risu.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://risu.ua/
Effective URL:
https://risu.ua/
Submission: On November 23 via api (November 23rd 2022, 1:44:21 pm UTC) from GB — Scanned from GB

Summary HTTP 158 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 23 domains to perform 158 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 2nd 2022. Valid for: a year.

This is the only time risu.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	45.133.44.3 45.133.44.3	7018 (ATT-INTER...) (ATT-INTERNET4)
21	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
15	2606:4700::68... 2606:4700::6810:dd4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	35.214.184.209 35.214.184.209	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3 11	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.78.104.30 54.78.104.30	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:21f... 2600:9000:21f3:7400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f18:1ac... 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc	14618 (AMAZON-AES) (AMAZON-AES)
158	30

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

risu.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

risu.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

cdn.gravitec.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cdn.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:dd4a (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocounter.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.184.209 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 209.184.214.35.bc.googleusercontent.com

api.gravitec.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.104.30 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-104-30.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:7400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	risu.ua 1 redirects risu.ua	2 MB
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	480 KB
24	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294	224 KB
15	idealmedia.io jsc.idealmedia.io — Cisco Umbrella Rank: 91069 c.idealmedia.io — Cisco Umbrella Rank: 80797 servicer.idealmedia.io — Cisco Umbrella Rank: 91226 s-img.idealmedia.io — Cisco Umbrella Rank: 79321 autocounter.idealmedia.io — Cisco Umbrella Rank: 98947 cm.idealmedia.io — Cisco Umbrella Rank: 23167	284 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 729 static.adsafeprotected.com — Cisco Umbrella Rank: 546 dt.adsafeprotected.com — Cisco Umbrella Rank: 518	108 KB
7	gravitec.net cdn.gravitec.net — Cisco Umbrella Rank: 24308	59 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418	5 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	85 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	142 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 662	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8709	914 B
2	gravitec.media cdn.gravitec.media — Cisco Umbrella Rank: 43529 api.gravitec.media — Cisco Umbrella Rank: 33842	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 307	460 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1473	351 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 929	356 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 615	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	693 B
1	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 170326	586 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	43 KB
158	23

	Domain	Requested by
43	risu.ua	1 redirects risu.ua
21	pagead2.googlesyndication.com	risu.ua pagead2.googlesyndication.com 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
11	tpc.googlesyndication.com	94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
8	s-img.idealmedia.io	risu.ua
8	securepubads.g.doubleclick.net	risu.ua securepubads.g.doubleclick.net 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com www.googletagservices.com
7	cdn.gravitec.net	risu.ua cdn.gravitec.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net risu.ua
4	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	static.adsafeprotected.com	googleads.g.doubleclick.net srcdoc
3	googleads4.g.doubleclick.net	risu.ua
3	s0.2mdn.net	risu.ua s0.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	fw.adsafeprotected.com	1 redirects risu.ua
2	cm.idealmedia.io	jsc.idealmedia.io
2	jsc.idealmedia.io	securepubads.g.doubleclick.net jsc.idealmedia.io
2	94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	autocounter.idealmedia.io	risu.ua
1	servicer.idealmedia.io	jsc.idealmedia.io
1	c.idealmedia.io	jsc.idealmedia.io
1	api.gravitec.media	cdn.gravitec.media
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.gravitec.media	cdn.gravitec.net
1	c.bigmir.net	risu.ua
1	www.googletagmanager.com	risu.ua
158	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
t.me
www.bigmir.net
luxnet.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-02` - `2023-02-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gravitec.net AlphaSSL CA - SHA256 - G2	`2022-03-22` - `2023-04-23`	a year	crt.sh
c.bigmir.net R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
cdn.gravitec.media R3	`2022-11-22` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
api.gravitec.media R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://risu.ua/
Frame ID: AA69985708FB56FA7122071982B1A110
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: BB782063C643340051638B4556A5BF86
Requests: 1 HTTP requests in this frame

Frame: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97CCDE0AB3940AEF374CDBA6C2DDC152
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=pub-9928410365207988&output=html&adk=1812271804&adf=3025194257&lmt=1669211056&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Frisu.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056200&bpp=3&bdt=468&idt=419&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1062381632520&frm=20&pv=2&ga_vid=1900202037.1669211056&ga_sid=1669211057&ga_hid=463938674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44773613%2C44770881%2C44778767%2C31065825&oid=2&pvsid=183998554022169&tmod=1461548630&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=440
Frame ID: 73ADFCD2C8D39DCA631881BC0CCE6F0E
Requests: 1 HTTP requests in this frame

Frame: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E058C1320AF1D0B495CB02FE63A462BB
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstalu0633pJc0sDd4zZfxY1DfmyDzk16b41Ccii97m0os0Dc3qqD9h_7OguIA9MhEzMcEc47ZgYZRjgKuFXkolfsagtAN5snOGJ1wBj7XJId1qz8ml31SF2AQuP140Ihc_vOf5CNnYu6rgW2K1n9oHDSJSc5-CerHOdDXjMWRSmYCPCQXnj4ImhF0s-To6CkbqQ_DbyURFNWZpnvYZM3DrWz5HdGu4TXpAF960b3pv6feqEQsPfxXxqRTzx0xjZTLomyPmzDIxQRj4SWpSyffc2uLqDxZsFMS5X0uqj6ougEKPzrl9buU6y396RxePN8O1JHwQKrKteKFiMiPAM&sai=AMfl-YQjHENiV94tkwkQDhWKG0wo9eLF9aeCTWzF4SxG3Ez-UF99Hq44Ikst1Xlajz-Wf_8r9LhLeHs-rr7EDKXJBFLs1bBtZom1-mwfCOVs4i4wBBv4OpLkcbgj1wkgZnytw64ErD1a1aav_1vXwCHBCA&sig=Cg0ArKJSzG3Fqeqe-0xfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7C34B428368B6A2B40AFDADB0757356B
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Frame ID: 0161EBC402AC3C005E12C79B2A7A89B1
Requests: 1 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1669211057558951894130
Frame ID: AE68010F6D69A8533C5B4330B4E60171
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYvuSMzAEwAQ&v=APEucNUsJ9qFsQtaQ7MKjq3gXetES1s8ArwwU-F00jDFOeW7Y7pIGpZVof4B6bYkkyWGK9jm4cdWNhHkw-YvJ0rO9VmIEWpmNkNhymEiPY9tJD-rEJ35meUy2oNYxMT1idgWlNDWeji0S-63t7AnXrJYyVw-mv2ASXLZJHTxd5v_wN53yFe0rPo
Frame ID: EAAE21B6F603C3DD55BB81E913C36ACF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgbBrrss-PVbihxtzPEYTTYlE114zPCkoOdVW0ifR0dBoSgVW9mSjv_fe3b5lr2_IywaR8A5duLq7rfUzh26mKayXk0pFT0IePV1A6BzH-BwW7P55x0sAuUcx0C15Z9plO3_CuQbn0icA2O6yiKRvfilsgI33tzfUsOyq7XeZnPBnhQOM&dbm_d=AKAmf-AM9XLH7QLgABk_ujPFnDreomEg05RPjL4W9cSLvA9FjUmqNxeNsUuXVwt59OHLQyNS87_6bLfj8MCvPu5L0yaFKLoqIgZN_Y0J-UeNha51hn0vFx-EGThEBw4BpwO5WaC2bQRCiApChpO3dQCSci77BKZ_400ARRI5fPR2dR9OMh10AbZiihESCUAHUh9IjV3SWbZkR8swsx4Xx98exNBSE9w76xGVjKSLgK67uI1h9vvG0ShijoUzlmKYF60NwZV2B1eW9K0QlaJR0yGgCykrtgTfxMX5LrMKJfs-Cqp_A8HYCGumFtU4RFFj8eOb5hbemZ5tjZyKOffPf1DccWW6Noy7x2kB7kY7FnxmG6nqfD9RmxHqkwqCiL0lMnpo8EU7XEycVkn1s3Q3kTozVcByf4GmZ6QFTrgJIywpYddAlJ2D1IoNkw7_0QxCUaev0_PqUMPgKYDalHHv2iw1ZCae5rb3ZKPMW_RaBtcAHwYRG85jgTYGkp9ioz5vwSNePByNL1YXC90O6PFMLf-DzeAzxVE9mMgvQfE_9v3FR8o_M7USCzzCQEFakT8gU_xcckadM103zMBGo4OKdR-YmYdWAYoql6i9emH9Q8yTbZ1FA_cwr-8OFOt3c5Nj3FWRqgSBGgLAixoQFniB0liXt_W40sWNfCS6CuoQ3F_aP7l5okbupe8pz4jjxfHfeIzAuMwkaf4JtKitQdtVEL0mZZOFOvrKp6ThRSTFqt3uo8MRvKRtbd-KHB0gwZU-qN9UGX_0vsnZOsOUUVlonHhszAPEuuqORKHUrLCvJwtERDPAGQS3-vI0l5uxwBBdviRpaceZFCFadF2GLjqo6WGoJsQSSK9gRqOdqoGE_IWwE4Jvuan6H3W7NxKjVJ3HyWHrjtyKqrbN2YtRP_7zCv8YeWMh7YbSEMX2w3QTgAtkOcGMk-I4_O0RvSy_a4AtXgRu2wCKQ3WV9AHTxl0Roo5YuwH1nJxftrROMqFBqan2bH4P4-legF6hwjBFI0NrP0LctXVrY2vKamAADHcsOzrGuahP5ma2neDcpt-72JievRmuQymixiYIpIlpLOyLhXAxqdCFTEK7ILLCM8br5ybI2K59kXCH-SEg-u5IEe6TUTPQchi42_7fQAbJvOCK0XlGMt8o7OmvismlXh3d3FExIn7DPrMrWvfkbD9TSNJRgkm7CP_mslabMmfcDftcVjXqVeZ6wi1n9JqRehZmPKXKxoBnjsfAY-u3dhW1IzBXv8c8JVI9FPV81QVaKnkE1f8k4C0KevesEsUuKF2oz_OhjKfSvMOnvXow0EZmEEe0g29paSqL55w6lDqfY1v64oNZnaizc_BBf8hwWbnQRhegIoD3ZdqIEnvBrow8jZ6wuslBVI4P1phTaDxni3Dje9rvbU_w17nwRvxhrVtU87ZeOOut0Dkarf0vJh2uFGH42StF2nkR0aF3hv6w_Ih_fT9k-O5WYcxP3FkZ4-qPsjyecur_cCkHtKcLNJOvQ71Yz0idaJpuk6dTdHyWtJj-YHZtoD-iFFQ8cSaFZWwnadUYyDemMaE87KIVrIF9flhAOjEJvfX3WFxcClRJls1ETcM8akFFk8Ttor5xK9M8zd8yMUGn6mvkGK-OSGFiVNVub_UOPMs3KiVqnkktw8KirAPU_V_K05McW1Ol4jXFbeur0KMdHHiCFMkozinWP-xNNVdK3W_E_IZLmOJD5aSDOsQw236CQD_kew4Jzh5d1tiFr28Rbb0D-zilR_g5BbtIbTe0-BsXO56-oddy9fgGMRkyhHh4BrOAAEIUvnjEGzSudZTZYZWNNWC4kT4g0S3vHKKN3LlOEJOPTtTPguAfBXTErBDQMjVWCNPUnUW3evshMy8tFsUhLim-NiY_9IviMQhczVrNZr5csFpeAvAwuEQ54i0lX4P9U5pBspXrrypQcYKZDq_7bAtNoI2y3qW_bScTC3oODf3Oa46B25wfuITP4al6-RJT5IGNIyABR9yToCfxmGPlNTX1gklKpzNHFrWnfmddrpp4feau01oFnJ2F_AC85uVFSm2vJoNlwpKr7cL60CEkuAz8-gM37L2_mpPrL5mAa5kMIBTle16k2z3Po8M8aewbJNtxPY_TPOElVDKbmtUzRgk5-vX3v4Ft-NeAvAZlXq45BWiRhEt0Si2w9TWUh_2bVpNAFy2p4Hc06SXiZS6sWc64ZDJKN3jUiUfCvo4YLr9kdZLttLh-4a4Qh-0SH4cyGsA_f3qXwbCGTneicpcK3J7nZJF9YMGhynZ4rWR7gu_PNka-aK6EkX0wgDFLJ45_sSFfCSuAwD5d04n2FZVjRA9jPR6nCxBokxjRMV5CZ0U5lx_wbUp5xFzQyjC_PbFCGAJAhUxzQdbx9SXucg9wbY2WEYCzP92wdF1dxrF38i5FV4A7IcsxoXpDGfvbmp1_3BMC4K3V37ahdKDkO6r-1cd0961fpLRd_rv1zGlfjnz_JauwLeMDPGhhCL6QAb_D4gjlesD76UokJMT5_oB8SJI_TCxVoHlateNoSobld0B4ln41opzSGeWZISvfMtpcPWxfUDRjl6BfJHce5snxo4heQysLXJeYf_zC0-yFbI_1RJn6Px1wCS-w9s0lZ5OBIFpfO4PopOLuqC9eb2PxEJAJXQ5JRz-_VLZjpv-tPB75GZP4YxqqntgdHjmMInZ8nm8hLz-d6fZKUFHevGN9oczfYcM1y9ibJt8B32BaJE0hlroJ9RP47kT5h7xsLZYgGOP7ERxrmD6gtHWj6KAHW_jqXN11OiieqQFXkQRPAgQf1HqhQSwPkNd6VpaYb41iNUBu92UkiTQj_QLJ5J_HrjTxYQS8iiD0F1uQcfcMGEQvgwxhX7xG3xRFtTFiRbhXyFbb8B7RKqiCerJwpRiJpW8iRGFB350KfQYeTywlnUUO0xNqFttkcF5NFUZKLouzX6o3hFeekGqzRFjODaYfJZ2HhSeqWFb44q9kfR2bbiqxP6p0JWdsRic9l0TfLx3ZKvlvZthR-XkjOu6BOkj6evtlJfibS08exOYH4ni0V1xnYtErOrRIERmRcCYakiC32Qgmo_UWAnD3Ts_cpIUFoc_49uLizjsjio8aLPflczrkOZfrTUm51YAG6322qsHYgtMVCOP9i8Jl48JPCwSaoSvb1GM7oq4Q0hRfxjKRlgp2C0YXLgUHtRwsQbnYHt3A8zLnp1Z2KVKAtX0zURfxf6uey2InSRBsPRm6zzFrAhA_9Zzz_Xzr-N0kjTj-TdZGUqSEv91UOJKjAuJ3GASAR0-ImCluOGpRERXaOVr3vp9rkHZzQtechcWn1V0h-97PmQBSIOeKl8eqAevaWqV-DN3l3JwaS4pqOfjVMUf2Gck4xHlmy8I12d6EOj7ijHl4ZzIoFSgojp4j3oysTqiz6thqdhXc7UOiwA3cHQs4GE_cI1ocdhQmQxHWhKaDszFX0M8YuSVvD9JaJYzH70XQGJHU2-O-kjFeyUVbH7K8d_B1jYuFwxOofnEVZkxHzTIB3Szl48qpFpEY53m2_gyizFPd_em6-xtwlKCCU9p5IXtY_c_JnsO7DaXE_bPJBKo2wRvMNuLsGRQRsoF9epN98dOQFOzxSYV46KA8Majftjnfok0gsSDh3m9FDSpMV0R1KJ1-GCTIY-eOcxukFq_3WA&cid=CAQSKQDq26N9ZhX8mhrwAbvYpqlb9_yUip2vy4E8bztT5JvEcW75Cl3y9tocGAEgEw&rfl=3%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252F94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com%252F%240
Frame ID: DE9F2D360431EDA7FD03EE295565E489
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38E119F9B0B299A465E8072F6FB59B8E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 223BCC82068536A1DA45A1C00F8EFA88
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13388817702110049029/index.html?e=69&leftOffset=0&topOffset=0&c=diEL4eJoog&t=1&renderingType=2&ev=01_247
Frame ID: CAD3DB690E118F6E0A616B04E4921265
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7F186C83BDD2A589A80E5A5BBB3413FC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_728x90.js
Frame ID: 7B4D7A14E6263D4A07BB4EABB511A21E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EB4A3FF83EF0CD3B0D69837CFA8F8AC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 055F64465C282D1215A4ABBD72F27B75
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F6D1166F2B29C85009261FE9586DF28B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 501D06BEC1B722C55D3920A1CC439C76
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Релігійно-інформаційна служба України - Інтернет-портал про релігію

Page URL History Show full URLs

http://risu.ua/ HTTP 301
https://risu.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

158
Requests

93 %
HTTPS

58 %
IPv6

23
Domains

38
Subdomains

30
IPs

7
Countries

3661 kB
Transfer

6888 kB
Size

22
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/risu.ukr/

Search URL Search Domain Scan URL

URL: https://t.me/risu_ukr

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

URL: https://luxnet.io/
Title: Made by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://risu.ua/ HTTP 301
https://risu.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&C=1

Request Chain 101

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y34jsipHRUG.EMz22R1lkQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&google_hm=2

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFqQx2KgSiAodg74oRklHk4&google_cver=1

Request Chain 103

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjE2ODIwMDg4NTU0MTAyOQ%3D%3D

Request Chain 116

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH5SKvBGflENobjJS2LcHZM&google_cver=1&google_push=ASkJ3Faqsy8VRIHAdOitVuCp0INvgMKpfT0Uv8c8iTN-p-3D2DYFBzv9ba4m2IeNLGlkxNrwwXystaalBMoMz42wsbq0piOEpJM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEH5SKvBGflENobjJS2LcHZM&google_cver=1&google_push=ASkJ3Faqsy8VRIHAdOitVuCp0INvgMKpfT0Uv8c8iTN-p-3D2DYFBzv9ba4m2IeNLGlkxNrwwXystaalBMoMz42wsbq0piOEpJM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pY6x4F5CRZmly7939RYqyg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Faqsy8VRIHAdOitVuCp0INvgMKpfT0Uv8c8iTN-p-3D2DYFBzv9ba4m2IeNLGlkxNrwwXystaalBMoMz42wsbq0piOEpJM

