Submitted URL: http://delegation-sante.com/r.php?v=dD1jJmQ9MTQ0NjcmbD0yODYxJmM9NTc3ODk1
Effective URL: https://riftv.net/13915.html
Submission: On August 17 via api from BE

Summary

This website contacted 33 IPs in 7 countries across 28 domains to perform 130 HTTP transactions. The main IP is 109.234.160.166, located in France and belongs to O2SWITCH, FR. The main domain is riftv.net.
TLS certificate: Issued by R3 on August 11th 2021. Valid for: 3 months.
This is the only time riftv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.161.131.47 16276 (OVH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
16 109.234.160.166 50474 (O2SWITCH)
29 2600:9000:210... 16509 (AMAZON-02)
5 192.0.77.37 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 18.159.80.129 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 91.228.74.133 16509 (AMAZON-02)
2 2a03:2880:f14... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 172.217.16.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.75.88.209 16625 (AKAMAI-AS)
1 2a03:2880:f02... 32934 (FACEBOOK)
3 192.0.76.3 2635 (AUTOMATTIC)
3 185.29.132.242 30419 (MEDIAMATH...)
3 192.0.77.2 2635 (AUTOMATTIC)
1 138.201.63.157 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
1 4 78.46.23.46 24940 (HETZNER-AS)
1 1 18.195.172.136 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 54.36.108.3 16276 (OVH)
130 33
Apex Domain
Subdomains
Transfer
29 ezoiccdn.com
sf.ezoiccdn.com
242 KB
16 riftv.net
riftv.net
172 KB
15 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
20 KB
11 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
144 KB
11 wp.com
c0.wp.com
pixel.wp.com
i0.wp.com
i2.wp.com
159 KB
10 google.com
www.google.com
fundingchoicesmessages.google.com
adservice.google.com
90 KB
7 ezoic.net
g.ezoic.net
39 KB
5 redintelligence.net
hal9000.redintelligence.net
hal900023.redintelligence.net
10 KB
4 mathtag.com
tags.mathtag.com
pixel.mathtag.com
3 KB
3 google.de
www.google.de
adservice.google.de
1 KB
3 facebook.com
www.facebook.com
graph.facebook.com
13 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 openx.net
rtb.openx.net
765 B
2 googletagservices.com
www.googletagservices.com
65 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 gstatic.com
fonts.gstatic.com
43 KB
1 contentspread.net
cdn.contentspread.net
77 KB
1 innovid.com
ag.innovid.com
297 B
1 rubiconproject.com
pixel.rubiconproject.com
461 B
1 agkn.com
d.agkn.com
761 B
1 pinterest.com
api.pinterest.com
378 B
1 googleadservices.com
partner.googleadservices.com
655 B
1 quantcount.com
rules.quantcount.com
429 B
1 googletagmanager.com
www.googletagmanager.com
41 KB
1 googleapis.com
fonts.googleapis.com
830 B
1 itsssl.com
itsssl.com
765 B
1 delegation-sante.com
delegation-sante.com
347 B
130 28
Domain Requested by
29 sf.ezoiccdn.com riftv.net
g.ezoic.net
16 riftv.net riftv.net
sf.ezoiccdn.com
9 googleads.g.doubleclick.net sf.ezoiccdn.com
pagead2.googlesyndication.com
riftv.net
7 pagead2.googlesyndication.com sf.ezoiccdn.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 g.ezoic.net riftv.net
g.ezoic.net
6 fundingchoicesmessages.google.com pagead2.googlesyndication.com
5 cm.g.doubleclick.net googleads.g.doubleclick.net
5 c0.wp.com riftv.net
4 hal900023.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900023.redintelligence.net
4 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 pixel.wp.com
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 i0.wp.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google.com riftv.net
tpc.googlesyndication.com
2 www.facebook.com g.ezoic.net
www.facebook.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 cdn.contentspread.net hal900023.redintelligence.net
1 ag.innovid.com googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net riftv.net
1 i2.wp.com
1 graph.facebook.com sf.ezoiccdn.com
1 api.pinterest.com sf.ezoiccdn.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.quantserve.com riftv.net
1 rules.quantcount.com secure.quantserve.com
1 www.google.de riftv.net
1 stats.g.doubleclick.net www.google-analytics.com
1 secure.quantserve.com g.ezoic.net
1 www.googletagmanager.com riftv.net
1 fonts.googleapis.com riftv.net
1 itsssl.com 1 redirects
1 delegation-sante.com 1 redirects
130 42

This site contains no links.

Subject Issuer Validity Valid
riftv.net
R3
2021-08-11 -
2021-11-09
3 months crt.sh
*.ezoiccdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-29 -
2021-10-28
2 years crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
upload.video.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
ezoic.net
R3
2021-07-22 -
2021-10-20
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
www.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.google.de
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-07-12 -
2021-10-04
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA
2020-04-15 -
2022-04-22
2 years crt.sh
redintelligence.net
R3
2021-06-21 -
2021-09-19
3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA
2021-06-29 -
2022-07-07
a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh
contentspread.net
R3
2021-08-03 -
2021-11-01
3 months crt.sh

This page contains 15 frames:

