 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Aug 2023 04:21:32 GMT
server: nginx/1.12.1 (Ubuntu)
age: 49582
etag: W/"64c8884c-1be1"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2629
expires: Thu, 24 Aug 2023 12:30:41 GMT

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS82MTEvOGFjL2UxZWUvY2VkNi81MDBiLzNkNTAvMDBmOS8xMTZkZWViNzFlMDI0MmFjMTEwMDA0LmpwZw.jpg
img.feebee.tw/i/5_FPY2FpSqq5Ioh9DyAeNKy7edbVm5rQ9_kD5a9QO0Y/372/ Frame D872 13 KB
13 KB 617ms
536ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/5_FPY2FpSqq5Ioh9DyAeNKy7edbVm5rQ9_kD5a9QO0Y/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS82MTEvOGFjL2UxZWUvY2VkNi81MDBiLzNkNTAvMDBmOS8xMTZkZWViNzFlMDI0MmFjMTEwMDA0LmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: a0985c82b099482bc4dd7d41f57741136b39d049cfe30120c30f958b121a34b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:03 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="116deeb71e0242ac110004.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12833
x-request-id: nbY_L1k0U9Nmfkupecz-K

GET
H2 200 aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS03cXZmYS1sanZycWI4N2QyYmk1OA.jpg
img.feebee.tw/i/1qGfgaIHz-943HU2c0zxd53D7UMZKAwQalnk9tr-yWM/372/ Frame D872 28 KB
28 KB 472ms
392ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/1qGfgaIHz-943HU2c0zxd53D7UMZKAwQalnk9tr-yWM/372/aHR0cHM6Ly9jZi5zaG9wZWUudHcvZmlsZS9zZy0xMTEzNDIwMS03cXZmYS1sanZycWI4N2QyYmk1OA.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 6351cbbf69ffc5c0e1e8dfcdbea29052ec975da62b55156f8043d71fbfbf626f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:03 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="sg-11134201-7qvfa-ljvrqb87d2bi58.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28409
x-request-id: ZgyM6mKJgurZhf_bdDTCN

GET
H2 200 aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS84MWYvMWMzLzNhMDMvZTlkYi9lMDFkLzNhMWYvYWNmNC8xMTc3ZWViYThkMDI0MmFjMTEwMDAzLmpwZw.jpg
img.feebee.tw/i/GkkQ4dQOvf2nN8w3ZKZbs3DOQRhJeJILwely6hTo-fc/372/ Frame D872 20 KB
20 KB 514ms
433ms Image
image/jpeg 130.211.28.216
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.feebee.tw/i/GkkQ4dQOvf2nN8w3ZKZbs3DOQRhJeJILwely6hTo-fc/372/aHR0cHM6Ly90c2hvcC5yMTBzLmNvbS84MWYvMWMzLzNhMDMvZTlkYi9lMDFkLzNhMWYvYWNmNC8xMTc3ZWViYThkMDI0MmFjMTEwMDAzLmpwZw.jpg
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 216.28.211.130.bc.googleusercontent.com
Software: imgproxy /
Resource Hash: 47b59fde45efe3ac0d791367daafa8ad23961753e745a7a61344b974c46a4f62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:03 GMT
via: 1.1 google
server: imgproxy
vary: Accept
content-type: image/jpeg
cache-control: public,max-age=7200
content-disposition: inline; filename="1177eeba8d0242ac110003.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20796
x-request-id: cofLJjwT3Fm6dxA2bg-PC