Request Chain 117

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIMdFoBJ1GGDdzHk3rBCBmg&google_cver=1&google_push=ASkJ3FYnkb468SQPNoFVRoA_VOl-s3clvtnWThYjPL44GH7LKNe-Hnb5Gm0-_yHe57MBO_iUDoEYAiwPRj47PTZMudgqggTdGNA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUUDVaTjgtMTItR1pIRQ==&google_push=ASkJ3FYnkb468SQPNoFVRoA_VOl-s3clvtnWThYjPL44GH7LKNe-Hnb5Gm0-_yHe57MBO_iUDoEYAiwPRj47PTZMudgqggTdGNA

Request Chain 118

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM4LMavl-VamUJrcq4lPcuE&google_cver=1&google_push=ASkJ3FbnIEGl9XwUO1mUmxxgTn00dCLulvH0HW3MiZS1cd6ggbv9lwVHvfNcrB4CcSL6WoywZDSQ8DJstpIM9TuN8L05fad_BCM HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4LMavl-VamUJrcq4lPcuE&google_hm=Y34jsipHRUG-EMz22R1lkQAAFIQAAAIB&google_nid=index&google_push=ASkJ3FbnIEGl9XwUO1mUmxxgTn00dCLulvH0HW3MiZS1cd6ggbv9lwVHvfNcrB4CcSL6WoywZDSQ8DJstpIM9TuN8L05fad_BCM

Request Chain 122

https://fw.adsafeprotected.com/rfw/st/1027165/63628760/4.js?ias_dspID=3&ias_campId=29083867&ias_pubId=pub-9928410365207988&ias_chanId=1&ias_placementId=17455881509&bidurl=https://risu.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iwo2IOxemi4jiLMjEEW2pi&adContainerId=brand_safety_sSN-Y4f-MsPrx_AP_42E6AM&cbFunctionName=goog_wrapCb_sSN-Y4f-MsPrx_AP_42E6AM&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Frisu.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9928410365207988%26output%3Dhtml%26h%3D90%26slotname%3D8325297138%26adk%3D2872405833%26adf%3D3173046729%26pi%3Dt.ma~as.8325297138%26w%3D970%26format%3D970x90%26url%3Dhttps%253A%252F%252Frisu.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1669211056961%26bpp%3D2%26bdt%3D237%26idt%3D263%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26correlator%3D2481358873046%26frm%3D24%26ife%3D3%26pv%3D2%26ga_vid%3D591225144.1669211057%26ga_sid%3D1669211057%26ga_hid%3D964588400%26ga_fc%3D0%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D970%26ish%3D90%26ifk%3D1083255078%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759842%252C42531706%252C31070969%252C44770881%26oid%3D2%26pvsid%3D151541581135637%26tmod%3D806128460%26uas%3D0%26nvt%3D1%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C970%252C90%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3D1.fkqg7mb08ekh%26fsb%3D1%26dtd%3D284&adsafe_type=bed&adsafe_jsinfo=,id:e9db398b-5a5a-8ea2-999c-9fbee16e18c3,c:uNwRGq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc864c74-w89mm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:to19usg+11%7C12%7C13%7C1411*.1027165-63628760%7C14111%7C14112%7C14113%7C14114%7C151,idMap:1411*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:ed3d1ca5-6b34-11ed-bc5a-7a2b83aeec14,v:19.8.366,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

158 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
risu.ua/
Redirect Chain

http://risu.ua/
https://risu.ua/

99 KB
15 KB

1696ms
1588ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b76d39f9739c047438805aefe7bd9c08fb945161ed7e4a0351af3acc6fc4c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 76ea56a07eeddc21-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 23 Nov 2022 13:44:15 GMT
expires: Wed, 23 Nov 2022 13:44:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3GPfhoCKw5ZLOSEgVP0%2Bsnyq659CqXjj20nGzk7cgqbEVEzIbb56Ihtcn0yHDAI4fR72Wm0FOVrWm6q9LtvCvD1jPz3rvJXPBIImEqwEoDHmCNUk3hO2j4LG4N24vtCZTkye%2Bqk"}],"group":"cf-nel","max_age":604800}
rt-proxy-cache: EXPIRED
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 76ea569ebd8e72bb-LHR
Connection: keep-alive
Content-Type: text/html
Date: Wed, 23 Nov 2022 13:44:13 GMT
Location: https://risu.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=welrbd40bFRXMJpIy4OXIBCYkMXU6XNZoHuCtWXtigT1MZicDocn4i7LlUsP0OyKbft%2FK2s92GqPslPQu68Mgwcjk9pdNd3sxuCwaK0EUALkt7p5CKvJAwPyL1kHWvsVqDIoTs5T"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 styles.min.css
risu.ua/assets/frontend/css/ 454 KB
32 KB 63ms
59ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f3048328ea976c336c13ce30d86374bfc6036a0dc0e6efba2eebefc1040bc1e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22154
etag: W/"608bf299-71989"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buMMfyJUiUKDztwksN9NCeg6Q%2FANP7WQqIkbbTP1NtUR5MA8ZphHVRN%2Fyzv%2BWu6sT%2F1gJOLgvNVFsCdgn95oPdvQ5mR9BeJN3zWTFXEW5lDYQgcoe5lkmk1or5mPgdLy%2Faf7jGgn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 76ea56aa8ae2dc21-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 198ms
72ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-11950234-1

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d63b0b79030bde5eb98873c6d8130108ad659dd95127c5b7d8757a3bc234461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43725
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Nov 2022 13:44:15 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 219ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8cb0767a020f6bbaeaa4b08d4eeabf9c06ced5dc1cb282a7a14f6a5a8b0f15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
server: sffe
etag: "1400 / 36 of 1000 / last-modified: 1669205225"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 23 Nov 2022 13:44:16 GMT

GET
H2 200 client.js Show response
cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/ 64 KB
18 KB 276ms
125ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: bc17bc7bd77c3964e9d71c2df3f1e6a70437059ba2ee261f21d6fd54f964c57c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Mon, 31 Oct 2022 20:06:58 GMT
date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 19:58:33 GMT
server: nginx
etag: W/"636028e9-100fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: REVALIDATED

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 254ms
123ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d162ec122781019246cb097761ece5bfa1d3c0dd220a9c0eabae6c324cc77bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49279
x-xss-protection: 0
server: cafe
etag: 8534185091747993860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 13:44:16 GMT

GET
H3 200 logo_uk.svg
risu.ua/assets/frontend/img/ 79 KB
31 KB 232ms
225ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/logo_uk.svg?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e571a606de4d37373afdb6f9cebc7f0bd2c2f2cee7cf31261d7c32a5e35d121

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2307685
etag: W/"608bf281-13d0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ra6DthkJORZJ5rEFHmgHcF8h0hXTLOrryieh9G1tqq1J8gJjMjRQEzqLkcu%2FkgQgrerPntlytqrtpoufPdc7ttOsdZAJjC2dMJvfWnzODYToUvHqvpxtavx3O0eKmbXI2e4GhQzQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4ed1d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menu-arrow.svg
risu.ua/assets/frontend/img/ 239 B
690 B 234ms
228ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/menu-arrow.svg?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ac7f1471139dba4812e669add5bb3afed07adc983d26670e807d60abc64594

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 49643
etag: W/"608bf281-ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYnJl5iMwNHiq9d92dZYlVR9V%2FUQ8KrRiSI2R43Q5JPRQwiAyVnHt1K8zDj4P6Xu%2FqvuxSE%2BmrNS0eyGxwM3BzzR4wmcQv4HEksW4x9ZBDkCsa4Dm9A4i9%2Fo0i1j4sfdir%2BSXkHu"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4ed4d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 hot-news-icon.svg
risu.ua/assets/frontend/img/ 1 KB
1 KB 234ms
228ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/hot-news-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bafcb6ab81bdb8dbb3c36883f4ccf3bc15d5e89ebeccb43b34515d61dd8819e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1993097
etag: W/"608bf281-51e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTmIi%2BY66Oa8j6QCr3rrnWM7zlqw8qhXnYkWEzdSNLrFsC0nO6opVPEXHaJaZkFMDIc5g2yox6rebT3kiKpJ%2FqWEWFr0Updr8Q1JG9aFfPVXKeTStRwHeFK%2FISLnJNrWHPAFrlZY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4ee1d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 video-icon.svg
risu.ua/assets/frontend/img/ 1 KB
1003 B 235ms
228ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/video-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18bb0899ef9cc7bf9feca9f960cd72b984105de7836a496402134e0766cd2aff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1901357
etag: W/"608bf281-412"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGXyWdAF7Hl0HzpdIcaXlAxo9jmh8TFScdbE0BjFU7pX03DOyVRSACGDpe%2BjmrMBQUTmHsNotwdH82UwNFNG6p%2BFCeWWllGns38y7N36HfXaoc2b7s9h8yeae8EIwd94mDD58T6M"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4ee3d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637dd3b17222d327879694.jpeg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 98 KB
98 KB 409ms
402ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637dd3b17222d327879694.jpeg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841b233f7a53cf61a78a7d33ddab35b6e87a782a721d92c5f76d44f6e8dc78c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100126
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNRwUVtyVXW%2FGbYVttKdx9MSD3qthEGdjQO%2B5JBzzlSdFY1losxIX3LFi77m2SmrDF6KExxtz1nfBYYU0v1uzU4EvTVkB1yRy1giP8QLd24VoxBEa8r8TMz2G4b34vSkvT2hYme2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4ee7d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637b751c25f78499740981.jpeg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 68 KB
68 KB 410ms
404ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637b751c25f78499740981.jpeg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc19e3507f31173b5df84b7bfd3880b06c5e91e2afed7dd347bec9a3d86ca02f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 69356
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGEKvIChrc1nulYrHNo4k5Ag%2BiRJZ2fjZvlOdVp6Wfl5RcdGwlhfgNm%2B2KaFqonUehubsxW7n4O4tWV8u6i64hoDwwsrhI5qHzVL1GZMpKHmS2NgoZQfyovpJTe8q7Fp32lziS5x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4ee9d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6379f1738e0bd871332832.png
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 116 KB
116 KB 234ms
228ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/6379f1738e0bd871332832.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e816fe894ebca2810aecc4bbe22d46946dded89e495dca949926a7285a6d78f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259111
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 118695
last-modified: Sun, 20 Nov 2022 13:45:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDFdCf99uAEnlFg65K5Co4YBAaAQHIfGfLNG1GDx6ZO2oe4fwGXXWhwgbD34VtUOY1QWv5WpBfRjt8vn8VFr9HJdYKC53ymjaiuIUhhQmXo8Y9ccnaAhaiB1qTsBu%2FwsI2idooYn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4eebd17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6374c86ad587c585872994.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 63 KB
63 KB 278ms
272ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/6374c86ad587c585872994.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a3927be1166e16288f5a301bf613d342a190cf72c44fa295a6a3c681d671449

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605857
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64327
last-modified: Wed, 16 Nov 2022 13:26:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umgFLW1Xu1gjw5LQkMNTcIp%2BbTgVvEGuxOtQXburpvaxqGFhCWp11vXbAW%2FvAU7rEjU7YEVQjCw5qeizoLRO5GQhK%2BM2xoF7pgYrjfRWW%2B9V5HZDkdBrYp5o9ctNFr62hzMk5oeU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4ef0d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637783aad8dc7352477018.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 58 KB
58 KB 317ms
311ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637783aad8dc7352477018.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1513d153aa3464a73b682d725308214fa0b88140c41de4ce2fde27bee0a1e076

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178216
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58935
last-modified: Mon, 21 Nov 2022 12:13:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gK1DHQcwO7SGmD9R0MPRiJRnBtM5eMQq67KOYL2YyLFx2QW1WOcGrElfRVbeU18iwO4ep%2FoNjQZN3yUWhMFOt5aCtZ5shWX6YcETcHvushXBgaxkkxg1mf2zTr1z9W9SkSwPLQ%2BU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4ef7d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637788473298a371342711.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 186 KB
187 KB 87ms
79ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637788473298a371342711.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74ea84d9065e82974181afa0b7c705ae00631db9afe091361a0cecbc9a9cbb45

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170315
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 190907
last-modified: Mon, 21 Nov 2022 14:25:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSqyt7dSWcBZkHVJk7K5mu5vbpBCaXyFhI2mFplrjoP5yTQbK3VkM%2B0%2FEO3qekl6hEA8nxtSEnWfEuR3pA4LWx2Wd%2FdGQN7FVl4cwBzOUDYpXlPqEbp4DnkmOCGlX6W3PnOjsBmR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4ef8d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6371f26eedd42545411299.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 96 KB
96 KB 360ms
354ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/6371f26eedd42545411299.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22670130ada83d3b1e1ff43d22ecac77ad75418a87b1282930657e0675d9d5f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45861
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98143
last-modified: Wed, 23 Nov 2022 00:59:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2Rvf%2Bm6%2FN%2F2ZX4oPiEIkBEcsYtLFffZWwRSOWobnk%2BViZKbQs7yz9zYIonl%2B1W213OuKaWHbxbBeAfr1EwvST4L05IJvKEFIkiA8Oh%2BaveCXf7qKcJK4v0uVZw5FKIajhxOfIu9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4ef9d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6370a834e1312375712008.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 123 KB
124 KB 364ms
357ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/6370a834e1312375712008.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a25a5abfba2b7d9a232989bd29d4e0c2c757abc63dd087767edb16242f6e4ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45861
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 125942
last-modified: Wed, 23 Nov 2022 00:59:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2labsi2AMAZaLd9k4KgkVZd8wK3sbyGjZYOhCNJMZyhuM0DbMkzwS1MpQUFnLVNCD%2FR%2F2rY%2Ba8gShiA9WMsx4Rku9PL68zMn8OShhx%2FuXUa9eRMKoXahD7NVO3sdafn55VIjXCiJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4efad17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 636e087083512347669267.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 147 KB
147 KB 365ms
359ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/636e087083512347669267.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 685710469e7e92df44c15f49b547f66291de983053e19aff7ee6df3d565ada75

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45861
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150028
last-modified: Wed, 23 Nov 2022 00:59:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JdjvCmsJ4nVhF8lFsz3BjPPOcCHlq%2FVBr7WaxH3TTaJuLmqo4sKOzgu5Uv%2B%2BgPgq%2BXLBbCJ2im%2B3AdOqQk8XGfgxHyyYjdaqP3GLRXM83II1BbCXQ1HZChSUMzhn%2FlfO9W1sFmm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4efbd17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6374c0934a7ad046535547.jpg
risu.ua/uploads/110x110_DIR/tags_images/2022/11/ 3 KB
4 KB 133ms
127ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2022/11/6374c0934a7ad046535547.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca37aa2c5511db7747f57cdbdbfc96022d2054698ca3e11e02a2e69ff26d2ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 605857
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3031
last-modified: Wed, 16 Nov 2022 13:26:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnuBzLnSKqRuaRZDCEoON4vQAJk7cRz8zYo3AYXP9BubO1M5OyzKcTQUMo0AW1Ykv9heGKJtI%2BKbmLNATL1J59b3%2F%2F%2BKhgkwpye8u09nFzpQ8Kf4DTeDCc8xMiv%2B6U1H08Y0x%2Boq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4efdd17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5ed0bccf87a4e552535871.jpeg
risu.ua/uploads/110x110_DIR/tags_images/2020/05/ 4 KB
5 KB 410ms
404ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2020/05/5ed0bccf87a4e552535871.jpeg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40fcf971b534a835406fdd12ffed98776c9aa4826e24e2a13161cff745ad31dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4493
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRR0uM6ORMLHj1XUL4VEvU89b3%2BKFoiKoa%2BHB5lILNFZSY2XM8upRlfS9ljsmOnJXVeXqQa8Eb41gRgrkIrxL7iOypri15mQ2ffJDPpEgobIOY67Gza17jUUf%2B%2FQIDK5O6JlpR4w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4efed17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61b9a077642e1563597226.jpg
risu.ua/uploads/110x110_DIR/tags_images/2021/12/ 4 KB
4 KB 495ms
489ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/110x110_DIR/tags_images/2021/12/61b9a077642e1563597226.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acdb621b0fbd1d909a8820fdd12947c86a55bdbbca0c2566036bb3a76b5e68ce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3830
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdxAC2igS5trrN8GAjUnNLywCV%2BSU76DbrR%2BK11z0l2%2F24TDD3JTSTcUKOVlLBhlx0LH5v%2BXJdXiCf51tYjfejYWb8OzgqhE8gr6Mau68qvyACJqVGIwB3K121ZEwwZEnEWPJj%2BG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f03d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637e0758dd960703560977.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 48 KB
49 KB 410ms
405ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637e0758dd960703560977.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fba598f7eee7d6651ad38985c28f9dc117cc2f0c2b267cce44a7f93759bd813

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5440
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49302
last-modified: Wed, 23 Nov 2022 12:13:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9WQf9qstFDt4xHHPIpiodWmRRyfLm042wkgrHM3L7eBXvylG1f2nnpwtyMAggUIr4YhjDPQ6gERiZinqqwBG7tEBmrmQWsAMh0ll8QQQVLTUdskOsv%2FrIBMoTcVvS5FpaMkNpEZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f06d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637dec49aeac0159840642.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 57 KB
57 KB 411ms
406ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637dec49aeac0159840642.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcb00da3e77b86ca717f603907f0e4852d31d6df7db999e2076cad4c1f3be182