Primary Page: https://riftv.net/13915.html
Frame ID: 17D7330AE6193836B7709CB63D88E8B0
Requests: 102 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Friftv.live&tabs=timeline&width=340&height=800&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=619091992291442
Frame ID: 06D78C11B45892CAD198C7B18C05228D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: 735DD9AB41C4A1C0FD72A9A3AA1B5068
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1629171694&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Friftv.net%2F13915.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694564&bpp=3&bdt=5418&idt=96&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338567251340&frm=20&pv=2&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: 81C72716EEB79313D063785F52F38345
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 36AF0421E137ABA491FD43E836DDCC7E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D8A0CFA1A6A6E19732818ED329AF9EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Frame ID: ACD392F59B6ADED4A5961DEE77429E5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=1007504430&pi=t.aa~a.880195255~i.2~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280&nras=3&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vk5YENhyVA&p=https%3A//riftv.net&dtd=61
Frame ID: 138CB77004521024DED1DC45F0712DC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=852461872&pi=t.aa~a.880195255~i.3~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280&nras=4&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jcnwhq1uCX&p=https%3A//riftv.net&dtd=65
Frame ID: 0A0EEDF92501E3405D7A2CA6DC3F730B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=1791531168&pi=t.aa~a.880195255~i.5~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280&nras=5&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Rb7C3dmiH1&p=https%3A//riftv.net&dtd=68
Frame ID: 59CEA4B80383D193085A3A458828F58C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=4206485171&pi=t.aa~a.880195255~i.6~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280%2C620x280&nras=6&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=p80JEGcjLI&p=https%3A//riftv.net&dtd=72
Frame ID: 26EFFF95AE8D5215778AFD948FF6546C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=125&adk=1764658282&adf=2437768995&pi=t.aa~a.2420967575~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1629171695&rafmt=1&to=qs&pwprc=4689011020&tp=site_kit&psa=0&format=310x125&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=1&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280%2C620x280%2C620x280&nras=7&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=FMZfDGpqix&p=https%3A//riftv.net&dtd=76
Frame ID: 146838E54DE8A1CF8A3E3112CEB6E185
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C5Ves7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEtgFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjMn-1snMSLsu82ef-c_cAbu6wIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ3ODY3MzI1MzAzODAxODAYAA&sigh=s6liHdDbs7o&tpd=AGWhJmuLB5IN8yUBzgquURIB5r9xD1H0a9WmUkQfCQlvsrSyHkjWZ7-KFWZm5MLFU9Q8KEkZ-sHEHxhc5tLqBBPP8etq5nV01WCgBgGDdtsvO4B46QjOMqf1b46F_ptlWcGTlsx8eFLqEgVF2_n9ZKWPqdnUZ6_PAEn_RvB-KsdYnVDMoTLN6Yw95P220UYnOjVNUMv57VR0dSRQhpXlbEaFmlLddP3Gz-nCDQa10yfDgMx-9WLPeIXvYOOAu7Z0bFmhzeeDdQZvOELfSAB-84aLfaXglgN4PxE_4lErrEOSTIe6_a9h0WE5d8qARpEOhsUNpM5oMwqtC6N-PpmiCEKzGM4Jtlx7b-1QqCNFGpkTpMmd6t7XqrXqjidg0o3Eq36ig73QplX4zmlfdKvJAyUE0K6tROltIXkFUREjqPjqf3p_W17s1alxUnRv5GzYexqgwvPZ-7AC6plVqH56Da6tOdaZXM5sAMO6oeMafn9isKx7cLKPafzWcPC_DtUILuyi3ycB_oPk1KLf9sJKIPn4qfpSxuqUtRbYiUxReCG6WISt16-qd4hDQFIsEymz7Mrqb55ku27CyOkR5sJR4cNWgvMSZFQxxv_AYEhsfAYVv_Nurigv6i_Wb9KNB4qpLbgACaIx8bitBGcZevRDp28X1-OHoEsW5r1P_BRu6uA9c6ALi7omJHP7AHtmG3ucWTIX978qtIq8rZfs8DgrLqLLXsFfxZeoM1hvPuPMknH083AWD_a9tM4p1ae-gTP9ReGTlvO-5bsJPYzu_ItrqZBDHH6F-JIyda1GulkeQqq7tDYqdFOA50_49WKPyE31Dlu85UY8x9JY-ZM3ALfnh3CbogJhz7Zw8pY6wQL-KYJYluDkH7FAZfpPZRn8FfOR6GQEnzOjwv_UHKgqMGBFIet65uy3TgrTeD3WHpdhCf7k217DDI_cB0TrcX007Z7cGIX76HNL26Oibnt8pPRDnbtwYjhmHFwpPUz3709Wmm-fEGV80jVOX9vVMpXHUotRAnxLypkYk0nnr1FE9Fu0XB_Q6m-R63lY3VMFtBhACWoJI3U5buADeenqSAhnMeAw2IQ
Frame ID: 8E875B6B3F72A4B2D19E9155D3824813
Requests: 11 HTTP requests in this frame

Frame: https://hal900023.redintelligence.net/request_content.php?s=34978300012357000951407011689023&a=2a097962
Frame ID: 289FF4D7CF0AC7230294B43AC2FCFD69
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB375A91892F5AC047BBCD49D4418C0C
Requests: 9 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://delegation-sante.com/r.php?v=dD1jJmQ9MTQ0NjcmbD0yODYxJmM9NTc3ODk1 HTTP 302
    https://itsssl.com/Shb5t?sub1=1&sub2=14467&sub3=40&sub4=2861&sub5=577895 HTTP 301
    https://riftv.net/13915.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