GET
H2 200 IzMBpqkuERMe2UMHA_obpkuI5OyH9UD5ZVSFbTlGZJV7ptoqUuPcWoAb4Mq5-1z3vxFxzNWcqfnYUKnpSZHpAjyZ3pciYVSoY6en5AhS1ZdXkPsu3-6WHs5PovoAavrnycJE2C95AxAbRi8pLo5ZZ8GOgwLfxY30QfEG_C3-9TLb3Ei7SzOCVJwVGWotne4afcbjI...
fsa-api.feebee.tw/maji/v2/view/ Frame BA7B 842 B
922 B 255ms
234ms Image
image/gif 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fsa-api.feebee.tw/maji/v2/view/IzMBpqkuERMe2UMHA_obpkuI5OyH9UD5ZVSFbTlGZJV7ptoqUuPcWoAb4Mq5-1z3vxFxzNWcqfnYUKnpSZHpAjyZ3pciYVSoY6en5AhS1ZdXkPsu3-6WHs5PovoAavrnycJE2C95AxAbRi8pLo5ZZ8GOgwLfxY30QfEG_C3-9TLb3Ei7SzOCVJwVGWotne4afcbjIHLhyC1IMxa9bFDT86iUYIgIqAWI36b0cojiaUSuId_gvDu34AUTS-QxtJlnlUeiD6kq3fvPLttsGCo6fADOFxS9HiOy5i2HmojHCRNzDOoi1FxAbh2a-M7W5eZkGAk.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://risu.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 02:17:03 GMT
server: nginx
x-robots-tag: noindex
content-length: 842
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F7E 0
0 62ms
61ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1511243895911813&bg=!YWKlYi3NAAZGPLJIZjw7ADQBe5WfOMolZy06ZyOnYeNDXQRx3Q2Nci71zdiAaDdNoqa6lTStcnwReVQYI77cIazimgnAAgAAAOZSAAAAB2gBB5kDA15T-QJ9GuYbctcJLRXV4cX3MZxpRBLG1Z8hsJzd5Wgfxs8JWjLq7Vgh9sUW59GliiDNoZhihMmO9h1D18VY-8W2s2H-_VI-_UR9zGiS3mBCC-MapYkNZt99gS0QJlAAxhP7F2YVJpQfbP8XrjcUGyVjyh8nACOeii-3ZOSqClk4BHQRb5pWpQNbEG-KlMzwRwabJwfQr1MsKf9b-TmU1npRu2nCatNF0nu0S4V65Jl7qPyCGiqL8eNe7v6Xg_cTOJ1g4j3OWJCQloIxM3SORLVRb6gAADtfCfpZyV3cdDgcfCPY4zTVwIs0xo5khl_nqQ0qkAPwF7ZZ1scx7bVw0n27bapf__BRXIRiOlBDDVoAEz5LwjdBqrmrQsGMtdOTF8IdQZiJNn9E4fucvWzDurHgjm5qUy6EsiisK-4ADXMk8PtBKT2XNLKwjtbBtm-abvO6OHTozMQJrHeZfepPXbtgp_LCB9U_8UMKjtYM-ad3paOom2pTBKG8SKO5S5iP8QlXqsYN85hzpjFKml_MbKDwolH96jhANlER6nB5t9fvTwYtG2W3yrLL7fKTJqqkRtVyQ7PgxD1rq2iOOvYjn_ppHZl3dGPUpKlvKiAT_5bCAYKn4dM-omoRFpHRJvR9H5Ua87mjlYc3vsi7aM0LotoMX8S0wBmIWy2XGpH-R0CFn0lYSlrXELn1s-qvAWI94s9VUDYsRwtZkjyCOSTgesKQM_KvKFIE8Rx2oSidzfbfG0Xyf_nWxrrnxtGJ-1pQuwQ4DrgV0SMDBA1L3sR4gPaAtuLikVp9OrnDvHHAYNmEzyvgGSSRxZtQeKAVNObWqvG_VIUBG46Umb9a4dquDMuznu-AoTFaPx7Ao5YulcZ63oMIzDlnhB7Rr16MgVgXyLgBQCTDqIdRh7xiPPJQcTSCmodu1q-qR6YeN3bGiD18-w9eKJh8bbVTIEEPg3AhGqOnxKSeDEpYdD5Q6SJId2BShQN1mksASvNSvuWLuXujrLJ-DqAz1G1peAt2j7uetwI77g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F905 0
0 57ms
57ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1544939008770719&bg=!cXKlcj3NAAZGPLJIZjw7ADQBe5WfODzAoN7fh3Qk65nRf-CXrkikBxuG0iFa70y4WZ8lvdAld5ZbtwqBobna6WnqFfF7AgAAAQ9SAAAABGgBB5kDOckv-V-auytO1Fqkr7fVhcdAUoAUK0xNLfp86PFuSTGY3F6VhFlbOGtFeFrSIQrAY-wQVUVYpHcKYsXM09GHxEaeH3siRJJIfGTYx-tdvi6rIQoScqLWtWmvSbcfjj4bwq6dmF6RpMLKH7PsuCsz2Oo0OF8eWy6-YVDjPXTSPwcsXINL7zkfU-lYN48KThwB5nUCr1MlB-FzqiEQJ5w4klNbWquCq_3B11hF7wRGfeD7nTYnvTZQ2M_awr183qLmLt3aNXBYBjoTGtMNViKoeFokN9kPMtvIvqbJ1ZhDXdFoipqysWn3r9RAGpWycmhsUZAtFsXJkTpiBC5hI5wsllhdkA9l_vxX-dE9UZ22nGPcAaqd2D0xewq7TpNJ_7Mc1qy5L-zncGgHlzHA9f2QSi2zVQtNp_RL_pJSHSyB1Eegihm5zj82PXsqba8fV_QXVkeJsNyHanDMFJ7bTqBwzBcZPelT6Lc2M_TICRqI_gfWACXC1p30UvGRnKyiAQoGn5jduOUs-i-g2AmiGC2YN_x8pZ0km-BM_Qv2ZSXhcYAnmVoTgeJxairEkT8Ip9K2KSeKSACMVsNy9kY5Krk2WPyIAVK-v73iV9lRBPGHuTBDSq4_qZkPDKMRZJ-AobxADlT4lltHH7YeonMLssjnQgWjB7AUe-pEicofQ_iOzVVKnArtvQ0ggYj0hK2qdNPXfXBSAoqPJSQqVhT7ahA2DEcLIN38e3JceCBycpv4yJvam9jkeB-7B7BPaWGCHySwOoXMps2A-WFvVW-5nY6TNDpmmK9UYTGEQb7KP3XlzqTlVaFw3LqkDSBvQuV8I-7cBdKwJAIiR967E0xhnUfHlPN4AyeEuP1FD1lKupvBtUCPXhcpJxPSBLntpZf_PzJt25vgqqcir2hvPjcxmwl99EnccV3na5lP6lNQRa18BvT_xD_0RwEGRgUxWvqU8mkZpyDFmZirwgxlqqH_5BZ2APXCp4lazSaCMP-1ccUZWJDZoE-8YeTTYw92-i2GszUiR4xC0hnVyB7fYsGtRkkmtgtqYA8c64DGkuCuc2jsvxcIDF3ZahD5FbbAx-VywpS4rPBqj7hbz_ylzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2C3 0
0 56ms
56ms Image
text/html 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=1567255413331521&bg=!ra6lruHNAAZGPLJIZjw7ADQBe5WfOM050S_s3NCydXrXb0Zr-hLru6gGiipfBPeX5H-31nBCK23dXZiloznyzycY8-YIAgAAAKhSAAAABWgBB5kDBBtrzlJ8VvpDi5gtaSb76WWpHRANE_H0mp5bC9Vh3xY_Hk-V1vErRwEyaOjkBSjlHPxbRlYtfMrj6GvHhZQOMw7XDYqGCInLijbbnjswcW87O4AWPAjxOb-Wb4ktjLO8muFM5MW0IdAe2a1Mgxq_RGlvOxsvx8RtnpJroSy30xRKb0um_pHkojjkmSbvLUY3EP8pbyhIUpXxcqgWgv-vXRx86eWlEt6sHe-CSeg1TXaJ4h3uB_qT75_Uh8TBtX4sO6SBNXMv2ApWKekIuedJqdFY_SePh7mcoIMxJZ9lLsoZ9P1dN56u4POl8kCY6P1EdD5kEsnKcHUk3kuQv4pcIER95X7Ml6he7MJgleKzyFVge-EnDiBy9nV-w1rHUME5yXEiOOB_Dy_0c-f-lkz3WOSDc4wN6FPDYrBMBHoSBmLj7zqqtN354Hg22kKDY85hrYRM0V4fbtMlipj9Lq2nNlIpeKmRdrQmQUY9O0FlrhJUnu8uZoNIVftn25ek5S1p980jo3mrpwm03v0QhdbXx5Xa8h-qRKLshUh5dskMLRnqom-nN0VGhYBWgrZnsdMlgyWAK6q-MH_x87cODaIj_u44VLV0NCRVZOHmQgrF67QuHdZdqYYh_CN8ukl4ZBYzoI5U4fWHuwyJUxyHPWL6w4T2KssxhuzGCIhof-qQGh5spQfoFGhYgddbQvakeBM5nhy4pESHxhtjIWeZnsALGLyN0Xg78FctpIeb17F6-eBtzatTcyfNqb8HbspVL-pjRFs92GKTwsfkCwH63_zQW1SwgBMmDKhmc-8sPBxE--c5UqIc5eOosGiu2XyTqpwyVaI27_-mSBns1lcmHg4Z76UhxP9y7XhbxAJdXbpFCb4wuafq48Xs-nFl7TQfeP9Q5rn9ROVjxNzOTL9N79HmdMcGVIZDNuSRQAS6AQcBwyouRkv5a0ktEZO4kQ6WTBN-h_QnWogVdV27m2Ph9yIxzTy7ZTDkvfSAZzcjvjNmbVRek4Ok6pj0BTbDpBmXQ9INklEh4ao
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