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57868
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMJrIzuVEjEKEVaOKpztr9HoiRaOhs7sFq3ABO0AWbDpC8n1CZakjUtP23hakYB4cpMBh9WJO2OcljEIASyRS%2BwBQlcAVMXIAwxkJOXl9LpnZwqVgSfZfUQeF9mkh4J1WBhJubJu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f07d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 637db5eca9038293411551.jpg
risu.ua/uploads/740x555_DIR/media_news/2022/11/ 52 KB
53 KB 412ms
406ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/740x555_DIR/media_news/2022/11/637db5eca9038293411551.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4777abea809d6574822327d56f94fb8b8a4baedb9ca7a29e7aee17913050206a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53514
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oeMgzi2HpQgv1INUpu%2Bp147A9l0pC%2BCWjLxVl3nntvv%2B42JDfCL%2BfyDrky3Ql6Q%2FxBEdf8IvKzrLFBX5Zw5l5zxi6ZjgnQnso7pyXqOaSZpX3cnCy8i72w6P8ZDtCesJJ1jtIVq"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f09d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 6333f4b503cd4015638230.jpg
risu.ua/uploads/580x328_DIR/tags_images/2022/09/ 81 KB
82 KB 413ms
408ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2022/09/6333f4b503cd4015638230.jpg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd50510bd8e9cc6751f2e2404f6aaf786b70fffe0dd2efc6e0357aab1fbb501

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 170314
x-cache-status: HIT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83102
last-modified: Mon, 21 Nov 2022 14:25:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjmkoRr08Zoa%2FTxu3%2BjF7zJKvsA57KKAcCGIJ%2B4V0wFlPNhvLEA6PRPUQmsJbnsazs66vyRQcZfLWbNKAhac%2BIB4vQQivPVLqveF%2Bymgo3szWp2T7Ksb0xL4KqVoTAOY61df%2FZ23"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f0ad17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61ce308dd9c9b697521209.JPG
risu.ua/uploads/580x328_DIR/tags_images/2021/12/ 21 KB
21 KB 537ms
532ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2021/12/61ce308dd9c9b697521209.JPG
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e232ec73b57ae121611a53388b54b85b5f44b1570359abdd812a618bb14eeeb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21293
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrKYiDzf5HY3Fh3HOm9lJSiSHqvntXLNszTYvVzipVH5PQKD%2F8sy6SuQNNn5mvXd3d9h7PRYUIZ2LKzAzOqAPQ8TpXjDqNndWN6rjo2WX7iOCDpYs74h6zuWCckSCNzp3fsSrZ6a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f0dd17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 61a741495c4c5997061457.png
risu.ua/uploads/580x328_DIR/tags_images/2021/12/ 53 KB
54 KB 585ms
580ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/580x328_DIR/tags_images/2021/12/61a741495c4c5997061457.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151a7259f7b7ba9f238f2597a72cce7d2671faf4b4660313ba5c0856eeca1bc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54467
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAb%2FMT9TpVpVavXB3VIVHWYm%2FsqZxIRkJJ%2FI7hv%2FFfY5iR5mPrNCLTESyZdKuxReaNifC%2FZquJ9QHKQRNbPib6k%2FH4iSH%2FVuB3UqNkvKsdHS9Phj9rzDqUOQr39PRJWwkdDX4m1h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f14d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 no-photo.png
risu.ua/assets/frontend/img/ 7 KB
7 KB 459ms
454ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/no-photo.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0eaa2887a0752b226940babcf52d8041babb181409b1bc233137e625bfd455

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "608bf281-1b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1wS0F%2BAmzBE41Wc%2F9TMu9a36W7iCu0h0yOSQXiHRNtMhtPKIJ0KlP630qj54%2F%2BTHDawwh%2B%2BAqlo4AAPbmRvX9kKBcgCb46yjk5TzpSr4UkeAR8mg%2F22pigSM6UXPprIvT9YwfLY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76ea56ab4f15d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7059
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 5f55fd7b87854447750778.png
risu.ua/uploads/380x215_DIR/tags_images/2020/09/ 21 KB
22 KB 538ms
533ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/uploads/380x215_DIR/tags_images/2020/09/5f55fd7b87854447750778.png
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06c3c78658ced02c04d2e3c64352e3826410cbabca43309338f6b56f9d935d19

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-images-api: 5
date: Wed, 23 Nov 2022 13:44:16 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: BYPASS
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21536
last-modified: Wed, 23 Nov 2022 13:44:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze1R1ICYQvecfBwTq4H13gGEQbq%2FmEk1Pp6tQS5YK909iCBf6hZbPxc%2FK4JRwvN6%2BMl5WBrIl3kLPUhdInt2DEFrLvxYdIithWCR5hvfWsCyuqLteyu5fydXUEQ7xoP8hMKE5Tah"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76ea56ab4f17d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 email-decode.min.js Show response
risu.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 57ms
55ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://risu.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Nov 2022 12:02:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b68ca-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S7wXnz5lEXzuo2V5BBUd5dbju0Eded0Sri4%2FznGyzhe0Ln7Csu4ficslEc%2FyBYLqRsI9r4bcZ6YKr9Caz0XiYLbE5JTVs5i6g14QniXTvDUh8Q%2FNVlUcYeLxBeup2lAjRBgRlF4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 76ea56ab0de8d17c-LHR
expires: Fri, 25 Nov 2022 13:44:15 GMT

GET
H3 200 app.js Show response
risu.ua/assets/frontend/js/ 281 KB
80 KB 187ms
185ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/js/app.js?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce3158f1fc0138d17fa3fc4d8c43b45b652fd27820cf1680b9fdc7a2246b6e6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25413678
etag: W/"608bf2a6-4625b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BorAtM02S57nF4Xbq26V2fjX9e65JQyzh8hwCp7H82T7cB6XdpHh65QihvnoIVeHkaBVlvWjbQNQ7BXQO33XZANej5zzHtkuC%2BmuGrdEjbYl6mr4uzGcPHG0vFtyuKjYzpehpnMe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 76ea56ab3ea3d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookies.js Show response
risu.ua/assets/frontend/cookiesAcceptModule/ 4 KB
2 KB 233ms
225ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/cookiesAcceptModule/cookies.js?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30c9c218c59a131fa94959c526e27e7335018c04425ac5c02b1ffeb7e55b9962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25413678
etag: W/"608bf2a5-f52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ABMg4XDLyiewMRzKS1U6BGjp1ZavAUyPs6KwF8jW6%2BdaFz%2B8g70dnpV7kyJytGvjAIfjsiJYEyHvyJOj6%2FuQW1Pot%2Bvgdo3BKNoNfxzXzosEJup8vqbuIog0SFRo5%2BFPm8an3tm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 76ea56ab4eced17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow-header.svg
risu.ua/assets/frontend/img/ 331 B
709 B 411ms
407ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/arrow-header.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd5dd4ce320f783a40597f79027f2187cbe41497a923f25305b98665bfe9b3e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4172474
etag: W/"608bf281-14b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1udihogpzsEYPOJhutyjvUMZVwBe3EDYMOA%2FUF3H0dfXSflZpYBOUVqSPt8gunddmeLS5PEpqyDswQpzfesaf0tpWDE7xj5ir2Hi7szAI4t3aWm5GHTqC8hA6HoWVQJtjSOdC2Z"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4f18d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 arrow-language.svg
risu.ua/assets/frontend/img/ 141 B
635 B 411ms
408ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/arrow-language.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f0783d5695f7b6bc2b6db15c813d63525bf53fd48021c818ed4ed220c7074c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25413678
etag: W/"608bf281-8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=re6NXJFeJEj8q7v87FQtlxxrgRUkXhGtbGZxE5p2LTFho4u7liY4x9l6w36p4xF5J5f3T8TSn%2BBCjNEub8XmkX1j8Kp5Bg8gpadey%2FTf%2BXQg48KZ%2FFG29F3TWgWDPys%2BtT1mQxXn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4f1bd17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 search-icon.svg
risu.ua/assets/frontend/img/ 274 B
702 B 411ms
408ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/search-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb511816e2641b5d54a718b6d2b6e2be81a51cd9a5df9ce627cf915d124a4e16

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25413678
etag: W/"608bf281-112"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6AMRSU7XmALx5LO%2F%2BWuCwOupO9vb3the8Ob8bWSzxOciOY8XDWbZmB9UrQk8Ah97J3eMWNdjN%2FU5712GZjEDZZ3nCoN2goZTNIE5eWJTgLEQZL9bVI17Q3HYDS1nxeklEVVIohY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4f21d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-SemiBold.ttf
risu.ua/assets/frontend/fonts/medium/ 238 KB
239 KB 410ms
408ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/medium/Montserrat-SemiBold.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25410814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 243816
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3b868"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEVX%2Fp15m3oa8wK3rpr%2Bk1S5y3Ex4ptqTBqpUz0jr1tOjcWCWr4%2F0Is2IJK5tQyp6BAtG7IaNZzIdgc5eD6rV9MY0e37b9YjSi2b%2FKbGcov5iNAAxb8xejxYiVx%2BMhYduzOraNey"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76ea56ab4f23d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-Bold.ttf
risu.ua/assets/frontend/fonts/bold/ 239 KB
239 KB 447ms
445ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/bold/Montserrat-Bold.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25410814
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 244468
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3baf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjDlzSZAySKhGBfU6cHmmKEDke0GAwGDyzan%2BSvg%2Fy3T8uyq0zf8Qkuo%2BpGUAjTvDqYqi3IJyX7gwnxBWhg2tApBdTcGXdxDcBohHe3szrhZAOyqJNCUA%2FGFciZCU9ggOD3ZBqu7"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76ea56ab4f24d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Montserrat-Regular.ttf
risu.ua/assets/frontend/fonts/regular/ 240 KB
241 KB 129ms
127ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/fonts/regular/Montserrat-Regular.ttf
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525

Request headers

Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7090027
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 245708
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-3bfcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bf9SC%2BZDYQxusgttPJiAZMtkWd6NhTy29G%2BSipD61eDuuJ9rc3XjL0Du%2FY68EL7BYBgME4IbTrD2jcqOALS0YMwwlnn4KvobMKOu1pskw7f1hmU30zKW0d0eIdan4RHLo0DpIBnB"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76ea56ab4f25d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK /
c.bigmir.net/ 331 B
586 B 362ms
86ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bigmir.net/?v16956114&s16956570&t30&c1&n805172&w0&y0&d24&r1600
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 26517434c988e12f70c2af912f19a9d84db7343fd77ba0600084a8178c321ea6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 13:44:16 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H3 200 facebook-pink.svg
risu.ua/assets/frontend/img/ 380 B
775 B 472ms
471ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/facebook-pink.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddcdcee860870f3376e2bbd699c7ee6100b0b207a44052354393254c72c37506

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2092555
etag: W/"608bf281-17c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOga4qH%2B6rHIRK0HTv3AYVSh6rFgyVG%2B0xB1ZD76pJKPU7%2FLESVsCaqzP71n213zjuDpA4Fjm0HwmbYHPY0kR0zMuYBqKxe%2B17dlq6pmIf9BxazqjPWRMugfG5qaZzA%2Ba0pFBpzk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4f27d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 twitter-pink.svg
risu.ua/assets/frontend/img/ 652 B
908 B 472ms
471ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/twitter-pink.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4c61d4c30e1d5dfab6fcab843dd3aa7402ae59a8a5a33c265e42bd755a418b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25413677
etag: W/"608bf281-28c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9TUolWlC4eYz3WtHvK74PrdcTCA6cT8IjERz2VeNcWvmv86tv7ZBhHcrpbjCW6aSYh0sJO%2FNsc%2BhCkuBBeADzFt8cPvIuda1HvHrFMhPPVeOz28ohn0rHfw7Owa0Yl7CWqmF%2Fhc"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4f2ad17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 video-icon-white.svg
risu.ua/assets/frontend/img/ 1 KB
1003 B 469ms
469ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/video-icon-white.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c03b4c6717847e16573f7ae823df8bf1df9fcfa158360f79b2f10da31adbe4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"608bf281-40e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsXWZR65b3oyQKL%2FgXcnkvrL8dffrde57pb6%2BLVY5f4IoxouafdedY%2FaLDLHqhv6rkuHuaL4cefi4u18x5s5r4PgVrLAGwSko3%2B3f4zyVXWFvfh06S7EH7wymtcp6L1wBNQNkbPZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4f35d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rss-icon.svg
risu.ua/assets/frontend/img/ 585 B
816 B 467ms
467ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/rss-icon.svg
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33430a4e18aa10ce687b1fa837f8d69cbd82f5f16ae8bea30c44c6546835f77e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 579210
etag: W/"608bf281-249"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5RlxPj8umf1Xes4p1OQYa8SGLXnvwqrLpRcgZDOV4Ah8FVRbmNpQQNwS1MI2DRAIoYCe6aUmLZqbZdF6EF7qA%2BZ49SoaAG6af1H58qKP0mDVKds7SshdH%2F%2Fd6kp5uuGHj7Wt4uQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ab4f37d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo-luxnet-gray.png
risu.ua/assets/frontend/img/ 702 B
1 KB 465ms
465ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/img/logo-luxnet-gray.png
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/css/styles.min.css?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af848f4cfd4ca713e249c26e739c5da98ce59a9b38f5e7811f41ad2605123ba7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/assets/frontend/css/styles.min.css?v=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 702
last-modified: Fri, 30 Apr 2021 12:05:21 GMT
server: cloudflare
etag: "608bf281-2be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipKqmXNDq4WNJiWQQrjxGz2cO9Mkr5d3v1gr4PHM%2BSSuBsyqDNzGEeC%2FM0Qva7%2BSDn4uQwnyeTgisQbSywyPyOkb44vdDsbt5GiVjWfJrRXaoSXo3PCCOeL736pd%2FIhGf1cx1L2I"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 76ea56ab4f39d17c-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 178ms
57ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11950234-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Nov 2022 13:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1167
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 23 Nov 2022 15:24:49 GMT

GET
H3 200 cookies.min.css
risu.ua/assets/frontend/css/ 1 KB
1 KB 220ms
220ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://risu.ua/assets/frontend/css/cookies.min.css?v=91
Requested by: Host: risu.ua
URL: https://risu.ua/assets/frontend/js/app.js?v=91
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16555ef1cffe3379aa4a915ec6a51ebf338a0d51ffa4409a3da31e0bed2c2cee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 576747
etag: W/"608bf297-5ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3b1VBKcynEt7rgv03gGUTyxokea8IMDYhnkw4WdSOTEWWS2UdK2ndz1LTh9PPrfwvVvcP7GldRbkf4CCIx%2BTlJqn38LAXsJn7o7qNsFWhqAfz5WDu%2BvOpMeMIqxOeMKyhUI5RvZ7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 76ea56ad0a03d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 close-popup-white.svg
risu.ua/assets/frontend/cookiesAcceptModule/images/ 971 B
982 B 220ms
220ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://risu.ua/assets/frontend/cookiesAcceptModule/images/close-popup-white.svg
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39a8fca170c2500aa3a659d9628cfe602522d33191ef0a9ba395d315b49452b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Apr 2021 12:05:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4172475
etag: W/"608bf2a5-3cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qefSXGCnaH9T1CI1r3dbFi9AXHlelPbCy90xJtbbIZbKiikEj0W1G4qijBMQUE1DW7MgZAh%2F9Oi4Et%2BCLEKC41lquiPGA4Rmpq99QBysyyZ9iQnldcWrQBLEzMPQgWWrIEBE%2FfxF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 76ea56ad0a08d17c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 173ms
58ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 12:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 12:55:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
77 B 207ms
92ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a77560cffb10516a81a0ecd03a1d373fd4d5778d6e6f3a59058d925d91b483d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53
x-xss-protection: 0
expires: Wed, 23 Nov 2022 13:44:16 GMT

GET
H2 200 configs Show response
cdn.gravitec.net/sdk/web/ 2 KB
1 KB 186ms
69ms Fetch
application/json 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/sdk/web/configs?appKey=acf6494db584a05259a7b96ad5661584
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f2e744787dcdfb50e0aa6ff2612e5531fb7b13334f5636216fb87fb49986f2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
x-correlation-id: 225479e6963021ee0da66560be9ecf55
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-proxy-cache: MISS

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 239ms
124ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-9928410365207988&plah=risu.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92c284b7367738bfd6e8e319d460e70f30a6ad4fc714ee9247b43515b2fc56ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119613
x-xss-protection: 0
server: cafe
etag: 15972613634848321856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 13:44:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame BB78 10 KB
5 KB 179ms
56ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 12:40:30 GMT
etag: 10353107486223812946
expires: Wed, 07 Dec 2022 12:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 180ms
64ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=463938674&t=pageview&_s=1&dl=https%3A%2F%2Frisu.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BB%D1%96%D0%B3%D1%96%D0%B9%D0%BD%D0%BE-%D1%96%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D1%96%D0%B9%D0%BD%D0%B0%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20-%20%D0%86%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BF%D1%80%D0%BE%20%D1%80%D0%B5%D0%BB%D1%96%D0%B3%D1%96%D1%8E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1712363604&gjid=8607482&cid=1900202037.1669211056&tid=UA-11950234-1&_gid=1408347472.1669211056&_r=1&gtm=2oub90&z=200110611