130
Requests

99 %
HTTPS

53 %
IPv6

28
Domains

42
Subdomains

33
IPs

7
Countries

1154 kB
Transfer

2727 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://delegation-sante.com/r.php?v=dD1jJmQ9MTQ0NjcmbD0yODYxJmM9NTc3ODk1 HTTP 302
    https://itsssl.com/Shb5t?sub1=1&sub2=14467&sub3=40&sub4=2861&sub5=577895 HTTP 301
    https://riftv.net/13915.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120
  • https://hal900023.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=89d93b76e7&subid=&uid=607b283e147fa1f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6187370770952432275%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_cid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%2526client%253Dca-pub-4786732530380180%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-4786732530380180%26output%3Dhtml%26h%3D280%26adk%3D2681345953%26adf%3D634733667%26pi%3Dt.aa~a.880195255~i.1~rp.4%26w%3D620%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1629171694%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4689011020%26tp%3Dsite_kit%26psa%3D0%26ad_type%3Dtext_image%26format%3D620x280%26url%3Dhttps%253A%252F%252Friftv.net%252F13915.html%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D155%26rw%3D620%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1629171694974%26bpp%3D3%26bdt%3D5828%26idt%3D-M%26shv%3Dr20210812%26mjsv%3Dm202108100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D08741881cc88d9fd-229d17faacc90033%253AT%253D1629171694%253ART%253D1629171694%253AS%253DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D8338567251340%26frm%3D20%26pv%3D1%26ga_vid%3D2131205262.1629171689%26ga_sid%3D1629171695%26ga_hid%3D1669268315%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D322%26ady%3D1302%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066429%252C20211866%252C31062297%26oid%3D3%26pvsid%3D465524733194050%26eae%3D0%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dhn4kM2k3Pa%26p%3Dhttps%253A%2F%2Friftv.net%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Friftv.net&random=2471830557137&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900023.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=89d93b76e7&subid=&uid=607b283e147fa1f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6187370770952432275%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_cid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%2526client%253Dca-pub-4786732530380180%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-4786732530380180%26output%3Dhtml%26h%3D280%26adk%3D2681345953%26adf%3D634733667%26pi%3Dt.aa~a.880195255~i.1~rp.4%26w%3D620%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1629171694%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4689011020%26tp%3Dsite_kit%26psa%3D0%26ad_type%3Dtext_image%26format%3D620x280%26url%3Dhttps%253A%252F%252Friftv.net%252F13915.html%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D155%26rw%3D620%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1629171694974%26bpp%3D3%26bdt%3D5828%26idt%3D-M%26shv%3Dr20210812%26mjsv%3Dm202108100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D08741881cc88d9fd-229d17faacc90033%253AT%253D1629171694%253ART%253D1629171694%253AS%253DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D8338567251340%26frm%3D20%26pv%3D1%26ga_vid%3D2131205262.1629171689%26ga_sid%3D1629171695%26ga_hid%3D1669268315%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D322%26ady%3D1302%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066429%252C20211866%252C31062297%26oid%3D3%26pvsid%3D465524733194050%26eae%3D0%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dhn4kM2k3Pa%26p%3Dhttps%253A%2F%2Friftv.net%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Friftv.net&random=2471830557137&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 125
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJnk-9V8d0ty_GABgTiEUTg&google_cver=1&google_push=AYg5qPJm9C095y7mg579pVYn_lpwDkW32EbfQieW88F85Ngcd9rHmmoXus0FeXNiVVT_nFT54qRDCBLMyhVKH_UOO0BU1x-WdIxHAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJm9C095y7mg579pVYn_lpwDkW32EbfQieW88F85Ngcd9rHmmoXus0FeXNiVVT_nFT54qRDCBLMyhVKH_UOO0BU1x-WdIxHAw&google_hm=Q0FFU0VKbmstOVY4ZDB0eV9HQUJnVGlFVVRn
Request Chain 126
  • https://rtb.openx.net/sync/dds?google_gid=CAESENZelQGSE_pvul0KqA_iM6M&google_cver=1&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3IQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESENZelQGSE_pvul0KqA_iM6M&google_cver=1&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3IQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3IQ&google_hm=XUebgWjayroyhzHfz2Ia6g==
Request Chain 127
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHwIFW21DqJ_t7RsOzCfeR8&google_cver=1&google_push=AYg5qPKkKNhhg01Ib75US2ywISwGpf6s_TUzhaI5xlWGcHloZDDaHJxFGpXZSvQ6sCriJgF2KHBVlmjA4mfoajJwz6Ye73TdVC_g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHwIFW21DqJ_t7RsOzCfeR8&google_cver=1&google_push=AYg5qPKkKNhhg01Ib75US2ywISwGpf6s_TUzhaI5xlWGcHloZDDaHJxFGpXZSvQ6sCriJgF2KHBVlmjA4mfoajJwz6Ye73TdVC_g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MYbeuKn7RAq1gAQvfnivQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKkKNhhg01Ib75US2ywISwGpf6s_TUzhaI5xlWGcHloZDDaHJxFGpXZSvQ6sCriJgF2KHBVlmjA4mfoajJwz6Ye73TdVC_g
Request Chain 128
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJqm3KP_3PYb_BDbnYTCkRk&google_cver=1&google_push=AYg5qPIzl5PoErleT-mr5o87XRcb-1yZuTwsSkK7fjRer626mYck_oaKsYP52y3vRfxc1EwDLvXJF0PpBxp03Wgmxu3olcvzJ5s7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NGSVJIUzAtMUYtOFNORw==&google_push=AYg5qPIzl5PoErleT-mr5o87XRcb-1yZuTwsSkK7fjRer626mYck_oaKsYP52y3vRfxc1EwDLvXJF0PpBxp03Wgmxu3olcvzJ5s7
Request Chain 129
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_cver=1&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A

130 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 13915.html
riftv.net/
Redirect Chain
  • http://delegation-sante.com/r.php?v=dD1jJmQ9MTQ0NjcmbD0yODYxJmM9NTc3ODk1
  • https://itsssl.com/Shb5t?sub1=1&sub2=14467&sub3=40&sub4=2861&sub5=577895
  • https://riftv.net/13915.html
131 KB
25 KB
Document
General
Full URL
https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 / PHP/7.4.22
Resource Hash
7993120cc0fe72682d787a28c9e0e6fa013c14907e114f8265ce605509b7a112

Request headers

:method
GET
:authority
riftv.net
:scheme
https
:path
/13915.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=0, must-revalidate, no-cache, no-store
display
orig_site_sol
expires
Mon, 16 Aug 2021 03:41:28 GMT
link
<https://wp.me/pcGQey-3Cr>; rel=shortlink
pagespeed
off
x-ez-minify-html
11.86% 134425 / 152514
x-middleton-display
orig_site_sol
x-pingback
https://riftv.net/xmlrpc.php
x-powered-by
PHP/7.4.22
x-sol
orig
set-cookie
ezoadgid_286900=-1; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 04:11:28 UTC ezoref_286900=; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 05:41:28 UTC ezoab_286900=mod32-c; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 05:41:28 UTC lp_286900=https://riftv.net/13915.html; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 04:11:28 UTC ezovuuidtime_286900=1629171688; Path=/; Domain=riftv.net; Expires=Thu, 19 Aug 2021 03:41:28 UTC ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 04:11:28 UTC ezopvc_286900=1; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 04:11:28 UTC ezCMPCCS=true; Path=/; Domain=riftv.net; Expires=Wed, 17 Aug 2022 03:41:29 GMT
server
o2switch-PowerBoost-v3
content-encoding
br

Redirect headers

date
Tue, 17 Aug 2021 03:41:26 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
set-cookie
PHPSESSID=i4sjhar6mlu538juti2p253n35; path=/ short_Shb5t=1; expires=Tue, 17-Aug-2021 04:11:26 GMT; Max-Age=1800; path=/; httponly
location
https://riftv.net/13915.html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FlKMSnmDZFnQyT8%2F%2BcckffWxRfeZl2mjabNIyKagpOGFE563UzRSkSejYohfu4XPK78c7PySg1rDj2JUBS8cIkfjaQInNU6NHDtGMErCYbU9UgnhPS9fWUmsnt6t%2Bmhzs5W9VjF3788"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
67ffe302589242fd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
nazem-kadri-colorado-avalanche-081920-getty-ftrjpeg_1hnw6k0r9yrn017ox4og00igbh.jpg
sf.ezoiccdn.com/ezoimgfmt/i0.wp.com/riftv.net/wp-content/uploads/2021/05/
16 KB
17 KB
Image
General
Full URL
https://sf.ezoiccdn.com/ezoimgfmt/i0.wp.com/riftv.net/wp-content/uploads/2021/05/nazem-kadri-colorado-avalanche-081920-getty-ftrjpeg_1hnw6k0r9yrn017ox4og00igbh.jpg?ezimgfmt=ng%3Awebp%2Fngcb2%2Frs%3Adevice%2Frscb2-1&is-pending-load=1&resize=660%2C330&ssl=1
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e63e29bf8100b5560e2574cf7d44637b405c9235a02f8e09c6cc7b52bb1b213d