102 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.recaptcha.net/recaptcha	1970-01-20 18:33:15	Name: _GRECAPTCHA Value: 09AG8ZzssRxrvlPEe4D0tYW8ur777Xb24uz-59hkHsPgCxsq-NXiE9YGwPVi-tFBGQeAJL7-0kELogTLEDFFqA20E
i.liadm.com/s	1970-01-20 14:57:15	Name: _li_ss Value: CgsKCQj_____BxD3FQ
i6.liadm.com/s	1970-01-20 14:57:15	Name: _li_ss Value: CgA
risu.io/	1970-01-20 23:50:03	Name: ahoy_visitor Value: 9ae73f62-2a8a-4319-9518-277659491d8a
risu.io/	1970-01-20 14:14:03	Name: ahoy_visit Value: 6d704fb4-2139-4f23-b018-632895f3973a
.risu.io/	1970-01-20 14:14:05	Name: __cf_bm Value: sa6AVlwjCwdTIOuNv7KmQgGpvOApUfoePQK0aMuXjAw-1692843416-0-AYo4RabTnKH+MRljc5+BuiUBYz5n/rHPMT4R6doLr4aLWpAXXSj4gTFc1Fdm39++OClgB653Tsaro56yKJBfRhY=
risu.io/	1969-12-31 23:59:59	Name: _risu_session Value: 1VRu4L8MpJXkuJpTnP6tjCouukxjJMw3GxovKc7O7Y4oF5kVq3yBXG6RLGf014q5Isjcg4o3OIAv7bRHAA8bSjWCNU5wtD0ZeJQoUz1Rsb3p%2BUOKeYmD2xOE2Y0o%2FIz57PQ0HsYggx7MCfTFeVG8JBcCbgdbDpw%2BXjI7yaQc6dVV6bBB8nxN--9rMoeFWkY3UW48Iu--DGyPR40Jseb6teA21Zs2hA%3D%3D
risu.io/	1969-12-31 23:59:59	Name: prefers-color-scheme Value: light
.risu.io/	1970-01-20 23:35:39	Name: __gads Value: ID=10f6f3816b9be75a-22b1d5d0b3e30092:T=1692843418:RT=1692843418:S=ALNI_MbuaOBsc_Mcxk-_OJZhRZ4OBG0Qdg
.risu.io/	1970-01-20 23:35:39	Name: __gpi Value: UID=00000d8d79554069:T=1692843418:RT=1692843418:S=ALNI_MYvfCW0NbnoYsg0w3_JHeI44D9t1g
.risu.io/	1970-01-20 23:50:03	Name: _ga_H814P3QJ03 Value: GS1.1.1692843418.1.0.1692843418.0.0.0
.risu.io/	1970-01-20 22:59:39	Name: cf_clearance Value: 81Xtl6Gq18f8ARMCLEMLSZ7EvnVt5aA9GfNn0gl.g8c-1692843418-0-1-25641c5e.97f8d7e4.b6cfdeee-0.2.1692843418
.risu.io/	1970-01-20 23:50:03	Name: _ga Value: GA1.2.1052405863.1692843418
.risu.io/	1970-01-20 14:15:29	Name: _gid Value: GA1.2.488136396.1692843418
.risu.io/	1970-01-20 14:14:03	Name: _gat_UA-146086888-1 Value: 1
.risu.io/	1970-01-20 23:50:03	Name: _ga_ZH634PL121 Value: GS1.2.1692843418.1.0.1692843418.60.0.0
.aralego.com/	1970-01-20 22:59:39	Name: sspid Value: 5ab23481-88dd-3545-9e21-d555b8587ca3
.criteo.com/	1970-01-20 23:35:39	Name: uid Value: 2f2dcaa1-6f7b-4982-9855-92758c8186d4
.doubleclick.net/	1970-01-20 14:14:07	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:50:03	Name: IDE Value: AHWqTUkRqWmA3qR06lziqvjsjcrb7NVnYK5zndKj6WIL6rRA5ZImsdhTYd0fSH3ev84
.adform.net/	1970-01-20 14:58:41	Name: C Value: 1
fksnk.com/	1970-01-20 14:24:08	Name: AWSALBCORS Value: W3yCYpSA0BZGF0I8eX86ocMbrBszUz17zBUaOIuotH0/ue7cQyFLou6Jux5uckDrLddpOCcAvt2h48UWCY0BwrKTDZjSQ4e8b5Gk4MH7TkPXzF9GiOowPPOaWRsH
.fksnk.com/	1970-01-20 16:23:39	Name: f_001 Value: 6CA4D3479D72DA69
.fksnk.com/	1970-01-20 14:15:29	Name: g_001 Value: 1
.googleadservices.com/	1970-01-20 16:23:39	Name: ar_debug Value: 1
.travelaudience.com/	1970-01-20 23:45:44	Name: _tracker Value: %7B%22UUID%22%3A%2230C12A82-7935-4DA5-A99D-702BBB2A746A%22%7D
.quantserve.com/	1970-01-20 16:23:39	Name: d Value: EFUBCQHkKYEA
.quantserve.com/	1970-01-20 23:44:17	Name: mc Value: 64e6bd9c-0ec75-5052d-bb556
.adform.net/	1970-01-20 15:40:27	Name: uid Value: 749325289038815125
.mathtag.com/	1970-01-20 23:39:58	Name: uuid Value: 8f7d64e6-bd9c-4e00-b736-6e9b25198b1d
.mathtag.com/	1970-01-20 14:57:15	Name: mt_mop Value: 4:1692843420
.dotomi.com/	1970-01-20 14:14:03	Name: DotomiTest Value: 6bcf93d440d8187a
.adsrvr.org/	1970-01-20 23:01:05	Name: TDID Value: a8a67aa3-6c3e-4153-bad1-6a831e316cd1