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://risu.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://risu.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track.min.js Show response
cdn.gravitec.media/ 4 KB
2 KB 187ms
57ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.media/track.min.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Tue, 21 Feb 2023 13:44:16 GMT
date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 14:51:46 GMT
server: nginx/1.18.0
etag: W/"5dde8d82-11d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7776000
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 184ms
63ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 192ms
66ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=risu.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
13 KB 133ms
133ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=183998554022169&correlator=4256686638118057&eid=31069126%2C31065825&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=22089206648%2CTop_banner_970x90_all_pages%2CBottom_banner_970x90_all_pages%2CMainPage_1_970x90(970x250)%2CRight_Side_1_300x250(300x100)_News_page%2CAfter_NewsLine_300x250(300x100)_NewsPage%2CAfter_NewsText_580x400_NewsPage&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x90%2C970x90%7C728x90%2C970x250%7C970x90%2C300x100%7C300x250%2C300x100%7C300x250%2C580x400&ifi=2&adks=2389199358%2C168509343%2C3692737370%2C3703452599%2C974587042%2C2722939886&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669211056501&lmt=1669211056&dlt=1669211055732&idt=737&adxs=240%2C315%2C210%2C-9%2C-9%2C-9&adys=88%2C5617%2C1463%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Frisu.ua%2F&frm=20&vis=1&psz=1600x6696%7C1600x6696%7C1200x0%7C0x-1%7C0x-1%7C0x-1&msz=970x-1%7C1600x0%7C1180x0%7C0x-1%7C0x-1%7C0x-1&fws=0%2C0%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1900202037.1669211056&ga_sid=1669211057&ga_hid=463938674&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da230f6d6621816f59f4a97027c81452344f22f7411c49844893a1d14a3e63e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13530
x-xss-protection: 0
google-lineitem-id: 5558920724,6086101189,-2,5549285903,-2,5565522436
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138333809203,138400798637,-2,138332241179,-2,138359238729
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://risu.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97CC 6 KB
3 KB 205ms
61ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:16 GMT
expires: Thu, 23 Nov 2023 13:44:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
693 B 178ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=risu.ua&callback=_gfp_s_&client=ca-pub-9928410365207988&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=pub-9928410365207988&plah=risu.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

131981a3fd726e184a038e7ec9c60db3db2f0ff128160ba5d687bf39457c6825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Frisu.ua%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73AD 603 B
69 B 203ms
94ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=pub-9928410365207988&output=html&adk=1812271804&adf=3025194257&lmt=1669211056&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Frisu.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056200&bpp=3&bdt=468&idt=419&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1062381632520&frm=20&pv=2&ga_vid=1900202037.1669211056&ga_sid=1669211057&ga_hid=463938674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C44773613%2C44770881%2C44778767%2C31065825&oid=2&pvsid=183998554022169&tmod=1461548630&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=440

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:16 GMT
expires: Wed, 23 Nov 2022 13:44:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E058 6 KB
3 KB 55ms
54ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:16 GMT
expires: Thu, 23 Nov 2023 13:44:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C34 0
0 94ms
94ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstalu0633pJc0sDd4zZfxY1DfmyDzk16b41Ccii97m0os0Dc3qqD9h_7OguIA9MhEzMcEc47ZgYZRjgKuFXkolfsagtAN5snOGJ1wBj7XJId1qz8ml31SF2AQuP140Ihc_vOf5CNnYu6rgW2K1n9oHDSJSc5-CerHOdDXjMWRSmYCPCQXnj4ImhF0s-To6CkbqQ_DbyURFNWZpnvYZM3DrWz5HdGu4TXpAF960b3pv6feqEQsPfxXxqRTzx0xjZTLomyPmzDIxQRj4SWpSyffc2uLqDxZsFMS5X0uqj6ougEKPzrl9buU6y396RxePN8O1JHwQKrKteKFiMiPAM&sai=AMfl-YQjHENiV94tkwkQDhWKG0wo9eLF9aeCTWzF4SxG3Ez-UF99Hq44Ikst1Xlajz-Wf_8r9LhLeHs-rr7EDKXJBFLs1bBtZom1-mwfCOVs4i4wBBv4OpLkcbgj1wkgZnytw64ErD1a1aav_1vXwCHBCA&sig=Cg0ArKJSzG3Fqeqe-0xfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 13:44:16 GMT

GET
H2 200 risu.ua.1319990.js Show response
jsc.idealmedia.io/r/i/ Frame 7C34 2 KB
1 KB 172ms
71ms Script
text/javascript 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161ba823ff6b6192f510ac88fb558941d2f635cb1c2ab4edc38f78014f487b05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
x-amz-version-id: EY4EERWnSERbeJ64OyElgNG8f8QFc2tr
cf-cache-status: HIT
x-amz-request-id: 7GR47Z0E7XNA3DN1
age: 2482
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 915
x-amz-id-2: +MvEmB9/DLwLKRGTNV7VZ4ng/P6WsoXZvtwlv7XiuoRMZWrSuEx5oipW96PlUvCogyUUS9zxgxI=
last-modified: Wed, 23 Nov 2022 11:57:01 GMT
server: cloudflare
etag: "cee5e20522e9c0ce8a43bd0684d82b5f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 76ea56b0ffe4dc83-LHR
expires: Wed, 23 Nov 2022 16:44:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C34 154 KB
48 KB 2121ms
1998ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 13:44:18 GMT

GET
H2 201 track
api.gravitec.media/api/stats/ 0
0 174ms
52ms Fetch 35.214.184.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gravitec.media/api/stats/track?app_key=acf6494db584a05259a7b96ad5661584&user_id=4713a21f-a454-4957-9969-fd56f7e0c356&utmb=b7fda08d-e8f3-4bfe-84b0-3d3b6ff1fbba&path=https%3A%2F%2Frisu.ua%2F&referrer=

Requested by

Host: cdn.gravitec.media
URL: https://cdn.gravitec.media/track.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.214.184.209 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

209.184.214.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1 ; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:16 GMT
x-correlation-id: ddd31ec990ae86a1493d5f6d9b8889b4
x-content-type-options: nosniff
referrer-policy: no-referrer
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1 ; mode=block
expires: 0

GET
H2 200 0.bundle.js Show response
cdn.gravitec.net/modules/ 9 KB
4 KB 60ms
59ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/0.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-2550"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 1.bundle.js Show response
cdn.gravitec.net/modules/ 32 KB
8 KB 70ms
70ms Script
application/javascript 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/modules/1.bundle.js
Requested by: Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/acf6494db584a05259a7b96ad5661584/client.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: gzip
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: W/"61fa486f-8092"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
x-proxy-cache: HIT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E058 24 KB
7 KB 179ms
54ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com
URL: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Nov 2023 11:28:39 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E058 143 KB
48 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com
URL: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd9dae49cf9a5c7a0fee94dde16f228113106cf36275bd303b0756544077d2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49044
x-xss-protection: 0
server: cafe
etag: 6465862241936043283
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 13:44:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E058 154 KB
47 KB 2149ms
2080ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com
URL: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 13:44:18 GMT

GET
H3 200 risu.ua.1319990.es6.js Show response
jsc.idealmedia.io/r/i/ Frame 7C34 271 KB
81 KB 240ms
189ms Script
text/javascript 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5267fb78ebb1af0730b1e660299c978ab45d465bb65f019295b6c5760da3c155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
content-encoding: gzip
x-amz-version-id: nSfv71zKIGcJFK0yiDfdKgD.5ygw2V2X
cf-cache-status: EXPIRED
x-amz-request-id: AH4BMS2Z74B0P865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82719
x-amz-id-2: F8Bmxb/lwaYHNGN29JgOW2ZWigRozuiy6/ge7wKWv+36namv2rN4Y2Hx0x2LdgsWIlxxLFTUPLk=
last-modified: Wed, 23 Nov 2022 11:57:01 GMT
server: cloudflare
etag: "4482f08371cd2a2064f6bb53d620215d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 76ea56b1fbee88c2-LHR
expires: Wed, 23 Nov 2022 16:44:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E058 0
0 94ms
93ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8s0IAUakjEmssrIdV8hbI-LIWWA5CQzycV5YjQAuYvtU0dRNefPyMeOLdZBRAyQ3nVSyImdHzia5HSlqk6aFW-B1QmdVjKLknoM2SEQtizRWVBhOrnIzyJO2OTFH_utvyRrtIg-_x3ODSil1qi0ZWxDGOmH73KMF8tMSFzmGkxz4OeI5Fj8GXIOWoiJIoKtlxSUBLnH0zqIv3uE8aD3bYA5cJekMCfm0tp3wVn_bLcGF-XReDx1IjDVTpOgGeSvDBfVGmsa2ZoxXdZ6EsXSiRc9mqfrYg8RGSZ3lKCAkj8WI--b4IstdGvL5auF_B2oPe8JYqM35G3Y9h&sai=AMfl-YRmfeKHU4JyX7DKXNAUU_P2VHJcj0wF6vnAwDRy17wIYjUh53UottrINN8I84zPMSetDWSeaew0pg1-t15hDPjXQwzKTCvwirsBdhc2OPadonKSf7OwNHQvJ60LBjuX_4FvM2gqirJJHtFkRoxjIg&sig=Cg0ArKJSzFjT1ZIO57EYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com
URL: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ Frame E058 354 KB
116 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9928410365207988&plah=94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com&bust=31070969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8833f7d490882a64e4f53ef446e81ddbf4962073052d526b00a35a92193061b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 1244074714821168921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Nov 2022 13:44:17 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame E058 107 B
122 B 190ms
72ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9928410365207988&plah=94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com&bust=31070969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E058 107 B
122 B 176ms
64ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0161 21 KB
10 KB 492ms
491ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31f9bfa22a247772810cc1a63fed96e8e011690dc8f5ada34466e75c57f25dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10647
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 28ee5c22-846b-4be3-a8f5-13c5b7459cfd
https://risu.ua/ Frame 7C34 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://risu.ua/28ee5c22-846b-4be3-a8f5-13c5b7459cfd
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK dd276ff2-b36c-4c1d-b5a2-98e637d10fd4
https://risu.ua/ Frame 7C34 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://risu.ua/dd276ff2-b36c-4c1d-b5a2-98e637d10fd4
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 / Show response
c.idealmedia.io/pv/ Frame 7C34 0
66 B 79ms
69ms Script
text/plain 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.idealmedia.io/pv/?pv=5&cbuster=166921105729228182013&uniqId=17372&childs=1348352&lct=1669161600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Frisu.ua%2F&lu=https%3A%2F%2Frisu.ua%2F&sessionId=637e23b1-025da&pageView=1&pvid=184a4bb6c8da0f4ad71&site=809874&implVersion=11&dpr=1
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76ea56b44e17dc83-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 76a89019-1912-44b9-9966-f3b997005b27
https://risu.ua/ Frame 7C34 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://risu.ua/76a89019-1912-44b9-9966-f3b997005b27
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1 Show response
servicer.idealmedia.io/1319990/ Frame 7C34 7 KB
2 KB 126ms
115ms Script
application/x-javascript 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.idealmedia.io/1319990/1?pv=5&cbuster=166921105736456520667&uniqId=17372&childs=1348352&lct=1669161600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1600&h=545&cols=4&ref=&cxurl=https%3A%2F%2Frisu.ua%2F&lu=https%3A%2F%2Frisu.ua%2F&sessionId=637e23b1-025da&pageView=1&pvid=184a4bb6c8da0f4ad71&implVersion=11&dpr=1
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32046da56b13f1a2f1103ceef695dad7a749228a53727a235744cacb5e41a11f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 76ea56b4bef8dc83-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNTIyNDY0LzI4NmY4ZTMxYmY5ZGRkNWExYWJiNjdiZDFiZjVhMzg0LmpwZw.webp
s-img.idealmedia.io/g/6434567/492x277/0x0x800x450/ Frame 7C34 24 KB
24 KB 289ms
173ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/6434567/492x277/0x0x800x450/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNTIyNDY0LzI4NmY4ZTMxYmY5ZGRkNWExYWJiNjdiZDFiZjVhMzg0LmpwZw.webp?v=1669211057-S4LQrTdP0qN7lpzY31sn1xIvOpam-u-RAug9FJp87vI
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dddbd75aae683d703289ec0c0d14f791e9285af8f124a5bf8c5b9d17a24fd8c

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 20:33:56 GMT
x-mg-request-uuid: eec68072-2b75-4cf8-b1f3-30f22bd1955b
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b68b0975e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24682
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS82ODc2NDAvZjI0N...
s-img.idealmedia.io/g/14647899/492x277/-/ Frame 7C34 23 KB
23 KB 289ms
173ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/14647899/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS82ODc2NDAvZjI0NWJiNGEwYWFlMmI2YjFiZjIwZThhNWY1MmEyN2QuanBn.webp?v=1669211057-TFGKn1e3WHTJd4zm5z0sD528y76KNY42fGdbXUX7e1M
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deffde294e38d19eeed24a094f5a9677a95e21f2681d6b7fbb7e56a264509796

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Wed, 16 Nov 2022 14:45:45 GMT
x-mg-request-uuid: a36c5f98-9ae8-4e4c-bd68-d53789e40a35
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b68b0a75e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23350
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNTIyNDY0LzgyZjJiY2M3ODZlYTM1ZGZjOWNlMWJmMTkwZTgyNmQwLmpwZw.webp
s-img.idealmedia.io/g/6434646/492x277/0x56x660x371/ Frame 7C34 14 KB
15 KB 239ms
123ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/6434646/492x277/0x56x660x371/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNTIyNDY0LzgyZjJiY2M3ODZlYTM1ZGZjOWNlMWJmMTkwZTgyNmQwLmpwZw.webp?v=1669211057-LiLLAX9xC-WrlXBWMP8kAY5VSB19WV8Qwm-4eYZt9AM
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ab178395a12efd36784c0885df40b7823d4c70f7a86962ec81a9198407bdc4

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:41:41 GMT
x-mg-request-uuid: 15415b1f-d9db-4109-878e-0da69fb0db1a
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b68b0c75e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14802
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNTIyNDY0Lzk0ZTFjMzdhNjFjM2I5NDdmODY0NTE5NWMwZTA0YjViLmpwZw.webp
s-img.idealmedia.io/g/6009534/492x277/0x17x492x277/ Frame 7C34 27 KB
28 KB 288ms
172ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/6009534/492x277/0x17x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNTIyNDY0Lzk0ZTFjMzdhNjFjM2I5NDdmODY0NTE5NWMwZTA0YjViLmpwZw.webp?v=1669211057-yEBi2JGECNFpP97IfbY8g2tpjHgcCgbwoiL1AsXXG28
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a404838db34111ed9bcf60d6afc7ee7ef9e32d340910da882b16e2a8fda37d27

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 17:30:21 GMT
x-mg-request-uuid: 472f11f7-67bd-4e99-957d-0a41e38b8cf5
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b68b1075e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28050
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNTIyNDY0LzQ3OTg3ODE1MjM4Nzc5NGYzNDQyYWQ2MDEyMzY3ZGFiLmpwZw.webp
s-img.idealmedia.io/g/6009453/492x277/0x101x596x335/ Frame 7C34 32 KB
32 KB 288ms
172ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/6009453/492x277/0x101x596x335/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNTIyNDY0LzQ3OTg3ODE1MjM4Nzc5NGYzNDQyYWQ2MDEyMzY3ZGFiLmpwZw.webp?v=1669211057-LG-YiRH6D5KsO1a8hbSefdLJqbPNTMxMqxkCqTCl2Kc
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae2b6e18b41021f4d35139f67ba892e95634502399fe3a380ed9a3cc61851553

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Nov 2022 19:15:18 GMT
x-mg-request-uuid: f5bd9f66-a2c7-46ed-9c18-6b0e59d3ed1e
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b68b1475e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32944
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8xMjY4MjMvMWJjO...
s-img.idealmedia.io/g/14681472/492x277/-/ Frame 7C34 12 KB
13 KB 231ms
116ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/14681472/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8xMjY4MjMvMWJjOTk5YmQzNzYxMmRkYmRlZjFjOGU5ZTk3MTlhOTEuanBlZw.webp?v=1669211057-3F0WC4aP1drKl41mebrw7ccICxKuFaMjqCYHwpo3Xzo
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee56830bd97eb6646fe94464e9cb12eeb8ab34f4d1ad1e44d9068bb821dc525

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 15:17:26 GMT
x-mg-request-uuid: 4c8ece3a-7456-4e1b-8ad8-ff52329488f5
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b68b1275e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12664
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC81MjI0NjQvMjIyM...
s-img.idealmedia.io/g/13758009/492x277/-/ Frame 7C34 39 KB
39 KB 277ms
167ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/13758009/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC81MjI0NjQvMjIyMDY0ZjFkOWNmMmMzZjAyMjJlOWI5NzFhNWNiOGIuanBn.webp?v=1669211057-PKrUQ54Ahu9ZbBrBWxCvc5q9lVd7OG6uS_-p1uuBO1k
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f59335e7fd8eabb3ebe8724084b8ec13726c5c8c0bbf32fa1d3afbbb7bbecc

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 17:16:10 GMT
x-mg-request-uuid: 626fe84a-284d-438f-b249-fec7728a74d0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b67b0675e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39722
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS81MjI0NjQvYmFjZWNmNTQ4Mjk2YmY4M...
s-img.idealmedia.io/g/10674521/492x277/-/ Frame 7C34 25 KB
25 KB 239ms
129ms Image
image/webp 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/10674521/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS81MjI0NjQvYmFjZWNmNTQ4Mjk2YmY4MjEwZmZkMDg2MTRjOTdmYmUuanBn.webp?v=1669211057-uQW6MZDwrnKUybdqxlCIYRLdtMlWckwQyZW6VRZ4qcw
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 917e3718d4cc1ef390dcd8887ea8b181f9a74eff0928c3a0e9182e26d9eefbd6

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Thu, 17 Nov 2022 17:11:58 GMT
x-mg-request-uuid: e0e3619d-fc52-48fa-aea5-204a68a02de4
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 76ea56b68b0775e3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25904
expires: Thu, 24 Nov 2022 13:44:17 GMT