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:19:43 GMT
content-encoding
gzip
age
102341
x-amzn-requestid
b1cd51a8-ac9c-49e2-a123-765cf2827951
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
x-amz-apigw-id
EIX1uHrcoAMF4Eg=
x-amz-cf-id
yHclr00L3RDFhiHAPGg0LTF6cwjAS6QyGGGaiFJ6XNShW7FNmVi04w==
response
200
x-ez-proxy-out
true 2.3
server
nginx
x-amzn-trace-id
Root=1-6119a024-5de6eab771b8a7e37aeed0fe;Sampled=0
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
via
1.1 2125e078e0211a418e353b9df974d88b.cloudfront.net (CloudFront), 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUB2-C1, AMS1-C1
access-control-allow-headers
Content-Type, Authorization
display
staticcontent_sol, staticcontent_sol
style.min.css
c0.wp.com/c/5.8/wp-includes/css/dist/block-library/
79 KB
10 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/5.8/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
last-modified
Mon, 19 Jul 2021 00:56:57 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 17 Aug 2022 03:41:29 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8/wp-includes/js/mediaelement/
11 KB
2 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/5.8/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 17 Aug 2022 03:41:29 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://c0.wp.com/c/5.8/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 17 Aug 2022 03:41:29 GMT
styles.css
riftv.net/wp-content/plugins/contact-form-7/includes/css/
3 KB
963 B
Stylesheet
General
Full URL
https://riftv.net/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-encoding
br
last-modified
Sun, 18 Jul 2021 21:12:44 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
style.css
riftv.net/wp-content/plugins/taqyeem-buttons/assets/
4 KB
1 KB
Stylesheet
General
Full URL
https://riftv.net/wp-content/plugins/taqyeem-buttons/assets/style.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1

Request headers

:path
/wp-content/plugins/taqyeem-buttons/assets/style.css
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 01:32:20 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
style.css
riftv.net/wp-content/plugins/taqyeem/
7 KB
2 KB
Stylesheet
General
Full URL
https://riftv.net/wp-content/plugins/taqyeem/style.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
e7791dbbce31f833b0b36d940413aa7d175af11fa62d6357f5f555e1d552cb95

Request headers

:path
/wp-content/plugins/taqyeem/style.css
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 01:32:19 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
wp-automatic.css
riftv.net/wp-content/plugins/wp-automatic/css/
3 KB
676 B
Stylesheet
General
Full URL
https://riftv.net/wp-content/plugins/wp-automatic/css/wp-automatic.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

:path
/wp-content/plugins/wp-automatic/css/wp-automatic.css
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-encoding
br
last-modified
Fri, 09 Apr 2021 20:46:30 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
style.css
riftv.net/wp-content/themes/sahifa/
196 KB
34 KB
Stylesheet
General
Full URL
https://riftv.net/wp-content/themes/sahifa/style.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash

Request headers

:path
/wp-content/themes/sahifa/style.css
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
skin.css
riftv.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/
7 KB
1 KB
Stylesheet
General
Full URL
https://riftv.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

:path
/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-encoding
br
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
css
fonts.googleapis.com/
806 B
830 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans:700,regular&display=optional
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06846dba8a4d1e730d69fa533570d270e8185ba7ae036820c9d4ed35c7aa28da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 02:42:02 GMT
server
ESF
date
Tue, 17 Aug 2021 03:41:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 17 Aug 2021 03:41:29 GMT
social-logos.min.css
c0.wp.com/p/jetpack/10.0/_inc/social-logos/
12 KB
8 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/10.0/_inc/social-logos/social-logos.min.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
last-modified
Tue, 30 Jun 2020 14:24:10 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 17 Aug 2022 03:41:29 GMT
jetpack.css
c0.wp.com/p/jetpack/10.0/css/
85 KB
16 KB
Stylesheet
General
Full URL
https://c0.wp.com/p/jetpack/10.0/css/jetpack.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
last-modified
Tue, 03 Aug 2021 16:19:12 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 17 Aug 2022 03:41:29 GMT
soccer-info-front.css
riftv.net/wp-content/plugins/soccer-info/css/
12 KB
2 KB
Stylesheet
General
Full URL
https://riftv.net/wp-content/plugins/soccer-info/css/soccer-info-front.css
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
6488dfa2efd57445f30050510665ebb17f4345c2c62214f88e408a82154e276e

Request headers

:path
/wp-content/plugins/soccer-info/css/soccer-info-front.css
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
content-encoding
br
last-modified
Mon, 04 Jan 2021 00:03:47 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
BebasNeue-webfont.woff
riftv.net/wp-content/themes/sahifa/fonts/BebasNeue/
20 KB
20 KB
Font
General
Full URL
https://riftv.net/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

sec-fetch-mode
cors
origin
https://riftv.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
:path
/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://riftv.net
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
19996
content-type
font/woff
fontawesome-webfont.woff2
riftv.net/wp-content/themes/sahifa/fonts/fontawesome/
70 KB
70 KB
Font
General
Full URL
https://riftv.net/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash

Request headers

sec-fetch-mode
cors
origin
https://riftv.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
:path
/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://riftv.net
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
71896
content-type
font/woff2
fontello.woff
riftv.net/wp-content/themes/sahifa/fonts/tiefont/
6 KB
6 KB
Font
General
Full URL
https://riftv.net/wp-content/themes/sahifa/fonts/tiefont/fontello.woff
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash

Request headers

sec-fetch-mode
cors
origin
https://riftv.net
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
:path
/wp-content/themes/sahifa/fonts/tiefont/fontello.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://riftv.net
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
6332
content-type
font/woff
js
www.googletagmanager.com/gtag/
101 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186817945-1
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
db9f29f97fa768125e9f646e53f5a9271dff55ccf5f6d15126768d8749766880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41013
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Aug 2021 03:41:29 GMT
cmbv2.js
g.ezoic.net/detroitchicago/
103 KB
29 KB
Script
General
Full URL
https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b45a1e86cd070e041e8a80406c0455ed660af03734518ad2eb122a031a56813a