.bidswitch.net/	1970-01-20 22:59:39	Name: tuuid Value: 38d46868-8128-44ea-9bc1-752e59c6589b
.bidswitch.net/	1970-01-20 22:59:39	Name: c Value: 1692843420
.bidswitch.net/	1970-01-20 22:59:39	Name: tuuid_lu Value: 1692843420
.linkedin.com/	1970-01-20 22:59:39	Name: bcookie Value: "v=2&0ecbc142-fa4a-4053-8528-c0525a5fdf41"
.linkedin.com/	1970-01-20 14:15:29	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2624:u=1:x=1:i=1692843420:t=1692929820:v=2:sig=AQEXRKRqa9lorbZT2Ly8AWr8j17NgYg7"
.c.appier.net/	1970-01-20 23:01:05	Name: _auid Value: eIBNmCFHDNifHq6mnL3mZA
.adsby.bidtheatre.com/	1970-01-20 14:24:08	Name: __kuid Value: afb74fc2-6932-40b6-81f2-65326236f59b.462057420
.tapad.com/	1970-01-20 15:40:27	Name: TapAd_TS Value: 1692843420470
.tapad.com/	1970-01-20 15:40:27	Name: TapAd_DID Value: 4cd65fc5-3f36-43eb-b839-4ce8c9e8899f
.yandex.ru/	1970-01-20 23:50:03	Name: yuidss Value: 1656036831692843420
.yandex.ru/	1970-01-20 23:50:03	Name: yandexuid Value: 1656036831692843420
.tapad.com/	1970-01-20 15:40:27	Name: TapAd_3WAY_SYNCS Value: 1!5666
.aralego.com/	1970-01-20 22:59:39	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:59:39	Name: gdpr Value: 1
.rubiconproject.com/	1970-01-20 22:59:39	Name: khaos Value: LLOJ9JW4-S-MBJT
.smartadserver.com/	1970-01-20 23:45:44	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 23:01:05	Name: csync Value: 79:k-HxLfu3-GIYzroWMncp5qqcY2mq4hvQpnQKt-GA
.taboola.com/	1970-01-20 22:59:39	Name: t_gid Value: 23c0acd0-7b37-4a6f-892e-a1b53f9cdb16-tuctbe0431e
.risu.io/	1970-01-20 23:35:39	Name: cto_bundle Value: 6WTh319VQW51RHF0RTlmR20wVWd5alFnZE45b0Z2RFZVc1JhSFlydFVlSXZ0Mnh5ck5GJTJCbWpnbE1RcFVZbUVobVY3WGZYRDAwRkZNMXNpZnpsancxSU9HRnhVUGdIZ0NkJTJCdXNsTVhMU1RKTDVId085VXVyY2glMkZ3cnpiT1R0eSUyQkJIeSUyQkVKY1poNGdNTGdFUU4wVkFvcXp1RE9RJTNEJTNE
.teads.tv/	1970-01-20 22:58:13	Name: tt_viewer Value: 885af5be-2221-406e-b8cb-399ba01f5c90
.sharethrough.com/	1970-01-20 14:57:15	Name: stx_user_id Value: 76385622-c18c-4af2-839c-fe5ca26c6430
.media.net/	1970-01-20 14:57:15	Name: data-c-ts Value: 1692843422
.media.net/	1970-01-20 14:57:15	Name: data-c Value: k-_dEKin-GIYzroWMncp5qqcY2mq7uaGOBGQsniw~~3
.media.net/	1970-01-20 22:59:39	Name: visitor-id Value: 3358450226573177000V10
.smartadserver.com/	1970-01-20 23:45:44	Name: pid Value: 1169441572815595855
.3lift.com/	1970-01-20 16:23:39	Name: tluid Value: 4138765735447733015134
.adnxs.com/	1970-01-20 16:23:39	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GVNl]cJ1!]tbPl@/D!9hy6]/Cr.5j3wvr9jG0Q_Ht@?lh%rxcuPA#6VXAghteKsm<dF>[`.q%C!zS]Ao/NHbpRzqF1`*bcpl+p`35
.mediawallahscript.com/	1970-01-20 23:50:03	Name: mCookie Value: 4fe99cb0-4224-11ee-86ec-f14a1ca0c61a
.mediawallahscript.com/	1970-01-20 23:50:03	Name: mUserCookie Value: %7B%7D
.yahoo.com/	1970-01-20 23:00:01	Name: A3 Value: d=AQABBJ695mQCEP7R33XM0jOfSmGDyY68NOAFEgEBAQEP6GTwZNxH0iMA_eMAAA&S=AQAAAsSZtm_ObknmiIc_GEsm1lg
.amazon-adsystem.com/	1970-01-20 23:50:03	Name: ad-privacy Value: 0
.analytics.yahoo.com/	1970-01-20 22:59:39	Name: IDSYNC Value: 18zh~2diq
.bluekai.com/	1970-01-20 18:33:15	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 18:33:15	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1Lzl6evy1BAgpXp4n2Y7huXLJgYQv1YQBYdxnBiQ0nDbtO9evahRK
.bluekai.com/	1970-01-20 18:33:15	Name: bku Value: uUW99Jb28ZHSDQRF
.adnxs.com/	1970-01-20 16:23:39	Name: uuid2 Value: 4661587944605638166
.omnitagjs.com/	1970-01-20 14:57:15	Name: ayl_visitor Value: 3eb19bacb1ab0b168a099cfca0741ab4