GET
H2 200 counter.php
autocounter.idealmedia.io/autocreative/ Frame 7C34 0
50 B 202ms
193ms Image
image/gif 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autocounter.idealmedia.io/autocreative/counter.php?id=809874&pid=64858&referer=https://risu.ua/&cxurl=https://risu.ua/&iframe=1&undefinedh2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&cbuster=1669211057548918097401
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76ea56b5e903dc83-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H2 200 i.js Show response
cm.idealmedia.io/ Frame 7C34 0
133 B 94ms
85ms Script
application/javascript 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i.js?&cbuster=1669211057551945055099
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2022 13:44:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 76ea56b5e905dc83-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.idealmedia.io/ Frame AE68 0
40 B 92ms
91ms Script
application/javascript 2606:4700::6810:dd4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i-noref.js?cbuster=1669211057558951894130
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/r/i/risu.ua.1319990.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:17 GMT
cf-cache-status: MISS
last-modified: Wed, 23 Nov 2022 13:44:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 76ea56b5e906dc83-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EAAE 624 B
242 B 91ms
91ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYvuSMzAEwAQ&v=APEucNUsJ9qFsQtaQ7MKjq3gXetES1s8ArwwU-F00jDFOeW7Y7pIGpZVof4B6bYkkyWGK9jm4cdWNhHkw-YvJ0rO9VmIEWpmNkNhymEiPY9tJD-rEJ35meUy2oNYxMT1idgWlNDWeji0S-63t7AnXrJYyVw-mv2ASXLZJHTxd5v_wN53yFe0rPo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DE9F 94 KB
37 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgbBrrss-PVbihxtzPEYTTYlE114zPCkoOdVW0ifR0dBoSgVW9mSjv_fe3b5lr2_IywaR8A5duLq7rfUzh26mKayXk0pFT0IePV1A6BzH-BwW7P55x0sAuUcx0C15Z9plO3_CuQbn0icA2O6yiKRvfilsgI33tzfUsOyq7XeZnPBnhQOM&dbm_d=AKAmf-AM9XLH7QLgABk_ujPFnDreomEg05RPjL4W9cSLvA9FjUmqNxeNsUuXVwt59OHLQyNS87_6bLfj8MCvPu5L0yaFKLoqIgZN_Y0J-UeNha51hn0vFx-EGThEBw4BpwO5WaC2bQRCiApChpO3dQCSci77BKZ_400ARRI5fPR2dR9OMh10AbZiihESCUAHUh9IjV3SWbZkR8swsx4Xx98exNBSE9w76xGVjKSLgK67uI1h9vvG0ShijoUzlmKYF60NwZV2B1eW9K0QlaJR0yGgCykrtgTfxMX5LrMKJfs-Cqp_A8HYCGumFtU4RFFj8eOb5hbemZ5tjZyKOffPf1DccWW6Noy7x2kB7kY7FnxmG6nqfD9RmxHqkwqCiL0lMnpo8EU7XEycVkn1s3Q3kTozVcByf4GmZ6QFTrgJIywpYddAlJ2D1IoNkw7_0QxCUaev0_PqUMPgKYDalHHv2iw1ZCae5rb3ZKPMW_RaBtcAHwYRG85jgTYGkp9ioz5vwSNePByNL1YXC90O6PFMLf-DzeAzxVE9mMgvQfE_9v3FR8o_M7USCzzCQEFakT8gU_xcckadM103zMBGo4OKdR-YmYdWAYoql6i9emH9Q8yTbZ1FA_cwr-8OFOt3c5Nj3FWRqgSBGgLAixoQFniB0liXt_W40sWNfCS6CuoQ3F_aP7l5okbupe8pz4jjxfHfeIzAuMwkaf4JtKitQdtVEL0mZZOFOvrKp6ThRSTFqt3uo8MRvKRtbd-KHB0gwZU-qN9UGX_0vsnZOsOUUVlonHhszAPEuuqORKHUrLCvJwtERDPAGQS3-vI0l5uxwBBdviRpaceZFCFadF2GLjqo6WGoJsQSSK9gRqOdqoGE_IWwE4Jvuan6H3W7NxKjVJ3HyWHrjtyKqrbN2YtRP_7zCv8YeWMh7YbSEMX2w3QTgAtkOcGMk-I4_O0RvSy_a4AtXgRu2wCKQ3WV9AHTxl0Roo5YuwH1nJxftrROMqFBqan2bH4P4-legF6hwjBFI0NrP0LctXVrY2vKamAADHcsOzrGuahP5ma2neDcpt-72JievRmuQymixiYIpIlpLOyLhXAxqdCFTEK7ILLCM8br5ybI2K59kXCH-SEg-u5IEe6TUTPQchi42_7fQAbJvOCK0XlGMt8o7OmvismlXh3d3FExIn7DPrMrWvfkbD9TSNJRgkm7CP_mslabMmfcDftcVjXqVeZ6wi1n9JqRehZmPKXKxoBnjsfAY-u3dhW1IzBXv8c8JVI9FPV81QVaKnkE1f8k4C0KevesEsUuKF2oz_OhjKfSvMOnvXow0EZmEEe0g29paSqL55w6lDqfY1v64oNZnaizc_BBf8hwWbnQRhegIoD3ZdqIEnvBrow8jZ6wuslBVI4P1phTaDxni3Dje9rvbU_w17nwRvxhrVtU87ZeOOut0Dkarf0vJh2uFGH42StF2nkR0aF3hv6w_Ih_fT9k-O5WYcxP3FkZ4-qPsjyecur_cCkHtKcLNJOvQ71Yz0idaJpuk6dTdHyWtJj-YHZtoD-iFFQ8cSaFZWwnadUYyDemMaE87KIVrIF9flhAOjEJvfX3WFxcClRJls1ETcM8akFFk8Ttor5xK9M8zd8yMUGn6mvkGK-OSGFiVNVub_UOPMs3KiVqnkktw8KirAPU_V_K05McW1Ol4jXFbeur0KMdHHiCFMkozinWP-xNNVdK3W_E_IZLmOJD5aSDOsQw236CQD_kew4Jzh5d1tiFr28Rbb0D-zilR_g5BbtIbTe0-BsXO56-oddy9fgGMRkyhHh4BrOAAEIUvnjEGzSudZTZYZWNNWC4kT4g0S3vHKKN3LlOEJOPTtTPguAfBXTErBDQMjVWCNPUnUW3evshMy8tFsUhLim-NiY_9IviMQhczVrNZr5csFpeAvAwuEQ54i0lX4P9U5pBspXrrypQcYKZDq_7bAtNoI2y3qW_bScTC3oODf3Oa46B25wfuITP4al6-RJT5IGNIyABR9yToCfxmGPlNTX1gklKpzNHFrWnfmddrpp4feau01oFnJ2F_AC85uVFSm2vJoNlwpKr7cL60CEkuAz8-gM37L2_mpPrL5mAa5kMIBTle16k2z3Po8M8aewbJNtxPY_TPOElVDKbmtUzRgk5-vX3v4Ft-NeAvAZlXq45BWiRhEt0Si2w9TWUh_2bVpNAFy2p4Hc06SXiZS6sWc64ZDJKN3jUiUfCvo4YLr9kdZLttLh-4a4Qh-0SH4cyGsA_f3qXwbCGTneicpcK3J7nZJF9YMGhynZ4rWR7gu_PNka-aK6EkX0wgDFLJ45_sSFfCSuAwD5d04n2FZVjRA9jPR6nCxBokxjRMV5CZ0U5lx_wbUp5xFzQyjC_PbFCGAJAhUxzQdbx9SXucg9wbY2WEYCzP92wdF1dxrF38i5FV4A7IcsxoXpDGfvbmp1_3BMC4K3V37ahdKDkO6r-1cd0961fpLRd_rv1zGlfjnz_JauwLeMDPGhhCL6QAb_D4gjlesD76UokJMT5_oB8SJI_TCxVoHlateNoSobld0B4ln41opzSGeWZISvfMtpcPWxfUDRjl6BfJHce5snxo4heQysLXJeYf_zC0-yFbI_1RJn6Px1wCS-w9s0lZ5OBIFpfO4PopOLuqC9eb2PxEJAJXQ5JRz-_VLZjpv-tPB75GZP4YxqqntgdHjmMInZ8nm8hLz-d6fZKUFHevGN9oczfYcM1y9ibJt8B32BaJE0hlroJ9RP47kT5h7xsLZYgGOP7ERxrmD6gtHWj6KAHW_jqXN11OiieqQFXkQRPAgQf1HqhQSwPkNd6VpaYb41iNUBu92UkiTQj_QLJ5J_HrjTxYQS8iiD0F1uQcfcMGEQvgwxhX7xG3xRFtTFiRbhXyFbb8B7RKqiCerJwpRiJpW8iRGFB350KfQYeTywlnUUO0xNqFttkcF5NFUZKLouzX6o3hFeekGqzRFjODaYfJZ2HhSeqWFb44q9kfR2bbiqxP6p0JWdsRic9l0TfLx3ZKvlvZthR-XkjOu6BOkj6evtlJfibS08exOYH4ni0V1xnYtErOrRIERmRcCYakiC32Qgmo_UWAnD3Ts_cpIUFoc_49uLizjsjio8aLPflczrkOZfrTUm51YAG6322qsHYgtMVCOP9i8Jl48JPCwSaoSvb1GM7oq4Q0hRfxjKRlgp2C0YXLgUHtRwsQbnYHt3A8zLnp1Z2KVKAtX0zURfxf6uey2InSRBsPRm6zzFrAhA_9Zzz_Xzr-N0kjTj-TdZGUqSEv91UOJKjAuJ3GASAR0-ImCluOGpRERXaOVr3vp9rkHZzQtechcWn1V0h-97PmQBSIOeKl8eqAevaWqV-DN3l3JwaS4pqOfjVMUf2Gck4xHlmy8I12d6EOj7ijHl4ZzIoFSgojp4j3oysTqiz6thqdhXc7UOiwA3cHQs4GE_cI1ocdhQmQxHWhKaDszFX0M8YuSVvD9JaJYzH70XQGJHU2-O-kjFeyUVbH7K8d_B1jYuFwxOofnEVZkxHzTIB3Szl48qpFpEY53m2_gyizFPd_em6-xtwlKCCU9p5IXtY_c_JnsO7DaXE_bPJBKo2wRvMNuLsGRQRsoF9epN98dOQFOzxSYV46KA8Majftjnfok0gsSDh3m9FDSpMV0R1KJ1-GCTIY-eOcxukFq_3WA&cid=CAQSKQDq26N9ZhX8mhrwAbvYpqlb9_yUip2vy4E8bztT5JvEcW75Cl3y9tocGAEgEw&rfl=3%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252F94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com%252F%240

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e2f614d89f6f81f2274200f4032d0c166edfaf88f80a62f415644456378ebc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37977
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DE9F 3 KB
1 KB 190ms
65ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:28:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DE9F 18 KB
7 KB 182ms
57ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 11:55:15 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DE9F 0
0 186ms
61ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7CJ3uOOTOMloHu5Fn3fTcdubpHGQ7fVtC4_EFUKnM2xj2AIgFYuhbjifbFQMWiMLlFd06MjSdjS8zj9tMIsl0TJxDsQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE9F 154 KB
47 KB 1098ms
1097ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 13:44:18 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DE9F 42 B
63 B 91ms
91ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVgiTX-UJ7njXodWG6ywl2HaeSt2E9yOzExrkZ3pwbHxGAzBRgACHjGjtLE3TXGV28401hQi1WWF2IjrxyA9bAdhPgm2Fby_vEKlpQixV5QIfMhfk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EAAE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&C=1

43 B
766 B

103ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYvuSMzAEwAQ&v=APEucNUsJ9qFsQtaQ7MKjq3gXetES1s8ArwwU-F00jDFOeW7Y7pIGpZVof4B6bYkkyWGK9jm4cdWNhHkw-YvJ0rO9VmIEWpmNkNhymEiPY9tJD-rEJ35meUy2oNYxMT1idgWlNDWeji0S-63t7AnXrJYyVw-mv2ASXLZJHTxd5v_wN53yFe0rPo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 13:44:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 13:44:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EAAE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y34jsipHRUG.EMz22R1lkQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&google_hm=2

43 B
766 B

54ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYvuSMzAEwAQ&v=APEucNUsJ9qFsQtaQ7MKjq3gXetES1s8ArwwU-F00jDFOeW7Y7pIGpZVof4B6bYkkyWGK9jm4cdWNhHkw-YvJ0rO9VmIEWpmNkNhymEiPY9tJD-rEJ35meUy2oNYxMT1idgWlNDWeji0S-63t7AnXrJYyVw-mv2ASXLZJHTxd5v_wN53yFe0rPo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 13:44:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPnN8Sj_wu6XAZmXOlzw_sk&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EAAE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFqQx2KgSiAodg74oRklHk4&google_cver=1

43 B
1017 B

106ms
57ms

Image
image/gif

37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFqQx2KgSiAodg74oRklHk4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYvuSMzAEwAQ&v=APEucNUsJ9qFsQtaQ7MKjq3gXetES1s8ArwwU-F00jDFOeW7Y7pIGpZVof4B6bYkkyWGK9jm4cdWNhHkw-YvJ0rO9VmIEWpmNkNhymEiPY9tJD-rEJ35meUy2oNYxMT1idgWlNDWeji0S-63t7AnXrJYyVw-mv2ASXLZJHTxd5v_wN53yFe0rPo

Protocol

HTTP/1.1

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 13:44:18 GMT
AN-X-Request-Uuid: acaff0be-6c43-4ea1-9de2-3a4be72170a8
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFqQx2KgSiAodg74oRklHk4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAAE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjE2ODIwMDg4NTU0MTAyOQ%3D%3D

170 B
188 B

165ms
65ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjE2ODIwMDg4NTU0MTAyOQ%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Nov 2022 13:44:18 GMT
AN-X-Request-Uuid: adf7ffa3-c38a-4f0d-a00c-fcfa261b3dd9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjE2ODIwMDg4NTU0MTAyOQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.38; 82.199.130.38; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1027165/63628760/ Frame DE9F 238 KB
71 KB 180ms
58ms Script
application/javascript 54.78.104.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1027165/63628760/skeleton.js?ias_dspID=3&ias_campId=29083867&ias_pubId=pub-9928410365207988&ias_chanId=1&ias_placementId=17455881509&bidurl=https://risu.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iwo2IOxemi4jiLMjEEW2pi
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.104.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-104-30.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 25a3333e94d7547fef49d6bde1fadbfc281683663a4fa9f18896794271db0251