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1862eda84fdc62c14eb3baaf7f70f8d2eeb1e0d41d9f133d4d2eb65f23e0ffd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b18be65ecdd361acdd321f5c89b3ba9a3d34c5202526bec83a70aaaad74e649c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55af0bd0a8bcedb984d0d75fc571ecee29b27c546f0b4a371ed9ed8a2baf60a1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
71 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0f1490a560b8fa0539cc122b88b74b8b1502275bc556fa9656989d1527b0d53

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
body-bg1.png
sf.ezoiccdn.com/ezoimgfmt/riftv.net/wp-content/themes/sahifa/images/patterns/
5 KB
6 KB
Image
General
Full URL
https://sf.ezoiccdn.com/ezoimgfmt/riftv.net/wp-content/themes/sahifa/images/patterns/body-bg1.png?ezimgfmt=ng%3Awebp%2Fngcb2
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bc8ad11ba11bc2194ac139f62888d05ba7ab4608f238f62de254ce113fa440d2

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:51 GMT
content-encoding
gzip
age
103072
x-amzn-requestid
8acdd15e-48fa-44c3-adf7-c61f97e36df5
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
x-amz-apigw-id
EIWDSHhlIAMFoZw=
x-amz-cf-id
YZEf2lajr1H4Stwv5Azz_OBussIIUuPDELFvdObD0g_ngmvwxSjwAg==
response
200
x-ez-proxy-out
true 2.3
server
nginx
x-amzn-trace-id
Root=1-61199d48-54316c256db229926b536391;Sampled=0
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
via
1.1 674e965f3d2af64c7723a159d4fcb6b5.cloudfront.net (CloudFront), 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
LHR52-C1, AMS1-C1
access-control-allow-headers
Content-Type, Authorization
display
staticcontent_sol, staticcontent_sol
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd60495c3c07a7fd25f0aa2f5383bcd13bfda1bf31ebf7fa5e7e4e66ff1f15dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
ezcl.webp
riftv.net/utilcave_com/inc/
1 KB
1 KB
Script
General
Full URL
https://riftv.net/utilcave_com/inc/ezcl.webp?cb=4
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 / PHP/7.4.22
Resource Hash

Request headers

:path
/utilcave_com/inc/ezcl.webp?cb=4
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:30 GMT
content-encoding
br
x-sol
middleton
server
o2switch-PowerBoost-v3
display
staticcontent_sol
http_code
HTTP/2 200
x-powered-by
PHP/7.4.22
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
staticcontent_sol
cache-control
no-cache, must-revalidate, max-age=0, max-age=86400
x-ez-minify-js
0.00% 1337 / 1337
set-cookie
ezoab_286900=mod32-c; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 05:41:30 UTC ezoadgid_286900=-1; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 04:11:30 UTC ezoref_286900=; Path=/; Domain=riftv.net; Expires=Tue, 17 Aug 2021 05:41:30 UTC
link
<https://riftv.net/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:700,regular&display=optional
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://riftv.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 20:34:01 GMT
x-content-type-options
nosniff
age
25648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 20:34:01 GMT
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/
22 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans:700,regular&display=optional
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://riftv.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 05:19:07 GMT
x-content-type-options
nosniff
age
598942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Aug 2022 05:19:07 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186817945-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1668
date
Tue, 17 Aug 2021 03:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Tue, 17 Aug 2021 05:13:41 GMT
imp.gif
g.ezoic.net/detroitchicago/
43 B
307 B
XHR
General
Full URL
https://g.ezoic.net/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod32-c%22%2C%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A286900%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%227f6fc91e-8c53-4cac-4aa0-3b0e7649f083%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A116388%2C%22response_time_orig%22%3A0%2C%22serverid%22%3A%2215.236.92.98%3A9914%22%2C%22state%22%3A%22ZH%22%2C%22t_epoch%22%3A1629171688%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Friftv.net%2F13915.html%22%2C%22user_id%22%3A0%2C%22visit_uuid%22%3A%22cc21719f-4dca-4219-79dc-b7f938001d69%22%2C%22word_count%22%3A1053%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://riftv.net
x-middleton-display
imp_sol
access-control-max-age
1728000
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-headers
Content-Type
content-length
47
quant.js
secure.quantserve.com/
24 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 24 Aug 2021 03:41:29 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
cmbdv2.js
g.ezoic.net/detroitchicago/
43 KB
10 KB
Script
General
Full URL
https://g.ezoic.net/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-4y0c-5y18-3&cmbcb=20&sj=x03x0cx18
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:29 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
truncated
/
7 KB
7 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
https://riftv.net
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
page.php
www.facebook.com/plugins/ Frame 06D7
14 KB
7 KB
Document
General
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Friftv.live&tabs=timeline&width=340&height=800&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=619091992291442
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Friftv.live&tabs=timeline&width=340&height=800&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=619091992291442
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
DY6UP52McFr4OMXe+VvVyykWdD1v0EckXO+2zlLwYtZ0uh+pypWv2gqJC0WY+zmwlK5JuBpyEHe21HTaqSJnvQ==
date
Tue, 17 Aug 2021 03:41:29 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
logo.png
sf.ezoiccdn.com/ezoimgfmt/riftv.net/wp-content/uploads/2020/03/
7 KB
7 KB
Image
General
Full URL
https://sf.ezoiccdn.com/ezoimgfmt/riftv.net/wp-content/uploads/2020/03/logo.png?ezimgfmt=rs:200x74/rscb2/ng:webp/ngcb2
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:53 GMT
content-encoding
gzip
age
103056
x-amzn-requestid
f3f97b71-87da-4e7e-a48c-4b87a96dff1a
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
x-amz-apigw-id
EIWFsGNuoAMFpfA=
x-amz-cf-id
FcRnX_j5RLn8fhFmGDnDMwnzA6Y-apm_7eZKcc6_X8UlTz0lT0KtTg==
response
200
x-ez-proxy-out
true 2.3
server
nginx
x-amzn-trace-id
Root=1-61199d57-0cbf5fb15fe637be025a1d94;Sampled=0
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
via
1.1 a01be576a23f228f9f3e5ff71c09d934.cloudfront.net (CloudFront), 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
LHR62-C4, AMS1-C1
access-control-allow-headers
Content-Type, Authorization
display
staticcontent_sol, staticcontent_sol
nazem-kadri-colorado-avalanche-081920-getty-ftrjpeg_1hnw6k0r9yrn017ox4og00igbh.jpg
sf.ezoiccdn.com/ezoimgfmt/i2.wp.com/images.daznservices.com/di/library/sporting_news/d4/eb/
15 KB
16 KB
Image
General
Full URL
https://sf.ezoiccdn.com/ezoimgfmt/i2.wp.com/images.daznservices.com/di/library/sporting_news/d4/eb/nazem-kadri-colorado-avalanche-081920-getty-ftrjpeg_1hnw6k0r9yrn017ox4og00igbh.jpg?w=618&is-pending-load=1&ezimgfmt=rs:618x347/rscb2/ng:webp/ngcb2
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 00:24:49 GMT
content-encoding
gzip
age
101929
x-amzn-requestid
db20b91c-06a4-4338-8248-ce24b5a4dd5a
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
x-amz-apigw-id
EIY2HEMmIAMFu8w=
x-amz-cf-id
ptAZhSCHutnw6SioDTvPU-yZK7zLOh9ks6BvSR0OD9yyCVw5D04_zQ==
response
200
x-ez-proxy-out
true 2.3
server
nginx
x-amzn-trace-id
Root=1-6119a1c0-382b2828099b91fb752d5181;Sampled=0
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
via
1.1 ae96bcaff2ef106612e4afc125781cf1.cloudfront.net (CloudFront), 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
LHR62-C4, AMS1-C1
access-control-allow-headers
Content-Type, Authorization
display
staticcontent_sol, staticcontent_sol
home.png
riftv.net/wp-content/themes/sahifa/images/
1022 B
1 KB
Image
General
Full URL
https://riftv.net/wp-content/themes/sahifa/images/home.png
Requested by
Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash

Request headers

:path
/wp-content/themes/sahifa/images/home.png
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
riftv.net
referer
https://riftv.net/wp-content/themes/sahifa/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
1022
content-type
image/png
stripe.png
riftv.net/wp-content/themes/sahifa/images/
93 B
223 B
Image
General
Full URL
https://riftv.net/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash

Request headers

:path
/wp-content/themes/sahifa/images/stripe.png
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
riftv.net
referer
https://riftv.net/wp-content/themes/sahifa/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:28 GMT
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
93
content-type
image/png
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=1669268315&t=pageview&_s=1&dl=https%3A%2F%2Friftv.net%2F13915.html&ul=en-us&de=UTF-8&dt=Blues%20want%20Avalanche%E2%80%99s%20Nazem%20Kadri%20suspended%20for%20dirty%20hit%3A%20%E2%80%98The%20guy%20can%E2%80%99t%20control%20himself%E2%80%99%20%E2%80%93%20RIFTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=2098724166&gjid=1419023509&cid=2131205262.1629171689&tid=UA-186817945-1&_gid=834587389.1629171689&_r=1&gtm=2ou8g0&did=dZTNiMT&z=627144665
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
430 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-186817945-1&cid=2131205262.1629171689&jid=2098724166&gjid=1419023509&_gid=834587389.1629171689&_u=YGBACUAABAAAAC~&z=818949682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 17 Aug 2021 03:41:29 GMT
content-type
text/plain
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
7expTFhmPeK.css
www.facebook.com/rsrc.php/v3/yw/l/0,cross/ Frame 06D7
18 KB
5 KB
Stylesheet
General
Full URL
https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/7expTFhmPeK.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Friftv.live&tabs=timeline&width=340&height=800&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=619091992291442
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Friftv.live&tabs=timeline&width=340&height=800&small_header=true&adapt_container_width=true&hide_cover=true&show_facepile=true&appId=619091992291442
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 17:55:44 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
N1NdDz155En/AvJohkVraQ==
cross-origin-resource-policy
cross-origin
content-length
4757
x-fb-rlafr
0
x-fb-debug
OstOx8TDiLXVCmIX4FxdLHyoWVFtElTa1BrtxIZ9wJTfS1iH0TC4m2ij3nmRK744/QXe97l4fFC8lumROx4sHA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 16 Aug 2022 17:55:44 GMT
ga-audiences
www.google.com/ads/
42 B
522 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-186817945-1&cid=2131205262.1629171689&jid=2098724166&_u=YGBACUAABAAAAC~&z=763099538
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
522 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-186817945-1&cid=2131205262.1629171689&jid=2098724166&_u=YGBACUAABAAAAC~&z=763099538
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
marcao-galatasaray-august-16-2021_1d8qeh431ijt913e9qjdupuchk.jpg
sf.ezoiccdn.com/ezoimgfmt/i0.wp.com/riftv.net/wp-content/uploads/2021/08/
10 KB
10 KB
Image
General
Full URL
https://sf.ezoiccdn.com/ezoimgfmt/i0.wp.com/riftv.net/wp-content/uploads/2021/08/marcao-galatasaray-august-16-2021_1d8qeh431ijt913e9qjdupuchk.jpg?resize=310%2C165&ssl=1&ezimgfmt=ng:webp/ngcb2
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:17:52 GMT
content-encoding
gzip
age
12217
x-amzn-requestid
32dc7898-7648-4dae-9ab1-989e52cd112c
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol, staticcontent_sol
x-middleton-response
200
x-amz-apigw-id
ELz3qF8zIAMFq_g=
x-amz-cf-id
EK7SQrfNTJTtalSeah2ZPKU7SMi0yqsVlkkN2WsbkhiCRYw3Uqy32Q==
response
200
x-ez-proxy-out
true 2.3
server
nginx
x-amzn-trace-id
Root=1-611b0030-54dae2a813d9049d318c7271;Sampled=0
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
via
1.1 7cc768c02829be4992a4bdd9e297031b.cloudfront.net (CloudFront), 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
LHR52-C1, AMS1-C1
access-control-allow-headers
Content-Type, Authorization
display
staticcontent_sol, staticcontent_sol
rules-p-31iz6hfFutd16.js
rules.quantcount.com/
3 B
429 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:48:44 GMT
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
age
21166
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-amz-cf-id
eiK_TuVfQV1kpV3ZkoGN8jNMwkSvbOsYrEB0ozuRCFyqqcQm3OljIg==
pixel;r=2106166787;labels=Domain.riftv_net%2CDomainId.286900;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Friftv.net%2F13915.html;uht=2;fpan=1;fpa=P0-318660226-1629171689737;pbcn=u;pbc=;ns=0;ce=1;qjs=1;...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2106166787;labels=Domain.riftv_net%2CDomainId.286900;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Friftv.net%2F13915.html;uht=2;fpan=1;fpa=P0-318660226-1629171689737;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=riftv.net;je=0;sr=1600x1200x24;dst=1;et=1629171689736;tzo=-120;ogl=title.Blues%20want%20Avalanche%E2%80%99s%20Nazem%20Kadri%20suspended%20for%20dirty%20hit%3A%20%E2%80%98The%20guy%20can%E2%80%99t%20contr%2Ctype.article%2Cdescription.Nazim%20Kadri%20added%20another%20over-the-line%20hit%20to%20his%20resume%20Wednesday%20night%252E%20In%20th%2Curl.https%3A%2F%2Friftv%252Enet%2F13915%252Ehtml%2Csite_name.RIFTV%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2Friftv%252Enet%2Fwp-content%2Fuploads%2F2021%2F05%2Fnazem-kadri-colorado-aval%2Curl.https%3A%2F%2Friftv%252Enet%2F13915%252Ehtml%2F%2Csite_name.RIFTV%2Clocale.en_US%2Ctype.article%2Ctitle.Blues%20want%20Avalanche's%20Nazem%20Kadri%20suspended%20for%20dirty%20hit%3A%20'The%20guy%20can't%20contr%2Cdescription.Nazim%20Kadri%20added%20another%20over-the-line%20hit%20to%20his%20resume%20Wednesday%20night%252E%20In%20th%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2Friftv%252Enet%2Fwp-content%2Fuploads%2F2021%2F05%2Fnazem-kadri-colorado-aval%2Cimage%3Asecure_url.https%3A%2F%2Fi0%252Ewp%252Ecom%2Friftv%252Enet%2Fwp-content%2Fuploads%2F2021%2F05%2Fnazem-kadri-colorado-aval
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cl.gif
g.ezoic.net/detroitchicago/
43 B
151 B
Image
General
Full URL
https://g.ezoic.net/detroitchicago/cl.gif?pvID=7f6fc91e-8c53-4cac-4aa0-3b0e7649f083&dID=286900