.casalemedia.com/	1970-01-20 22:59:39	Name: CMID Value: ZOa9nnDWST69yhTJkdhLSgAA
.casalemedia.com/	1970-01-20 16:23:39	Name: CMPS Value: 1393
.casalemedia.com/	1970-01-20 16:23:39	Name: CMPRO Value: 1393
.360yield.com/	1970-01-20 16:23:39	Name: tuuid_lu Value: 1692843422
.360yield.com/	1970-01-20 16:23:39	Name: tuuid Value: d1dfaf67-2a50-4ebd-b9f9-37f820451381
.c.bing.com/	1970-01-20 14:24:08	Name: MR Value: 0
.bing.com/	1970-01-20 23:35:39	Name: MUID Value: 0192FCB652D261FA19B8EFC153D56063
exchange.mediavine.com/	1970-01-20 14:34:13	Name: criteo Value: %7B%22id%22%3A%22k-94JffH-GIYzroWMncp5qqcY2mq4cQ02GO4l_DQ%22%2C%22version%22%3A%22criteo%22%7D
exchange.mediavine.com/	1970-01-20 14:34:13	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22500513f0-4224-11ee-9720-2f001c017f1e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 14:34:13	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22500513f0-4224-11ee-9720-2f001c017f1e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 14:34:13	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22500513f0-4224-11ee-9720-2f001c017f1e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 14:34:13	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%22500513f0-4224-11ee-9720-2f001c017f1e%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
.360yield.com/	1970-01-20 16:23:39	Name: umeh Value: !38,0,1755051422,-1
.360yield.com/	1970-01-20 16:23:39	Name: um Value: !38,hceLZBHggclyCVqaZMtJajOaYfJEysRTlpA51BYMG8WuZYiD.JtkA6bY6e267EwM2K8I3NIa,1700619422
.pubmatic.com/	1970-01-20 14:57:15	Name: KRTBCOOKIE_97 Value: 3385-uid:k-xd--Sn-GIYzroWMncp5qqcY2mq4bCN108rx0VA&KRTB&23144-uid:k-xd--Sn-GIYzroWMncp5qqcY2mq4bCN108rx0VA&KRTB&23286-uid:k-xd--Sn-GIYzroWMncp5qqcY2mq4bCN108rx0VA&KRTB&23287-uid:k-xd--Sn-GIYzroWMncp5qqcY2mq4bCN108rx0VA
.pubmatic.com/	1970-01-20 14:57:15	Name: PugT Value: 1692826602
.postrelease.com/	1970-01-20 22:59:39	Name: status Value: 0
.postrelease.com/	1970-01-20 22:59:39	Name: visitor Value: 4cd1c6aa-c34d-414f-b891-2c5b7d48c12f
.demdex.net/	1970-01-20 18:33:15	Name: demdex Value: 61182502742550955802754704069820749542
.dpm.demdex.net/	1970-01-20 18:33:15	Name: dpm Value: 61182502742550955802754704069820749542
.smaato.net/	1970-01-20 14:44:17	Name: SCM Value: b0326124c9
.crwdcntrl.net/	1970-01-20 20:42:50	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 20:42:50	Name: _cc_id Value: 31bcfaf0b9a03328ebdbf3ab752b2658
.liadm.com/	1970-01-20 23:50:03	Name: lidid Value: 3d1a96eb-5252-4753-be77-a2bc36137a01
.smaato.net/	1970-01-20 14:29:10	Name: SCM1001851 Value: b0326124c9
.amazon-adsystem.com/	1970-01-20 19:32:17	Name: ad-id Value: A_7fz4U2KEKhkrrO7gPbRiI
.adsrvr.org/	1970-01-20 23:01:05	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIktD9sseUkjwQBRIUCgV0YXBhZBILCKCThbfHlJI8EAUSFgoHcnViaWNvbhILCLK558THlJI8EAUYASABKAIyCwj6xJX43ZSSPBAFOAFaB3Z4c3J2M2lgAg..
.socdm.com/	1970-01-20 23:50:03	Name: SOC Value: ZOa9nsCo5sIAAMrx7WAAAAAA
.mediawallahscript.com/	1970-01-20 14:15:29	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_08_2023 Value: %7B%227bYSR%22%3A1%7D
.rubiconproject.com/	1970-01-20 22:59:39	Name: audit Value: 1\|sFBYK6M6tNvkdCJWbiLD5IUPJa/L+u/t7GK5SR/BXNmFQXC9JARqfhbj7owQpF7zWKNrspak87QiZ07GJqnMno4BjqNRGrmz
.agkn.com/	1970-01-20 22:59:39	Name: ab Value: 0001%3A6gwNdLYUSfbItSLe%2B1KxOrrljvmZC6wi
.rqtrk.eu/	1970-01-20 14:24:08	Name: browser_id Value: 1:3de69c50-b115-4aa5-a41a-674288992633