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DE9F 170 KB
59 KB 196ms
51ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 16:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75421
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 16:47:17 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame DE9F 8 KB
3 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgbBrrss-PVbihxtzPEYTTYlE114zPCkoOdVW0ifR0dBoSgVW9mSjv_fe3b5lr2_IywaR8A5duLq7rfUzh26mKayXk0pFT0IePV1A6BzH-BwW7P55x0sAuUcx0C15Z9plO3_CuQbn0icA2O6yiKRvfilsgI33tzfUsOyq7XeZnPBnhQOM&dbm_d=AKAmf-AM9XLH7QLgABk_ujPFnDreomEg05RPjL4W9cSLvA9FjUmqNxeNsUuXVwt59OHLQyNS87_6bLfj8MCvPu5L0yaFKLoqIgZN_Y0J-UeNha51hn0vFx-EGThEBw4BpwO5WaC2bQRCiApChpO3dQCSci77BKZ_400ARRI5fPR2dR9OMh10AbZiihESCUAHUh9IjV3SWbZkR8swsx4Xx98exNBSE9w76xGVjKSLgK67uI1h9vvG0ShijoUzlmKYF60NwZV2B1eW9K0QlaJR0yGgCykrtgTfxMX5LrMKJfs-Cqp_A8HYCGumFtU4RFFj8eOb5hbemZ5tjZyKOffPf1DccWW6Noy7x2kB7kY7FnxmG6nqfD9RmxHqkwqCiL0lMnpo8EU7XEycVkn1s3Q3kTozVcByf4GmZ6QFTrgJIywpYddAlJ2D1IoNkw7_0QxCUaev0_PqUMPgKYDalHHv2iw1ZCae5rb3ZKPMW_RaBtcAHwYRG85jgTYGkp9ioz5vwSNePByNL1YXC90O6PFMLf-DzeAzxVE9mMgvQfE_9v3FR8o_M7USCzzCQEFakT8gU_xcckadM103zMBGo4OKdR-YmYdWAYoql6i9emH9Q8yTbZ1FA_cwr-8OFOt3c5Nj3FWRqgSBGgLAixoQFniB0liXt_W40sWNfCS6CuoQ3F_aP7l5okbupe8pz4jjxfHfeIzAuMwkaf4JtKitQdtVEL0mZZOFOvrKp6ThRSTFqt3uo8MRvKRtbd-KHB0gwZU-qN9UGX_0vsnZOsOUUVlonHhszAPEuuqORKHUrLCvJwtERDPAGQS3-vI0l5uxwBBdviRpaceZFCFadF2GLjqo6WGoJsQSSK9gRqOdqoGE_IWwE4Jvuan6H3W7NxKjVJ3HyWHrjtyKqrbN2YtRP_7zCv8YeWMh7YbSEMX2w3QTgAtkOcGMk-I4_O0RvSy_a4AtXgRu2wCKQ3WV9AHTxl0Roo5YuwH1nJxftrROMqFBqan2bH4P4-legF6hwjBFI0NrP0LctXVrY2vKamAADHcsOzrGuahP5ma2neDcpt-72JievRmuQymixiYIpIlpLOyLhXAxqdCFTEK7ILLCM8br5ybI2K59kXCH-SEg-u5IEe6TUTPQchi42_7fQAbJvOCK0XlGMt8o7OmvismlXh3d3FExIn7DPrMrWvfkbD9TSNJRgkm7CP_mslabMmfcDftcVjXqVeZ6wi1n9JqRehZmPKXKxoBnjsfAY-u3dhW1IzBXv8c8JVI9FPV81QVaKnkE1f8k4C0KevesEsUuKF2oz_OhjKfSvMOnvXow0EZmEEe0g29paSqL55w6lDqfY1v64oNZnaizc_BBf8hwWbnQRhegIoD3ZdqIEnvBrow8jZ6wuslBVI4P1phTaDxni3Dje9rvbU_w17nwRvxhrVtU87ZeOOut0Dkarf0vJh2uFGH42StF2nkR0aF3hv6w_Ih_fT9k-O5WYcxP3FkZ4-qPsjyecur_cCkHtKcLNJOvQ71Yz0idaJpuk6dTdHyWtJj-YHZtoD-iFFQ8cSaFZWwnadUYyDemMaE87KIVrIF9flhAOjEJvfX3WFxcClRJls1ETcM8akFFk8Ttor5xK9M8zd8yMUGn6mvkGK-OSGFiVNVub_UOPMs3KiVqnkktw8KirAPU_V_K05McW1Ol4jXFbeur0KMdHHiCFMkozinWP-xNNVdK3W_E_IZLmOJD5aSDOsQw236CQD_kew4Jzh5d1tiFr28Rbb0D-zilR_g5BbtIbTe0-BsXO56-oddy9fgGMRkyhHh4BrOAAEIUvnjEGzSudZTZYZWNNWC4kT4g0S3vHKKN3LlOEJOPTtTPguAfBXTErBDQMjVWCNPUnUW3evshMy8tFsUhLim-NiY_9IviMQhczVrNZr5csFpeAvAwuEQ54i0lX4P9U5pBspXrrypQcYKZDq_7bAtNoI2y3qW_bScTC3oODf3Oa46B25wfuITP4al6-RJT5IGNIyABR9yToCfxmGPlNTX1gklKpzNHFrWnfmddrpp4feau01oFnJ2F_AC85uVFSm2vJoNlwpKr7cL60CEkuAz8-gM37L2_mpPrL5mAa5kMIBTle16k2z3Po8M8aewbJNtxPY_TPOElVDKbmtUzRgk5-vX3v4Ft-NeAvAZlXq45BWiRhEt0Si2w9TWUh_2bVpNAFy2p4Hc06SXiZS6sWc64ZDJKN3jUiUfCvo4YLr9kdZLttLh-4a4Qh-0SH4cyGsA_f3qXwbCGTneicpcK3J7nZJF9YMGhynZ4rWR7gu_PNka-aK6EkX0wgDFLJ45_sSFfCSuAwD5d04n2FZVjRA9jPR6nCxBokxjRMV5CZ0U5lx_wbUp5xFzQyjC_PbFCGAJAhUxzQdbx9SXucg9wbY2WEYCzP92wdF1dxrF38i5FV4A7IcsxoXpDGfvbmp1_3BMC4K3V37ahdKDkO6r-1cd0961fpLRd_rv1zGlfjnz_JauwLeMDPGhhCL6QAb_D4gjlesD76UokJMT5_oB8SJI_TCxVoHlateNoSobld0B4ln41opzSGeWZISvfMtpcPWxfUDRjl6BfJHce5snxo4heQysLXJeYf_zC0-yFbI_1RJn6Px1wCS-w9s0lZ5OBIFpfO4PopOLuqC9eb2PxEJAJXQ5JRz-_VLZjpv-tPB75GZP4YxqqntgdHjmMInZ8nm8hLz-d6fZKUFHevGN9oczfYcM1y9ibJt8B32BaJE0hlroJ9RP47kT5h7xsLZYgGOP7ERxrmD6gtHWj6KAHW_jqXN11OiieqQFXkQRPAgQf1HqhQSwPkNd6VpaYb41iNUBu92UkiTQj_QLJ5J_HrjTxYQS8iiD0F1uQcfcMGEQvgwxhX7xG3xRFtTFiRbhXyFbb8B7RKqiCerJwpRiJpW8iRGFB350KfQYeTywlnUUO0xNqFttkcF5NFUZKLouzX6o3hFeekGqzRFjODaYfJZ2HhSeqWFb44q9kfR2bbiqxP6p0JWdsRic9l0TfLx3ZKvlvZthR-XkjOu6BOkj6evtlJfibS08exOYH4ni0V1xnYtErOrRIERmRcCYakiC32Qgmo_UWAnD3Ts_cpIUFoc_49uLizjsjio8aLPflczrkOZfrTUm51YAG6322qsHYgtMVCOP9i8Jl48JPCwSaoSvb1GM7oq4Q0hRfxjKRlgp2C0YXLgUHtRwsQbnYHt3A8zLnp1Z2KVKAtX0zURfxf6uey2InSRBsPRm6zzFrAhA_9Zzz_Xzr-N0kjTj-TdZGUqSEv91UOJKjAuJ3GASAR0-ImCluOGpRERXaOVr3vp9rkHZzQtechcWn1V0h-97PmQBSIOeKl8eqAevaWqV-DN3l3JwaS4pqOfjVMUf2Gck4xHlmy8I12d6EOj7ijHl4ZzIoFSgojp4j3oysTqiz6thqdhXc7UOiwA3cHQs4GE_cI1ocdhQmQxHWhKaDszFX0M8YuSVvD9JaJYzH70XQGJHU2-O-kjFeyUVbH7K8d_B1jYuFwxOofnEVZkxHzTIB3Szl48qpFpEY53m2_gyizFPd_em6-xtwlKCCU9p5IXtY_c_JnsO7DaXE_bPJBKo2wRvMNuLsGRQRsoF9epN98dOQFOzxSYV46KA8Majftjnfok0gsSDh3m9FDSpMV0R1KJ1-GCTIY-eOcxukFq_3WA&cid=CAQSKQDq26N9ZhX8mhrwAbvYpqlb9_yUip2vy4E8bztT5JvEcW75Cl3y9tocGAEgEw&rfl=3%2Chttps%253A%252F%252Frisu.ua%242%2Chttps%253A%252F%252F94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 21:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 21:16:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame DE9F 29 KB
11 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 471
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 13:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DE9F 41 KB
15 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 11:55:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 38E1 1 KB
643 B 59ms
58ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 18129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 08:42:09 GMT
etag: 48472445140208031
expires: Thu, 24 Nov 2022 08:42:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DE9F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5519186c49ce5973bde69e1a301f8f2f467c12e315cf8b795a171227438dd34

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 223B 22 KB
8 KB 58ms
57ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 92938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 11:55:20 GMT
expires: Wed, 22 Nov 2023 11:55:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 38E1 35 B
464 B 191ms
60ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIa_ySJ5xVF0mz7mJRvn7PE&google_cver=1&google_push=ASkJ3FbzASPW8Omtto2Gy48Yfur8eks9hryETjlfFRSWOGJta6GfEQnGrOS1y3ctBpFUQIX0F_155zk-s_ogk-yZ8B_Rp0RctQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 38E1 0
98 B 192ms
66ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZVXSb0XE5jEtQHCUfMKyrTkFrlbn1pbjmniUEWthIsCdw_xBwAoGEMFrr8kauif2fdWsLxoo9eIuBJXKoWZ-zFUtDpkKM&google_gid=CAESEMwNsV6x5egX4l4gQUemDoU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 38E1 43 B
356 B 188ms
64ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESED7QrZXbCpj-OAx4-rMkFgs&google_push=ASkJ3Fb83lAVB6TTY0bEQaSwUROTzu9FWai1MOx-OP7javnSXBOyJ8gm4hX2VduMYwNnZlCiO8qwoiFfzn0B9VyT_oCluhjothg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 38E1 43 B
351 B 181ms
63ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFA2TEg74-N8Q-wpqYAzzko&google_cver=1&google_push=ASkJ3FYLtrQWbIovldKkuxX6fxqz_oUnViMsb0DPqZ9OlUBz4v_i8KdgfDeCTzxocp4ECukn--J6lWORBQ1HsGFrIDHPOF_jUA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: hahlfckj17dpe7muu4md5f8b1olqvvpm

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38E1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pY6x4F5CRZmly7939RYqyg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

65ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pY6x4F5CRZmly7939RYqyg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Faqsy8VRIHAdOitVuCp0INvgMKpfT0Uv8c8iTN-p-3D2DYFBzv9ba4m2IeNLGlkxNrwwXystaalBMoMz42wsbq0piOEpJM

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pY6x4F5CRZmly7939RYqyg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3Faqsy8VRIHAdOitVuCp0INvgMKpfT0Uv8c8iTN-p-3D2DYFBzv9ba4m2IeNLGlkxNrwwXystaalBMoMz42wsbq0piOEpJM
date: Wed, 23 Nov 2022 13:44:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38E1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIMdFoBJ1GGDdzHk3rBCBmg&google_cver=1&google_push=ASkJ3FYnkb468SQPNoFVRoA_VOl-s3clvtnWThYjPL44GH7LKNe-Hnb5Gm0-_yHe57MBO_iUDoE...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUUDVaTjgtMTItR1pIRQ==&google_push=ASkJ3FYnkb468SQPNoFVRoA_VOl-s3clvtnWThYjPL44GH7LKNe-Hnb5Gm0-_yHe57MBO_iUDoEYAiwPRj47PTZMudgqggTdGNA

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUUDVaTjgtMTItR1pIRQ==&google_push=ASkJ3FYnkb468SQPNoFVRoA_VOl-s3clvtnWThYjPL44GH7LKNe-Hnb5Gm0-_yHe57MBO_iUDoEYAiwPRj47PTZMudgqggTdGNA

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFUUDVaTjgtMTItR1pIRQ==&google_push=ASkJ3FYnkb468SQPNoFVRoA_VOl-s3clvtnWThYjPL44GH7LKNe-Hnb5Gm0-_yHe57MBO_iUDoEYAiwPRj47PTZMudgqggTdGNA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 38E1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM4LMavl-VamUJrcq4lPcuE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4LMavl-VamUJrcq4lPcuE&google_hm=Y34jsipHRUG-EMz22R1lkQAAFIQAAAIB&google_nid=index&google_push=ASkJ3FbnIEGl9XwUO1mUmxxgTn00dCLulvH0H...

170 B
188 B

65ms
64ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4LMavl-VamUJrcq4lPcuE&google_hm=Y34jsipHRUG-EMz22R1lkQAAFIQAAAIB&google_nid=index&google_push=ASkJ3FbnIEGl9XwUO1mUmxxgTn00dCLulvH0HW3MiZS1cd6ggbv9lwVHvfNcrB4CcSL6WoywZDSQ8DJstpIM9TuN8L05fad_BCM

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgXmiFFwbSwig4pAkQ6XtfOB5%2BM8lNowvIfoKnXKTyRk5FmFLjBFEz%2FBITjCTCsgHLbXN5xf%2Ba05f6OQJm7PuOoqxvrkl3gtRTYvIza2F%2Bbd7ecE9ncnmHi4%2F%2FndkTte6MwfXucJmt20mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEM4LMavl-VamUJrcq4lPcuE&google_hm=Y34jsipHRUG-EMz22R1lkQAAFIQAAAIB&google_nid=index&google_push=ASkJ3FbnIEGl9XwUO1mUmxxgTn00dCLulvH0HW3MiZS1cd6ggbv9lwVHvfNcrB4CcSL6WoywZDSQ8DJstpIM9TuN8L05fad_BCM
cache-control: no-cache
cf-ray: 76ea56ba3bd4719f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 38E1 0
12 B 170ms
61ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItU4xM0xSXcBx_ZDx0A2TaG04jR8gjWE4_0-Ell9eIFBYQY4DpSD15g9KHU8Plz98oXCkv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13388817702110049029/ Frame CAD3 104 KB
25 KB 171ms
62ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13388817702110049029/index.html?e=69&leftOffset=0&topOffset=0&c=diEL4eJoog&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bb2fbe42f45b577fc3a4698eadb4550cf1ae26956b1b15e2a2d10fad0c5470b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:18 GMT
expires: Thu, 23 Nov 2023 13:44:18 GMT
last-modified: Tue, 07 Jun 2022 13:05:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE9F 0
0 232ms
102ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVWXyc5GhWkHX5MPkT2k0APl3q2MmMviSH2DN2eX-kOb3HUFxKMRaMigK2y1dmlp3V_i6OQ018xv0yN1aUZn-3JO0GanHD-yN_fbabQwPDs0Cc931J_9GVtX6OzGDW1-m0590bYXyWtbM9-oy3cAnUAqcdR2MbkQRLzzwdYm3NghsmCKkxGdS-3OGOk2h9Pwuw0t4yG7Y_Jho0JaLNaiZOuAfZIAACV7v4iIQp6cWQL3Uf2Ula0kVoUpDTjqMWLt2QHn5sUB3cGDSQx1p0UM7hEGkFhQoKQWDirY_lPU61Wxk31FWoBL9MHPneYYBd-0Iaoyr6MnWJGgFIag2ohfPLzmJNc8d8fRZ6zsTc2QglreQiMVnHV_e3YkFuRmcSptgkrQO8NnibwZon70UU--57Wf8ps4lWS7JDxhHVIciuT-UeH4qzUzH4o3y-hs14apk01cMqU4aCGv0P9Z0h4NTvTohHivhfh3bIIJzzQHW96Iuu3lNKzFwXPTL3LyoyHB-exA3mw8i_xSnqyENiTMHqo3d16y1gKc8S4SdwJQFMQUXIY5fsgM_qHH-53EL0zaq34_tQR2pRCH5gra-9NA_-MG8f2oyNgPtl2hv7gfypB4Jo28Ngufs3jSO7nWAFeKqHJOxjfKo6alflbMVwTbHhU8anWK4OR9WYNbhlKHt37L-YaAPM1cxZcO6D5DlZhekVe25zYhqkny3FV5GMIduDIhy9Y_PLQb83CMG49QRjtWKvo54B2EXaeJJJ6MZ2G7ddrmmNM-beWPUyi1Zg0mvOHY9C1bP4NamvC60tIy2ulxqYbCJ6bnWuyF4mRPaYQ-H_Qt7WJiDgT7ymJ72nwrlSFX1JMvpwPHPbaP9TcWOGwPz9SnPbPaGsSz3cS4irDEJlJua-5SV2nHVbRoB8ftvwCsBgiM3w4zpVC7LZcutX1eggdQ981DnIZtFOvAs6Oe8VW_W9Tn0oultq8AiCeu8AyCvoiDXOxQJAJtJScYeqHVwaKMwMEn4PtW5RmRllOC9Mt4iqt88brs2hY_UwGu8BqIdTi1Ts3NQK4hybADOn307Vd4Emg8WSjIs8meOKb0y0NWcvOIX14KZeP1MOdkrDHtqxQlzcrj6tFG5cY69C5W_A-x4VCSRtlWJxY9NSlohCl5Crdv8rZXev7_vrzhe6SvFjc-0olZqgb2GflEmot-K9ZbNubCkOmZDI-FiMFADKdtbHrYUn5ZoHtMcX0-SHc3U98F9HJJG-fIkHPr6M8Sx_9A&sai=AMfl-YQgl4bvurC_Ft0reCCIojQBkiUZlfmxarf3_K9P9O0gVIEJVKnsmtYVHe0DPdyP6yoXhtFveGjdtgOKhXep7sMXRBss0HwbYvSUo5djhsxkJ_NRrwULkySpUoJpImDO5k0lbVMMNSYU6D1d4PtzXwNH43q1-luQobDMGvYMHl5QpjAfE4ovYv9tGcDOwlZlk9rRmrBRXaXYGQWSqp0&sig=Cg0ArKJSzGncl1KTPlCbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=300&cbvp=1&cstd=294&cisv=r20221110.82165&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Nov 2022 13:44:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 13:44:18 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame DE9F
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1027165/63628760/4.js?ias_dspID=3&ias_campId=29083867&ias_pubId=pub-9928410365207988&ias_chanId=1&ias_placementId=17455881509&bidurl=https://risu.ua/&ias_dealI...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

175ms
72ms

Script
application/javascript

2600:9000:21f3:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Server: 2600:9000:21f3:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 19:50:38 GMT
x-amz-version-id: 3QT7xtKQrkwGRO1DDJMTLTUBK8T_05cN
content-encoding: gzip
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 150820
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 21 Nov 2022 19:50:34 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: KaJDZbcb_bX0jtY8I2goB7Yb2YD_gh2SoGJjEJoSCn6rm_PwIYLviA==