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:30 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
47
e-202133.js
sf.ezoiccdn.com/ezossp/https/stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/stats.wp.com/e-202133.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 00:00:10 GMT
content-encoding
gzip
age
99684
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
MISS lhr
access-control-allow-origin
*
x-ez-proxy-out
true 2.3
server
nginx
etag
W/"5c6340e3-350a-gzip"
vary
Accept-Encoding,Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
-hTugA0B3ainSm99fllcXF5uWOOdf7mCt0Qy7Bos77gqRZSheVn8mw==
expires
Tue, 16 Aug 2022 00:00:10 GMT
wp-emoji-release.min.js
riftv.net/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://riftv.net/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true; _ga=GA1.2.2131205262.1629171689; _gid=GA1.2.834587389.1629171689; _gat_gtag_UA_186817945_1=1; _dlt=1; __qca=P0-318660226-1629171689737; ezux_lpl_286900=1629171690516|7f6fc91e-8c53-4cac-4aa0-3b0e7649f083|false
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:33 GMT
content-encoding
br
last-modified
Sat, 24 Jul 2021 22:15:47 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
jquery.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/jquery/
92 KB
31 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:53 GMT
content-encoding
gzip
age
103061
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
x-nc
HIT lhr 1
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
As3lgTJetMGuW9aHFa-RXLi1N-R0AB5z4WNXrkr4nBgBX_GNDqeiCg==
expires
Mon, 15 Aug 2022 23:03:53 GMT
jquery-migrate.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:54 GMT
content-encoding
gzip
age
103060
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
x-nc
HIT lhr 2
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vG3ZV8ZhtL5H8aCwF-kPJpXQ9z6mBR4KRfM5neoany2stsAYFQKMYA==
expires
Mon, 15 Aug 2022 23:03:54 GMT
tie.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/taqyeem/js/
3 KB
1 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/taqyeem/js/tie.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:54 GMT
content-encoding
gzip
age
103060
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
content-length
913
last-modified
Fri, 13 Aug 2021 01:32:19 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
J6ieJESNPXk5M9QFZCTAbss4DNY42WLxBBMPutwTDSIj7U79qIKEHg==
main-front.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/wp-automatic/js/
1 KB
2 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/wp-automatic/js/main-front.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:54 GMT
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
age
103060
x-middleton-response
200
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-middleton-display
staticcontent_sol
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
content-length
1139
x-amz-cf-id
YwJ9sez32vCI7vRy9KVnvGin32FYuy8pHjVYe-gRpbCCcMeNXr3fLA==
adsbygoogle.js
sf.ezoiccdn.com/ezossp/unknown/pagead2.googlesyndication.com/pagead/js/
139 KB
50 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/unknown/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
AMS1-C1
x-cache
Miss from cloudfront
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
x-middleton-display
staticcontent_sol
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
x-middleton-response
200
x-xss-protection
0
x-ez-proxy-out
true 2.3
server
nginx
etag
5532057459015291920
vary
Accept-Encoding,Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
private, max-age=3600
timing-allow-origin
*
x-amz-cf-id
pNe7TnsmiyYuJzrITJhohcZMCH-p3bRyb9rZi8AtjrFA22Ickj0JkQ==
expires
Tue, 17 Aug 2021 03:41:34 GMT
photon.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/photon/
758 B
1 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/photon/photon.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
vary
Accept-Encoding,Accept-Encoding
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
content-length
758
x-nc
HIT lhr 2
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
VLLmGsB2sA4CGrBR925jGk73vM5HCoN9ajJikULuq72tT3WKSnYTiQ==
expires
Mon, 15 Aug 2022 23:03:50 GMT
regenerator-runtime.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/dist/vendor/regenerator-runtime.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
x-nc
HIT lhr 2
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
P-t3nKr6gVaj4AVS6OLS6Opbp2CWuzwrsP31LNC10J9gbXqSVNSZAQ==
expires
Mon, 15 Aug 2022 23:03:50 GMT
wp-polyfill.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/dist/vendor/
16 KB
6 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/dist/vendor/wp-polyfill.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
x-nc
HIT lhr 2
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
TViN-QYEVi2eJJLXjh_m4Hi9eqi9zUdKtpIyBY8Ov1KchYyAhoqgwQ==
expires
Mon, 15 Aug 2022 23:03:50 GMT
index.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/contact-form-7/includes/js/
13 KB
4 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/contact-form-7/includes/js/index.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
last-modified
Sun, 18 Jul 2021 21:12:44 GMT
server
nginx
age
103064
x-middleton-response
200
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-middleton-display
staticcontent_sol
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
87UfOAP3JXDI4JDGMOXMGINOiTqPAtH3hLNKhiEhipg_V5cTupFSBA==
tie-scripts.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/themes/sahifa/js/
81 KB
23 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/themes/sahifa/js/tie-scripts.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
nginx
age
103064
x-middleton-response
200
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-middleton-display
staticcontent_sol
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
mHDj-DqNRq6ApzE2efBNFOvGavBuxB2clRPjS9q4gsV0tmli3Y1X4Q==
ilightbox.packed.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/themes/sahifa/js/
76 KB
23 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/themes/sahifa/js/ilightbox.packed.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
nginx
age
103064
x-middleton-response
200
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-middleton-display
staticcontent_sol
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
b8uycGjpqBV6WFiThra9VGYHIOa4BkMK5qsb93LO_zQPDUrqv6ysJw==
intersection-observer.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/