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97a2460711f7e17c8d36d1d6f2900aaf.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.sitemaji.com
ad2.apx.appier.net
ads.aralego.com
ads.stickyadstv.com
ads.travelaudience.com
ads.us.criteo.com
agent.aralego.com
an.yandex.ru
analytics.google.com
assets.risu.io
b62c4a85cdbf818abc7677d0e6144a55.safeframe.googlesyndication.com
bidder.criteo.com
c.bing.com
c1.adform.net
cat.va.us.criteo.com
cdn.aralego.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
criteo-sync.teads.tv
csm.us.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
f894384d37fc5b93a5175da651041d2a.safeframe.googlesyndication.com
fc01e27960353dff309e337bc043693e.safeframe.googlesyndication.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
im.bluevoox.com
img.feebee.tw
jadserve.postrelease.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.tapad.com
pmp-beacon.apx.appier.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.bidswitch.net
r.casalemedia.com
risu.io
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssl.sitemaji.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.aralego.com
sync.crwdcntrl.net
sync.mathtag.com
sync.outbrain.com
tags.bluekai.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
ups.analytics.yahoo.com
us-east-ad-track.aralego.com
visitor.omnitagjs.com
widget.va.us.criteo.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
100.25.87.174
104.126.112.185
104.126.112.26
104.126.114.69
130.211.28.216
141.226.224.48
15.197.193.217
15.235.42.102
162.210.196.208
172.104.70.67
172.217.13.130
172.217.13.162
18.165.9.109
185.167.164.39
192.40.39.223
192.96.203.13
195.244.31.10
2001:4860:4802:38::181
202.241.208.57
207.244.102.142
213.155.156.165
216.200.232.253
23.105.12.173
2600:1f18:4e9:5a05:2fab:9535:5baf:82d1
2600:1f18:ed:550e:8870:82d1:4d94:4709
2600:9000:246d:200:1b:5138:8a40:93a1
2606:4700:20::ac43:47fe
2606:4700:3108::ac42:2902
2606:4700::6810:3865
2606:4700::6811:190e
2606:ae80:1451:14::1050
2607:f8b0:4004:c0b::9a
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200a
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2003
2607:f8b0:4020:806::2008
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::4
2620:100:a001::c
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:c11::200
2a02:6b8::90
3.84.175.74
34.111.113.62
34.117.157.22
34.200.65.202
34.201.254.73
34.202.10.239
34.81.191.174
34.98.102.251
35.173.111.127
35.186.215.140
35.190.0.66
35.190.36.98
35.211.118.13
35.211.178.172
50.16.65.194
52.201.146.33
52.223.22.214
52.45.175.185
52.46.130.91
54.205.43.202
54.236.179.17
54.82.254.5
60.199.208.47
63.251.28.233
64.227.64.62
67.220.224.144
68.67.160.137
68.67.179.155
70.42.32.31
72.247.65.83
72.247.69.164
74.119.119.139
74.119.119.147
74.119.119.150
8.28.7.83
8.43.72.97
8.43.72.98
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
01e8be122ac87eb4686d3bdad82d7e241a721dd3381699cc71423626ee7d7a32
02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4
0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82
05483c3321220f804854eca17db1220189874b5e1752453ea096b160b6dc2e68
06e479d0f9e5f9c5b795b001346138b2d195a0916aa18a76a18b8510d42e2a4a
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b256fcb09121fce28553b5525905d1ad4d31665a3d5bb4fa87c530576683cf6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fb8162729691e34b335840119c3527f06d471cb0300e10a1b781c1cd20d499e
12e0ea189f792930700c1367a71ad87b7ec7e781be75f34586628b67ce49d9cf
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8
160c9dfdb2ff07ffd41734510f016ac2c2e97e14a7ca96cc58c338d2e9ebd848
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c2c621d1fb7de7abe4d0823cd51b1057437c7817beb53bef24d0fb27b9d407
193464c2935cfb187584dd9390806f21b3795218d92ba1e6fce16cf14add40d5
19b82f55efd65bbb18feaa45a80c02c2e6826b1f602380f8269d6b84049f7420
1a3f938fa71d2bb9fc4a4f3b0a1c022080fec6db190c88b8b64788462493c60a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c38444fe38c715c0b107f129c4d80e17e6a47dd61cdd889e1d1409df9350a28
1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1f2d504ff5d4476dc0d41c6e62481c2175657c9405927a55c7e3c6d2ff5c8443
1f55600e58333fe772e636995888e91df62b346f08d4219de5072915f1f0e77c
22b68eaf67cc2d2db631ec11142c1eeba94c7a09d5180daced1c8dcc2f63a168
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a7a41de19acc9a4f2b7cc432db547e7ad7a3e122206dffdb8656fe261f046e
36a77c56eb6c02e8de1ef88b43de98476616a144fc26ab63e28689caafbf8e85
3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164
3804023e4d1308eec25046ff570e5bd8e970d6541c6b87bd4fe0d55e1d29d5e1
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1
395da25a369d735330850a6157241b046840f239c2b2cea31a08d94d4a9b073a
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff
3a9c07391f80989cd5cc2e39a76701e0d777f80cff839c1eb1c6d92d9cea7bd7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e36b107901af933c0d5ca53fc8d65d2c13e47de03f291bd876d1fed1ceb850e
3f205dd4bbec77e28fde200ae38a6ea019d6c92caac85570c141f20d4a0216cc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403ca60fe8005d0f23208fcd05a227292169e77cf2f3c38cf592303f7818b489
41e15d20c612a399661886f62b4aa8dde978b0ee52d8b81915b5b0a9b123da77
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
47b59fde45efe3ac0d791367daafa8ad23961753e745a7a61344b974c46a4f62
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a0e731a7c852f0fadbdc75b0aaf9956616e4133af6eb296d5488f8283d6de85
4a6260c49284d3889ad5745d71f9cafb4a171237baf84e13d62dea7c2eaa7d2b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3108dde36ee11584c4e3afb31d13b0d4a46f179512e35799e0d1fee305532f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
4f6457544fbd104768db75306a1b1f86f995e8dc1c9510fa76aa5d511dd76dfd
519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df
544a824d5c2de09319750435d5d9d001ef1b5be51bac958814ec686573cf72f0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
5541f0d7331121ef9745617580cb08e1640d2f184e19ff3c8d7208bdaf9f168f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5741c76e566afd540fc9ce4afcec76fde71dffa6c5108144423cb8cf9a393479