Redirect headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 7F18 91 KB
23 KB 215ms
66ms Script
application/javascript 2600:9000:21f3:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 736798
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: g9wwYeIarxoHzsGlFfTguVPVHiJqjvyHsBlY2KuGpcT0iGzf2YEKvw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE9F 43 B
216 B 366ms
117ms Image
image/gif 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1027165&asId=e9db398b-5a5a-8ea2-999c-9fbee16e18c3&tv=%7Bc:uNwRGO,pingTime:-3,time:42,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:to19usg+11%7C12%7C13%7C1411*.1027165-63628760%7C14111%7C14112%7C14113%7C14114%7C151,idMap:1411*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE9F 43 B
215 B 365ms
122ms Image
image/gif 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1027165&asId=e9db398b-5a5a-8ea2-999c-9fbee16e18c3&tv=%7Bc:uNwRGS,pingTime:-6,time:46,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:to19usg+11%7C12%7C13%7C1411*.1027165-63628760%7C14111%7C14112%7C14113%7C14114%7C151,idMap:1411*,rmeas:1,rend:0,renddet:DIV,siq:19%7D&tpiLookup=ao:risu.ua*%2C94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 223B 36 KB
16 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 13:05:50 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE9F 43 B
215 B 362ms
120ms Image
image/gif 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1027165&asId=e9db398b-5a5a-8ea2-999c-9fbee16e18c3&tv=%7Bc:uNwRGW,pingTime:-2,time:50,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:488,beZ:489,mfA:491,cmA:492,inA:492,inZ:496,prA:496,prZ:501,si:506,poA:507,poZ:525,cmZ:525,mfZ:525,loA:534,loZ:536,ltA:537,ltZ:537%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:to19usg+11%7C12%7C13%7C1411*.1027165-63628760%7C14111%7C14112%7C14113%7C14114%7C151,idMap:1411*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:19,sinceFw:30,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enabler_01_247.js
s0.2mdn.net/879366/ Frame CAD3 63 KB
0 54ms
54ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13388817702110049029/index.html?e=69&leftOffset=0&topOffset=0&c=diEL4eJoog&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13388817702110049029/index.html?e=69&leftOffset=0&topOffset=0&c=diEL4eJoog&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 11:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 11:10:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 223B 0
20 B 95ms
95ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHiLssSN-Y4f-MsPrx_AP_42E6AMAAAAAOAHgBAI&bg=!Li2lLWnNAAbvMpMzzzI7ACkAdvg8WnTOrev-_mcE5una-CMkY4RIpBk8I9WUjwonGvaqFWnQ8BkAwgIAAABaUgAAAAJoAQeZAzY5KkJ58AoSvAjfjJJDlyC01yamCM2-aVcEYXQ83tYm607iWrtr41p3dbcJ56UQOfZB_74Gpus8yAt-GFtQ0Pr3F8SLxTzx3HXg4VYbJ5mDFPxUc8-ohFkBIo_uWgO_nulrOz2JDSkxyIljvZUMGSH8SY4IqS727ezJ-LYgAp4FOXo4UBmwYqo21yTW8RPYyQeI4zHGWONExqs7JFocL7t0SJqJhTWbKJK5soHclRhagrt7cNZ7xFlufs-PkiYzJQ2ioQO-zOmK1nQlGPUufIDqGG04zJRY3vuVlOePAQSeFfQwsxyP0Wr5PTXuzXP33kuQeMDfPj0fcydU0_ENSrv8bDXKbGhoWxRShuahnQmvoTM7K1WfqW_ZDg1xrmxfmQTsHt7kld9oJv_Zxk4emFnooce7DAn-3bvdM7pxLT-MlDdaLyZg5h4mE8x2WtsVageznEE9N7KHAxt7O0GkEMPoZjDYrs1inVaRwrEv-WwkZFo7ezg_Ohuv_kV8XztdxCwvBQ0H_eg4Kq2H-I9K1XyTi2G1nGCrKqeGoxgds87DvEVCdRoxacehsFK7fFm4lymEI6AhbeMJqxxRYJN0o6CYPgQfCjbfpiMon2mLsm7Sh1q0Y3p87Fs1Axrpvze6I5zzWa3561ywgjrXsf-sbuTHmsRuw6noVX2EtmyaDayghBRJIkmb8BmTtixzMPQK0FVdjEF75dTgLrk3md4OFtdAG8oUbD9sXg0OfGrOrIRNliwfisOvf6MRq-1oATKVqco3kP8d4RXEMYMimZcCOst390b8g6tVZ5aGCPRRj2vlvp3tsNWEUshpsMQKI8CbjddqjauNtYOJk-eYrlAyUtkAGJYPq3N6mPOgJwmzHvdR64CWQcPri5Jop7qQ8fUwbVhyoV7ffyjnII5v1FUbuHVkXfMl9lc-OEZyOtpauSy933CCxXcqITRlpucTUeYbZpwsjSrjBFeoBotAP9GH6KdESCD7v495H-BzhpJ8OY0AYMfW3Vq9QGBnHy9VoKzfaZxcxNVAfoYhHryKtuEi6Oxprr1XCwfh3E396_SRbWaUtTNTazO1kCyEJQzNbzLBag3rpXQLLJs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE9F 0
26 B 92ms
91ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf0-qY5C1-g578-PyGz1wSSlqStJGd9lWYb_5YkRjeE11k-YhDML3BAzwUXnZIhE_7EScadvJSrv0skD5nKFQLh3f3P8uGyXrli20WJeonb6rhBaKzfU_pCyuw3LR4KJXBVKiCNftfamlHxRm5xInXvcc&sai=AMfl-YTQb_EZA-kg5XomyigHUrd7n3OwuGa8hVIPI9p8A5omQjZKXdtnVf1G25OzGIraA46vKf-0yOf80jnoNILKT-7ekB4vWGJW8lH0oVes&sig=Cg0ArKJSzOJM5kqTM7XPEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 passback_728x90.js Show response
static.adsafeprotected.com/ Frame 7B4D 3 KB
2 KB 59ms
58ms Script
application/javascript 2600:9000:21f3:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_728x90.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding: gzip
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
date: Thu, 17 Nov 2022 05:17:01 GMT
x-amz-cf-pop: FRA2-C2
age: 548838
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:52 GMT
server: AmazonS3
etag: W/"696b4c19d35efd706805137a8a4b3831"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: WwDj6PffuEaja0pXgV5ukBLw3wG5Fw0I6zxrEk3AxQ16TKL5575SLQ==

GET
H2 200 IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 7B4D 10 KB
10 KB 66ms
65ms Image
image/png 2600:9000:21f3:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: 4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date: Tue, 22 Nov 2022 01:02:26 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 132113
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 10216
last-modified: Fri, 18 Feb 2022 23:29:13 GMT
server: AmazonS3
etag: "b1464a7201f691a1e4cf6fc057919d7f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: YJcBctIHvm6ukoLSmNN3Q5-yP0pOd4dki1Se0IqWuC4Fq-nCMT8k7A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DE9F 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1027165&asId=e9db398b-5a5a-8ea2-999c-9fbee16e18c3&tv=%7Bc:uNwRPu,pingTime:-10,time:580,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTkuMC40ODQ0LjUxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669211058844%7C%7C099f3c762468ce70346a7f6b7aedf1ca%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C3047d6c70c3d3534d06fc7742f51e297%7C%7Cee3b7f92ecb002244f8048786ab204de%7C%7C0f20ff3195a886868d3711461cdd6526%7C%7C9bfdb1ecb91302714b90332e2d4645b2%7C%7C3c57e99c799e4dc6a57c9cee3ce4186d%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9928410365207988&output=html&h=90&slotname=8325297138&adk=2872405833&adf=3173046729&pi=t.ma~as.8325297138&w=970&format=970x90&url=https%3A%2F%2Frisu.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669211056961&bpp=2&bdt=237&idt=263&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&correlator=2481358873046&frm=24&ife=3&pv=2&ga_vid=591225144.1669211057&ga_sid=1669211057&ga_hid=964588400&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1083255078&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070969%2C44770881&oid=2&pvsid=151541581135637&tmod=806128460&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.fkqg7mb08ekh&fsb=1&dtd=284
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:daab:4eb7:3635:fbbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:18 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 7C34 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdeeb9cf506fbe7702b09d10043882e8169788b432506c0fdd8467ee8548a7ed

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C34 0
0 93ms
93ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQwdschrBz_ysvXy8g1zbXgIwyrdz6nnJIbJU1J9MdZigWTixc0oeOP2tQloNMkKLJbbvEr1t6XIIpwpKDwN2KBGMEpb9Yoi2oKR1UaEuEyua1rdqlboIsWXu28Yis8GhQTAFT0UNQ9OzOozjEhObMRpVJCrSwUwpaK4Npk4m9qkknKf7tElWhEvx_uNjJKAdU-2jnavMvbI1sqhADbMQevSF-knLViCpKPHyUTUm4jU3LGXfjIg3DhLIZHaA6RVVEN1Vu7NBDyqBazIkx7SeiHgeAc0MKlvEY418MN3jOKlBPCQ2Z-8EA7B_XLIEzB76pMKKSeJumLAAfj7sDS7w&sai=AMfl-YRvLMYa1dy-Oo3OQ08rENSk03EU-cgZB-4i2fXSqjQgDXzcyp27ZG0zBSaxXDMtZdnJPXV_ey1uHNT8vwEdSM7DhwN_BE4u08mZcDD7Y5hkKlSyUTSMcnoy7IbbT_z-57sJ_DbK_ZqvxT76PKwJRw&sig=Cg0ArKJSzAYVadcKG7MXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 13:44:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E058 0
0 93ms
93ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQR9UNB0gAA36ZEzupc-xW25jnNuX6zTGpTxm9xDf9B9qda3FGkSCuhwkihncVockWUw7xdQ6YijdilhIeLuj8j0bYawWZQv0hZzjgv2mYilP0pRN9NAOG-gFWEfUviTZeWAlGxjCdTrd3_9uZhQaMC4JOc2VETjYssFxu5FFNmDcZSkMnwLLUQ0_r2N7u7xENrAfsw9i4THs5rwWNYZwtSbAsWwsy9-3bDtK8cfr0IbwGrqGKUD-UPaFNpDd_V1NBmOSalLjUBDg6IkY0niaR9OHzNybTSScPgQ7SnsCSZzm34DKV6y4N1x_mUtrQGJt9KXP6TXcfMo_xn_A&sai=AMfl-YRj5rlb850dxoMmjbZM-UKt2PfaRqDw-lnNEAGo13O5EdNRalBZ6fhUHjpef_G2Z3dwxYFFo8AziQw2tC-pw52ovZ3UkVnv3ZmJACYVAGbKvmOzRPhuiLlbRNDYMaPMDv6payA9BVmfUukENC-yaA&sig=Cg0ArKJSzBkRnlPJhz-hEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 13:44:19 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DE9F 0
0 210ms
95ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVWXyc5GhWkHX5MPkT2k0APl3q2MmMviSH2DN2eX-kOb3HUFxKMRaMigK2y1dmlp3V_i6OQ018xv0yN1aUZn-3JO0GanHD-yN_fbabQwPDs0Cc931J_9GVtX6OzGDW1-m0590bYXyWtbM9-oy3cAnUAqcdR2MbkQRLzzwdYm3NghsmCKkxGdS-3OGOk2h9Pwuw0t4yG7Y_Jho0JaLNaiZOuAfZIAACV7v4iIQp6cWQL3Uf2Ula0kVoUpDTjqMWLt2QHn5sUB3cGDSQx1p0UM7hEGkFhQoKQWDirY_lPU61Wxk31FWoBL9MHPneYYBd-0Iaoyr6MnWJGgFIag2ohfPLzmJNc8d8fRZ6zsTc2QglreQiMVnHV_e3YkFuRmcSptgkrQO8NnibwZon70UU--57Wf8ps4lWS7JDxhHVIciuT-UeH4qzUzH4o3y-hs14apk01cMqU4aCGv0P9Z0h4NTvTohHivhfh3bIIJzzQHW96Iuu3lNKzFwXPTL3LyoyHB-exA3mw8i_xSnqyENiTMHqo3d16y1gKc8S4SdwJQFMQUXIY5fsgM_qHH-53EL0zaq34_tQR2pRCH5gra-9NA_-MG8f2oyNgPtl2hv7gfypB4Jo28Ngufs3jSO7nWAFeKqHJOxjfKo6alflbMVwTbHhU8anWK4OR9WYNbhlKHt37L-YaAPM1cxZcO6D5DlZhekVe25zYhqkny3FV5GMIduDIhy9Y_PLQb83CMG49QRjtWKvo54B2EXaeJJJ6MZ2G7ddrmmNM-beWPUyi1Zg0mvOHY9C1bP4NamvC60tIy2ulxqYbCJ6bnWuyF4mRPaYQ-H_Qt7WJiDgT7ymJ72nwrlSFX1JMvpwPHPbaP9TcWOGwPz9SnPbPaGsSz3cS4irDEJlJua-5SV2nHVbRoB8ftvwCsBgiM3w4zpVC7LZcutX1eggdQ981DnIZtFOvAs6Oe8VW_W9Tn0oultq8AiCeu8AyCvoiDXOxQJAJtJScYeqHVwaKMwMEn4PtW5RmRllOC9Mt4iqt88brs2hY_UwGu8BqIdTi1Ts3NQK4hybADOn307Vd4Emg8WSjIs8meOKb0y0NWcvOIX14KZeP1MOdkrDHtqxQlzcrj6tFG5cY69C5W_A-x4VCSRtlWJxY9NSlohCl5Crdv8rZXev7_vrzhe6SvFjc-0olZqgb2GflEmot-K9ZbNubCkOmZDI-FiMFADKdtbHrYUn5ZoHtMcX0-SHc3U98F9HJJG-fIkHPr6M8Sx_9A&sai=AMfl-YQgl4bvurC_Ft0reCCIojQBkiUZlfmxarf3_K9P9O0gVIEJVKnsmtYVHe0DPdyP6yoXhtFveGjdtgOKhXep7sMXRBss0HwbYvSUo5djhsxkJ_NRrwULkySpUoJpImDO5k0lbVMMNSYU6D1d4PtzXwNH43q1-luQobDMGvYMHl5QpjAfE4ovYv9tGcDOwlZlk9rRmrBRXaXYGQWSqp0&sig=Cg0ArKJSzGncl1KTPlCbEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1040&vt=11&dtpt=740&dett=4&cstd=294&cisv=r20221110.82165&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: risu.ua
URL: https://risu.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 23 Nov 2022 13:44:19 GMT

GET
DATA 200
OK truncated
/ Frame E058 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3982f84e4bf4a47e0dc56bf1eb9943d894de5da942cbc048f5e464fa936d69

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E058 14 KB
11 KB 211ms
102ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d94ee1100c5378980496ac42ea7fbfc48043b958cb778973a72fc105b119afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11204
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 221ms
115ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28252d2bbe4c1f2899f06bee36eea6fa18671a24f42f80516438b1f39b80ecc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11234
x-xss-protection: 0

GET
H2 200 lato.woff2
cdn.gravitec.net/fonts/ 14 KB
14 KB 76ms
76ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/lato.woff2
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:28 GMT
date: Wed, 23 Nov 2022 13:44:19 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-36dc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 14044
x-proxy-cache: HIT

GET
H2 200 sourcesanspro.woff2
cdn.gravitec.net/fonts/ 8 KB
8 KB 66ms
66ms Font
application/octet-stream 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gravitec.net/fonts/sourcesanspro.woff2
Requested by: Host: risu.ua
URL: https://risu.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441

Request headers

Referer: https://risu.ua/
Origin: https://risu.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Wed, 02 Feb 2022 09:06:29 GMT
date: Wed, 23 Nov 2022 13:44:19 GMT
last-modified: Wed, 02 Feb 2022 09:01:35 GMT
server: nginx
etag: "61fa486f-1e44"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10
accept-ranges: bytes
content-length: 7748
x-proxy-cache: HIT

GET
H2 200 2046077270.png
cdn.gravitec.net/images/users/1642479991123869696/ 6 KB
7 KB 62ms
62ms Image
image/png 45.133.44.3
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gravitec.net/images/users/1642479991123869696/2046077270.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: 97ba4a1b5e275f47dd46121275bd0148ac3be43bb1b302613a4d06923a50fb18

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
date: Wed, 23 Nov 2022 13:44:19 GMT
last-modified: Wed, 03 Jun 2020 11:32:56 GMT
server: nginx
etag: "5ed78a68-198d"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 6541
x-proxy-cache: HIT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 13:44:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E058 17 KB
6 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 13:44:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB4A 13 KB
5 KB 57ms
57ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 6638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 11:53:41 GMT
expires: Thu, 23 Nov 2023 11:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 055F 783 B
533 B 183ms
65ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

035006fa4feb5fa4e8d272018082b023ddd367d780f7033c8ab0e10915b83dd3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bQMvotmoGUpQkCgvbce4fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://risu.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-bQMvotmoGUpQkCgvbce4fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:19 GMT
expires: Wed, 23 Nov 2022 13:44:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F6D1 13 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 6638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 11:53:41 GMT
expires: Thu, 23 Nov 2023 11:53:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 501D 783 B
536 B 171ms
63ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a0304164cbff2fa43fb73160ea87a974f247d534b1437678f713d09f83aad04