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5af8d0a3e2b702f8cbaffb5db7e69fd7e5714324d7ad0da3d3a766386c5d8afc
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa
5f451a962510c58a226a4e6007636fde230065b7881a411377e36f64815ec7c1
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218c89aeba998ce96c351c07bba16f0f37d591eb24b3a5c954fae4adda5cc1
6351cbbf69ffc5c0e1e8dfcdbea29052ec975da62b55156f8043d71fbfbf626f
64a7d35edc992fa4bf6b8f0624266a59c76253bc92f80bd9f0a20cc253dd7105
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6849b61bf92ff04a17d5f47723004ef7e66f3c66fbd4681d32ce5aba709a5553
6a847324c10602a3916401d5b80f0c994d2ebe46cd932f8f8dc278678ba5e583
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
6ff207d89a7a66aa835cceb3138d1445cd1519fc117530c4567c1b77a82e63e6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7bfcf58c43488694d6b4061fc36f679397d50e82243c93f1d9c9146220360970
7ca8c3e024af46a80d808a6976dcb662de483763ddb3e55bbc277dca33f37aad
7cfe90fded93ea0d96c74ec3869afe8e4773c925728c5ff695dbc9d6e6de2570
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
7fdac102920b5ce661aa470d99f640ea168356a41b5e86b167061d0c502c5f38
80d6017536dde3090febf2b90d835cad8c338608703f66cbdffb1612a7eeb1b7
8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86
86550f9231ac0b01979ba968952348369036c182ee511f33eaa64cd5b71c0781
867e294b7e84ef2670c1f04086fedf178f46be6a3c4f188240da2dd8b7b68837
86e84307e71be0bee507b94a2f72717cb0b55611557ba5411db202109adf92a3
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304
8929c2d710050538ac7cd426cb1a4f4bccef276b231828e8e30ad4204a2d650e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d0814e30ccc6696af1dc6a00f80574e1a8d1e599ebf71429f367792781c32d4
8d59772a54b68296b892f12c676e1b20f682466dc331771448ff2e41c066d14d
8dea2a3a0130e4b8503624b81eec4868c2ec4a028b27a8c148d04edfba1701ad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9054679800c1ebd5227f44791e81f40a87031288dabe02765c8361443e45df5b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
939a6851c43eebc287f0bcfbc8064ba2357eed3cabe059e8357c4028c622703b
94157ae9b66976e8e9ab87ba7be3275f51f0bcb4fa988b626889ddd47bfccf2d
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
95dabe064835e8550609f5687740538f362d3f22661bd58a457c7e24142ab590
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99823cbdf1f0e2ff7ee0669ccc5efba70f9b79fa36d4eabc8031f2bd78d2aa11
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c06c9932b4b262c56f5863061958a5f80e27b19b8a45c2e7ad0fb6f46b52e1a
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0985c82b099482bc4dd7d41f57741136b39d049cfe30120c30f958b121a34b1
a0cab722e4965b703922e252b239718fbe5edfe4774b307a6e32cd3894cab4c6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7
a858016f251faf293ebb4c59c397124b1b9b5cab496f388e5e10eaa5b9ef8cd8
a8d266bd73470a02cc1410aa3dd29da9d49131f729c0a22de7e0a70ca7d4e89e
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
ac6c7df9ea6f8e1bcacee7bbb1df0c7902650aa2bef04e536ae838e7c9146aa8
ac90ebd544435180efe879112a9fe0bf394aa364264ccadd0ddb903a2fdfa4cc
ac96ae1aabb5486c2fbf30d3fd66e8afeaa62265a8c5e2f673e8c3bf6b045b70
ad6adf03f2d56fd10094fb06c89670b63216967b102b23d53abf8d79fe307950
ad80d2f0384dc52458ef5e03050c484833ceab6cc4b94676ca61adde88193b16
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cde5d7735829afde0598870c51c7207f9c947f7064915dc7fc322a08632fdf
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b4ce18fe442fd51149530692e61bea90ec02be867d200db57e96fe27f6f966e1
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c
b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b
b9e47eab6bd9bc07917a458f397f54c74f481c1726f115254039c74d6668e0df
ba81cd2150a1838b3ec68248f6cab7225aea0ab25edd547f0c97eb3553a57f6b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe
c0670fd0875ec25d06bf4d731f071c7bd30fb9d342ac7bf4fc4c1ff04707af66
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c9df06013322d65bdb07e706f97dcdbcf6393d2a7b41f55e76ed2c05e5c9ea1a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc49e36b202495f2ec0f608254a1a65005a377a45d130fe1343594864f3d7a38
cc78f02253750741f9064a9c0b596181e7bb2b0c30336d61ed6a474a98bc1358
cc80acdb887b847643d49d5e7fb523dcbe7ac8de5c10e9d0b5764dde200c92ab
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5e75257334e984dfcef9830aa2ebee333e31d3b914d7d53cf3442e300fe4fb6
d6928dd27077e7736a13a9a4c95a3c4049d551bacfdb1f09c24f40ceb361d433
d97ca50382cda81d066ed39e6260f3e1820cd824a0b00f913a1fb27d219a32c7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47fa8d3fa1d4045c50461ba5487dd03d9c63eac6947fc55683b9cedadaa7f44
e5a86a102aa0fd31227b7576ea8ae259cb75fb806210390f81a0d8ef9bdcb603
e6642731e48fb0aadc479d597c5a9ed632bee438798796441f42480e84c4ac31
e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84
e97b517ee951e27ca183317604c73dbfbb49f28d27cfb8200ebad5cbc1e6d513
ea652f36e75f1beea81cdca2cfd1d8c157c7cd22587e13bb5bb2239e05f544fb
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ed366cbf649bb6dcef9922c1c1c92d8fd8098992c18082e4b5b3dd75e78f7030
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ed49490a4b3ce60abe7891f0a4c42a25b772d5c81a31adef45168b98c9647
f2227e4ecfe11639fe09be14c441b217c8baa4c1652f33b434a4df5b3702caa9
f2edb8a66bf793b36da1eaef8d4109c274551390215962a9e5afe9fb7c3a979b
f4ef7a4804e1e9e498d60c6779fa615fe2818aca5d0c96ec2d30e72fdfec373d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f679a805af58ded6a5d7ecf19e531bf6532259ebb1d02ec51856a707dd059edd
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

risu.io Open in urlscan Pro 2606:4700:3108::ac42:2902 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

399 Requests

82 %HTTPS

34 %IPv6

65 Domains

99 Subdomains

73 IPs

9 Countries

5189 kBTransfer

12662 kBSize

102 Cookies

6 Outgoing links

Page URL History

Redirected requests

399 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

risu.io Open in urlscan Pro
2606:4700:3108::ac42:2902 Public Scan

Screenshot
Live screenshot

Full Image

399
Requests

82 %
HTTPS

34 %
IPv6

65
Domains

99
Subdomains

73
IPs

9
Countries

5189 kB
Transfer

12662 kB
Size

102
Cookies

399 HTTP transactions
2 data transactions