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q8iAzQHYj17sBtm3p_PYWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Q8iAzQHYj17sBtm3p_PYWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:44:19 GMT
expires: Wed, 23 Nov 2022 13:44:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame EB4A 36 KB
16 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 13:05:50 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame F6D1 36 KB
16 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 13:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Nov 2023 13:05:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 501D 0
0 90ms
90ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=151541581135637&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 055F 0
0 91ms
90ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=183998554022169&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EB4A 0
10 B 57ms
57ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?X-OBzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F6D1 0
10 B 57ms
56ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dxyAHQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 13:44:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DE9F 42 B
64 B 95ms
94ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2SfzgsMUj3vArVEBm7yDUWPd6ASiiHXpiyMzmT_aOKJPBH2vrgcADH9_hGUDChNRR7kLL_lGnnNIvjrbYUoZ6txU3M8lcDuOp7yZmqO99t-Rn8C8hb5yIUib4_JleYjFArRdKjQ&sai=AMfl-YTtNB_py7ztwDhfdyb_oJjUHvIELWf2csisFZwe1XEP43CKDp3nUH_ftEc4L7OERF-z-GgcoHSc3N5uG4JgiW1IApQ4ga7EcL5mIw&sig=Cg0ArKJSzNHXWVWNDMLjEAE&cid=CAQSKQDq26N9ZhX8mhrwAbvYpqlb9_yUip2vy4E8bztT5JvEcW75Cl3y9tocGAEgEw&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=2872405833&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669211057778&rpt=1216&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E058 42 B
64 B 88ms
87ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzdXQAJFWob1H6un_u0rBgGrNDcOq6pl-VC8MNuP3iQxgKS9TDDx6cGXpuNKhkh3qHcMUX138EKNnedpoOvmUbyYRatU4ViqJF0cmMd-pmoU7sM3S0&sig=Cg0ArKJSzDFewR4ZrELCEAE&id=lidar2&mcvt=1003&p=88,240,178,1210&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2389199358&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669211056666&rpt=2307&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 13:44:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
93ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=183998554022169&bg=!_v2l_bnNAAbvMpMzzzI7ACkAdvg8WuaDYuhrOIcW_Zh-oQhWvXg4C41BpFbqdn36eeb99MbJRQFMXwIAAACNUgAAAAJoAQcKACQnq0rT205JQ6vw_eSETXxCzsv9RXSjigUL-saDR02XbhdjQ_KZAqZgywFB_E66y1d5A6iWT7TumQTKZ0g3G_0X4xs6AW_yMKgf0x_xEsGINs7azzvVIkzMoYWSIRyq2LOKnxZ5jM4w0WvRmWuzV6weWv50BNwl90VBSFiKO-CMe8fBuiygW3WMUTs8zuuV5EHWw4upEBjAJTUWGbktp6BskDTOF91GXOVmvqOIC5Fb0Mvqw3OjWRPKCQgZ49EMXS0TtOd7jLFD9jrEP8bHTsjgWTxaL380lNl1U4ttunEV8qKGXObr_K1Z88q5fggOFla0tk6pqmaiGeotbPP_dOhKUVfU7e7_MnuHYIllVPqV1rDRWjLB0qWwKhD4yGFHWrkgcf7ZVN7q82dz7MtQ8m70DZ6_8sh282q0LWECB9kWgk2JTgt6Lj6wq6PJhrgTEpZJtAwG_mfW47PUNbpbpf-TkrnOt3RXHgUGV2Oh7BeVKs29q5h-h4HQP2RIz0YR2GUDZ-sADF0AMk0BoorNQcB2-WJgy_v7L62hrhAQ3iVOxOB2cm6xpRvIm7OTAppOimo2tS2d9tTuguJbWbjv2CvYh9UfjWX-N6VQufnFEPBvUSKFkviYY1399mUa-p8YhVc_B7bE_Qjx04oC7NZKQDQ4_1A9bONd3sen3vJjOFIz0PchXKL6dBkwppUvooxxYRlS0meeVFJBEM9e2kf1z4TM2bFgD3Dm54VPr1_QJTjuCYD0WtwhRsyJ91Omjd_zcgJ-iH-TjRa72FJUCcT0mjuai8Tfpr-SsZXx0i_jlkJXqIoHqrWeNNVKMACt3uNo4PKkqY10bGT01BMcFKGyPBhQ0xlCvieym6QWvCLq94tK8aefdRWJ2ggR5JIwW02Q70WFpwRBWS7DY94pJUS4B2MMdAEvrcipYcRITYI4cfbxFFZKLIAJBgUDKUSXccA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://risu.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E058 0
0 93ms
93ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=151541581135637&bg=!JiWlJWHNAAbvMpMzzzI7ACkAdvg8Wq-eaMKWO8OtQjigfdPiJs_dTqLg487fdOmDT2m9jVZ0RF3pTgIAAAB8UgAAAAJoAQeZAu8r35UUvMbByKQ2Zlnp0D4i_z64DKxq_EkRIbviPW1rx-ngGsAE5qjEfL6ZEPG2IBCRjLX0IEqMHyByU2vyojOsMDNgz_ol1l5OauaUpuEbK5VBQ3PLC0IBezdxFTFvlML-E2WLS5M7NwTDjsXZMONEQ3DA6NIz1SpHX358VmykLvJPQQxjXMG3X7f0-FrYpXTud395PhMVgJJNRm3VdQZRR-PRUvLgrDuRdY2ECpfhlPQNQckSWKCwMdOSpwcoB-Sz6AWV5KxY_eWtkIVTCLZuxvGGHeXr9fEWkZbsW61_4KCwX-iQAIwm3mL9szmaM8TquuYewYt8ZoBeDQH9j08QiYsNaz27GeTY9jNfP6bUBIIAzbmW2EuT9Vx4WFmSQFsyU3Kz_phEhiRl1Soh_bRE3Jev5dT45D8cASCooIEq1AT06zr62HQe9nK-IiqQRVUkeJneiD7Asnt2Fm5knxRJfqMGLln-Odsc4H-VnDlt6pKm8dvJIOdvrZUuzvZA4rfxTuERtMsPfBK9Ftc-wczzQqSZ9sSo-t3_BodsLUvmgSETYneUsq6DtW3LYEsvgYUOzwSucHUTcAipOfa_sCRZ7OIspo_c0qKp6Y25Htqhd-ZiBBIcJejlOEL99w8fSzgUOkIHZIZwMbgVpvWiPZZhZNEeRwscg5gncQIh9Tu-5IsYDvL5Cl4JMaGSqzLYRYQP5pDpbfc83lBlkZ2l06Nl4ZlI7MEjfV4qFrHQSf5mLNz-EnOAuw1RDGS1j5J-ftd5EKeOIEHwdNkL5WmsWHQvoxSt-NL8tmkmU4lDgV7HQr-bBrASF-zpWsqAOojDIlmmrN7eNPLwns81KBoeRBN-GFTbkKvpTcJ1w6r_5Ymxn6x-QYe28Odj0qzi-Wfk4J-ijUuYsVavP-G4uvmKgDcTxr6_9MH12JK5wcyJdc6ftj2XGTgNkIcXAJDEAU-puaMeG8Q8de7vHWnUw0Xj8L-dFzhQvIMMLWmEx7iRLJj6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
risu.ua/	1970-01-20 16:25:47	Name: hl Value: uk
risu.ua/	1970-01-20 08:23:23	Name: device_view Value: full
risu.ua/	1969-12-31 23:59:59	Name: b Value: b
.risu.ua/	1970-01-20 17:16:11	Name: _ga Value: GA1.2.1900202037.1669211056
.risu.ua/	1970-01-20 07:41:37	Name: _gid Value: GA1.2.1408347472.1669211056
.risu.ua/	1970-01-20 07:40:11	Name: _gat_gtag_UA_11950234_1 Value: 1
risu.ua/	1970-01-20 17:16:11	Name: GN_USER_ID_KEY Value: 4713a21f-a454-4957-9969-fd56f7e0c356
risu.ua/	1970-01-20 07:40:12	Name: GN_SESSION_ID_KEY Value: b7fda08d-e8f3-4bfe-84b0-3d3b6ff1fbba
.risu.ua/	1970-01-20 17:01:47	Name: __gads Value: ID=6279da8544606a00-2277aef576d70061:T=1669211056:RT=1669211056:S=ALNI_MbID4OYYe0afuyfSzVXEJIoXKVzTQ
.risu.ua/	1970-01-20 17:01:47	Name: __gpi Value: UID=00000b8640a9c2a6:T=1669211056:RT=1669211056:S=ALNI_MYE-qu1xBLAxClOL9FbDkW2768zjA
.doubleclick.net/	1970-01-20 17:01:47	Name: IDE Value: AHWqTUljotntiHkY1QyPW7Biyz-GNxzgkHEI3m8d5ldFvNvgibD0I1VOMr7KXRaWXeA
risu.ua/	1969-12-31 23:59:59	Name: IdealmediaStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Frisu.ua%2F%22%2C%22svsds%22%3A1%7D%2C%22C1319990%22%3A%7B%22page%22%3A1%2C%22time%22%3A1669211057542%7D%7D
.adnxs.com/	1970-01-20 09:49:47	Name: uuid2 Value: 8216168200885541029
.casalemedia.com/	1970-01-20 09:49:47	Name: CMPS Value: 5252
.casalemedia.com/	1970-01-20 09:49:47	Name: CMPRO Value: 5252
.adnxs.com/	1970-01-20 09:49:47	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImKs+NV7!@wnfH8K6pQK`!5=E<L5?%Lb3]2J<7%BVT3lCzClf$-776(X$9y#P9.4)[KbpRzqF1`b`cE*C8Eu
.quantserve.com/	1970-01-20 09:49:47	Name: d Value: EG0BCQHSJ4EA
.quantserve.com/	1970-01-20 17:10:25	Name: mc Value: 637e23b2-4a019-93e5c-db435
.pubmatic.com/	1970-01-20 07:41:37	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 16:25:47	Name: CMID Value: Y34jsipHRUG.EMz22R1lkgAA
.casalemedia.com/	1970-01-20 09:49:47	Name: CMTS Value: 5250
.pubmatic.com/	1970-01-20 09:49:47	Name: KADUSERCOOKIE Value: A58EB1E0-5E42-4599-A5CB-BF77F5162ACA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZVXSb0XE5jEtQHCUfMKyrTkFrlbn1pbjmniUEWthIsCdw_xBwAoGEMFrr8kauif2fdWsLxoo9eIuBJXKoWZ-zFUtDpkKM&google_gid=CAESEMwNsV6x5egX4l4gQUemDoU&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

94530114d16dacf7adc539c8469d12d3.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
api.gravitec.media
autocounter.idealmedia.io
c.bigmir.net
c.idealmedia.io
cdn.gravitec.media
cdn.gravitec.net
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
jsc.idealmedia.io
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
risu.ua
rtb.openx.net
s-img.idealmedia.io
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.idealmedia.io
ssum-sec.casalemedia.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.185.98
172.64.154.237
185.64.189.115
185.80.39.216
193.239.68.97
2600:1f18:1aca:4280:daab:4eb7:3635:fbbc
2600:9000:21f3:7400:8:48e:53c0:93a1
2606:4700::6810:dd4a
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2008
2a06:98c1:3120::3
2a06:98c1:3121::3
34.98.67.61
35.214.184.209
35.227.252.103
35.244.174.68
37.252.171.22
45.133.44.3
45.133.44.4
54.78.104.30
69.173.144.139
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
035006fa4feb5fa4e8d272018082b023ddd367d780f7033c8ab0e10915b83dd3
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
06c3c78658ced02c04d2e3c64352e3826410cbabca43309338f6b56f9d935d19
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a91fbed903c7ee569d116adee58d579d0c64775a469ee86d3cc4281f913bda1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e571a606de4d37373afdb6f9cebc7f0bd2c2f2cee7cf31261d7c32a5e35d121
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131981a3fd726e184a038e7ec9c60db3db2f0ff128160ba5d687bf39457c6825
1513d153aa3464a73b682d725308214fa0b88140c41de4ce2fde27bee0a1e076
151a7259f7b7ba9f238f2597a72cce7d2671faf4b4660313ba5c0856eeca1bc3
161ba823ff6b6192f510ac88fb558941d2f635cb1c2ab4edc38f78014f487b05
16555ef1cffe3379aa4a915ec6a51ebf338a0d51ffa4409a3da31e0bed2c2cee
18bb0899ef9cc7bf9feca9f960cd72b984105de7836a496402134e0766cd2aff
1d162ec122781019246cb097761ece5bfa1d3c0dd220a9c0eabae6c324cc77bf
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e816fe894ebca2810aecc4bbe22d46946dded89e495dca949926a7285a6d78f
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25a3333e94d7547fef49d6bde1fadbfc281683663a4fa9f18896794271db0251
26517434c988e12f70c2af912f19a9d84db7343fd77ba0600084a8178c321ea6
28252d2bbe4c1f2899f06bee36eea6fa18671a24f42f80516438b1f39b80ecc4
2a25a5abfba2b7d9a232989bd29d4e0c2c757abc63dd087767edb16242f6e4ee
2bc69c1c1c4bf49e80a77f83010c01e575fd6922229943b9feb8864a492ac441
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2e2f614d89f6f81f2274200f4032d0c166edfaf88f80a62f415644456378ebc6
30ab178395a12efd36784c0885df40b7823d4c70f7a86962ec81a9198407bdc4
30c9c218c59a131fa94959c526e27e7335018c04425ac5c02b1ffeb7e55b9962
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
31f9bfa22a247772810cc1a63fed96e8e011690dc8f5ada34466e75c57f25dcd
32046da56b13f1a2f1103ceef695dad7a749228a53727a235744cacb5e41a11f
33430a4e18aa10ce687b1fa837f8d69cbd82f5f16ae8bea30c44c6546835f77e
37ac7f1471139dba4812e669add5bb3afed07adc983d26670e807d60abc64594
3f3048328ea976c336c13ce30d86374bfc6036a0dc0e6efba2eebefc1040bc1e
40fcf971b534a835406fdd12ffed98776c9aa4826e24e2a13161cff745ad31dd
43c03b4c6717847e16573f7ae823df8bf1df9fcfa158360f79b2f10da31adbe4
45f0783d5695f7b6bc2b6db15c813d63525bf53fd48021c818ed4ed220c7074c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4777abea809d6574822327d56f94fb8b8a4baedb9ca7a29e7aee17913050206a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0eaa2887a0752b226940babcf52d8041babb181409b1bc233137e625bfd455
4ca37aa2c5511db7747f57cdbdbfc96022d2054698ca3e11e02a2e69ff26d2ac
4dddbd75aae683d703289ec0c0d14f791e9285af8f124a5bf8c5b9d17a24fd8c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2e744787dcdfb50e0aa6ff2612e5531fb7b13334f5636216fb87fb49986f2d
4fba598f7eee7d6651ad38985c28f9dc117cc2f0c2b267cce44a7f93759bd813
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5267fb78ebb1af0730b1e660299c978ab45d465bb65f019295b6c5760da3c155
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
685710469e7e92df44c15f49b547f66291de983053e19aff7ee6df3d565ada75
6a0304164cbff2fa43fb73160ea87a974f247d534b1437678f713d09f83aad04
6a3927be1166e16288f5a301bf613d342a190cf72c44fa295a6a3c681d671449
6a77560cffb10516a81a0ecd03a1d373fd4d5778d6e6f3a59058d925d91b483d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d63b0b79030bde5eb98873c6d8130108ad659dd95127c5b7d8757a3bc234461
6e232ec73b57ae121611a53388b54b85b5f44b1570359abdd812a618bb14eeeb
74ea84d9065e82974181afa0b7c705ae00631db9afe091361a0cecbc9a9cbb45
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7d55d36ab7029a3ac11096692671cdfc36fa8446e8cf7584fc23de06074b0f85
7d94ee1100c5378980496ac42ea7fbfc48043b958cb778973a72fc105b119afd
841b233f7a53cf61a78a7d33ddab35b6e87a782a721d92c5f76d44f6e8dc78c1
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8833f7d490882a64e4f53ef446e81ddbf4962073052d526b00a35a92193061b7
8bb2fbe42f45b577fc3a4698eadb4550cf1ae26956b1b15e2a2d10fad0c5470b
8dd50510bd8e9cc6751f2e2404f6aaf786b70fffe0dd2efc6e0357aab1fbb501
917e3718d4cc1ef390dcd8887ea8b181f9a74eff0928c3a0e9182e26d9eefbd6
92c284b7367738bfd6e8e319d460e70f30a6ad4fc714ee9247b43515b2fc56ea
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97ba4a1b5e275f47dd46121275bd0148ac3be43bb1b302613a4d06923a50fb18
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a39a8fca170c2500aa3a659d9628cfe602522d33191ef0a9ba395d315b49452b
a404838db34111ed9bcf60d6afc7ee7ef9e32d340910da882b16e2a8fda37d27
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c61d4c30e1d5dfab6fcab843dd3aa7402ae59a8a5a33c265e42bd755a418b1
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
acdb621b0fbd1d909a8820fdd12947c86a55bdbbca0c2566036bb3a76b5e68ce
ad3982f84e4bf4a47e0dc56bf1eb9943d894de5da942cbc048f5e464fa936d69
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ae2b6e18b41021f4d35139f67ba892e95634502399fe3a380ed9a3cc61851553
af848f4cfd4ca713e249c26e739c5da98ce59a9b38f5e7811f41ad2605123ba7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5519186c49ce5973bde69e1a301f8f2f467c12e315cf8b795a171227438dd34
bafcb6ab81bdb8dbb3c36883f4ccf3bc15d5e89ebeccb43b34515d61dd8819e5
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc17bc7bd77c3964e9d71c2df3f1e6a70437059ba2ee261f21d6fd54f964c57c
c22670130ada83d3b1e1ff43d22ecac77ad75418a87b1282930657e0675d9d5f
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444
c9b76d39f9739c047438805aefe7bd9c08fb945161ed7e4a0351af3acc6fc4c6
cb511816e2641b5d54a718b6d2b6e2be81a51cd9a5df9ce627cf915d124a4e16
ce3158f1fc0138d17fa3fc4d8c43b45b652fd27820cf1680b9fdc7a2246b6e6f
cee56830bd97eb6646fe94464e9cb12eeb8ab34f4d1ad1e44d9068bb821dc525
d8cb0767a020f6bbaeaa4b08d4eeabf9c06ced5dc1cb282a7a14f6a5a8b0f15f
da230f6d6621816f59f4a97027c81452344f22f7411c49844893a1d14a3e63e2
dc19e3507f31173b5df84b7bfd3880b06c5e91e2afed7dd347bec9a3d86ca02f
dd9dae49cf9a5c7a0fee94dde16f228113106cf36275bd303b0756544077d2fe
ddcdcee860870f3376e2bbd699c7ee6100b0b207a44052354393254c72c37506
deffde294e38d19eeed24a094f5a9677a95e21f2681d6b7fbb7e56a264509796
e1f59335e7fd8eabb3ebe8724084b8ec13726c5c8c0bbf32fa1d3afbbb7bbecc
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecd5dd4ce320f783a40597f79027f2187cbe41497a923f25305b98665bfe9b3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f227901ef48ac4d1fe4cc6ed0dbce99e6b38969babe5e05da2dfb33521b02944
fcb00da3e77b86ca717f603907f0e4852d31d6df7db999e2076cad4c1f3be182
fdeeb9cf506fbe7702b09d10043882e8169788b432506c0fdd8467ee8548a7ed

risu.ua Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

93 %HTTPS

58 %IPv6

23 Domains

38 Subdomains

30 IPs

7 Countries

3661 kBTransfer

6888 kBSize

22 Cookies

4 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

risu.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

93 %
HTTPS

58 %
IPv6

23
Domains

38
Subdomains

30
IPs

7
Countries

3661 kB
Transfer

6888 kB
Size

22
Cookies

158 HTTP transactions
3 data transactions