10 KB
4 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
last-modified
Sun, 08 Aug 2021 15:20:50 GMT
server
nginx
age
103064
x-middleton-response
200
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-middleton-display
staticcontent_sol
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
kkTrlQ_39eOOfmG0Icbe9dlXT3Vo5dDu4kWhnfa2JoRF_D6g_2xsFQ==
lazy-images.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/
3 KB
2 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
content-length
1404
last-modified
Sun, 08 Aug 2021 15:20:50 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
8oMaRgTWsmOVvG5haNDPXhqDkVNUAriy-VaMAOC6AZsq6iVRQgE1YQ==
comment-reply.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/comment-reply.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
content-length
1396
x-nc
HIT lhr 1
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
stimSUA5loebSk5X7txS5YgwMh-kzhgow6X8by-prGN4ik_mBn0nUg==
expires
Mon, 15 Aug 2022 23:03:50 GMT
show_ads_impl_with_ama.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/
285 KB
103 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Requested by
Host: sf.ezoiccdn.com
URL: https://sf.ezoiccdn.com/ezossp/unknown/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?screx=1&sxcb=2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104436
x-xss-protection
0
server
cafe
etag
13300090378132527369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 17 Aug 2021 03:41:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame 735D
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Requested by
Host: sf.ezoiccdn.com
URL: https://sf.ezoiccdn.com/ezossp/unknown/pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?screx=1&sxcb=2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210812/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 16 Aug 2021 20:11:15 GMT
expires
Mon, 30 Aug 2021 20:11:15 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
27019
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wp-embed.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/
2 KB
1 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/wp-embed.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
content-length
824
x-nc
HIT lhr 1
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Aw70HgmEwEcqSSYAm9l87lhtBmlAQf0nWXPokSW2is2sXZRibAYAXQ==
expires
Mon, 15 Aug 2022 23:03:50 GMT
search.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/themes/sahifa/js/
15 KB
4 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/themes/sahifa/js/search.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
last-modified
Fri, 13 Aug 2021 01:30:50 GMT
server
nginx
age
103064
x-middleton-response
200
vary
Accept-Encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-middleton-display
staticcontent_sol
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
h-wXxl8J07-3HnfzbD7w9PfJVbryiTUBubxzVsZXqGay1BxBZZPQ1A==
OneSignalSDK.js
sf.ezoiccdn.com/ezossp/https/cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/cdn.onesignal.com/sdks/OneSignalSDK.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
105194
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-ez-proxy-out
true 2.3
server
nginx
etag
W/"3e792b2dc76a5a063e1c4f30d40ae527-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=259200
x-amz-cf-pop
AMS1-C1
cf-ray
67f60efc2df434e4-DUB
x-amz-cf-id
-q4tZbFCIBM2tToHRzTeJZhvadWQMlze-nuvcu7h9Le3aWq1qRFliw==
expires
Wed, 18 Aug 2021 23:03:50 GMT
ca-pub-4786732530380180
fundingchoicesmessages.google.com/i/
95 KB
36 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4786732530380180?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/2PyKfLwU5sXfsWdICp3qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-/2PyKfLwU5sXfsWdICp3qw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-/2PyKfLwU5sXfsWdICp3qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-/2PyKfLwU5sXfsWdICp3qw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
date
Tue, 17 Aug 2021 03:41:34 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
postmessage.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/
6 KB
3 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/postmessage.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
HIT lhr 1
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
2nX0gezSBaKEevi2_VV9_4S1xYuOiydj2To1lL61b27tMr02yGgXLA==
expires
Mon, 15 Aug 2022 23:03:50 GMT
jquery.jetpack-resize.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/
3 KB
2 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/jquery.jetpack-resize.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
content-length
1194
x-nc
HIT lhr 1
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
BVfl2R_2vmMirQnko45QFlRnwTHhmNsMHYvovPBjj7vJXEZA1VOwrQ==
expires
Mon, 15 Aug 2022 23:03:50 GMT
queuehandler.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/likes/
6 KB
3 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/likes/queuehandler.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
vary
Accept-Encoding,Accept-Encoding
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
HIT lhr 2
access-control-allow-origin
*
last-modified
Tue, 27 Jul 2021 22:52:10 GMT
server
nginx
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
QZnXeS1gEcs1XZ5MQSga7CoNtGagp8JCqeQOEdtgFm4qwJpwCCnhxg==
expires
Mon, 15 Aug 2022 23:03:50 GMT
related-posts.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/related-posts/
6 KB
2 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/related-posts/related-posts.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
content-length
1936
x-nc
HIT lhr 2
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
44ZqlNYi_W3-kJXouROh-xFwnJRptoSinZLZn2rd0Z6cCQVF24VRAw==
expires
Mon, 15 Aug 2022 23:03:50 GMT
13915.html
riftv.net/
3 KB
3 KB
XHR
General
Full URL
https://riftv.net/13915.html?relatedposts=1
Requested by
Host: sf.ezoiccdn.com
URL: https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/related-posts/related-posts.min.js?screx=1&sxcb=2a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.160.166 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-160-166.reverse.odns.fr
Software
o2switch-PowerBoost-v3 / PHP/7.4.22
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
ezoadgid_286900=-1; ezoref_286900=; ezoab_286900=mod32-c; lp_286900=https://riftv.net/13915.html; ezovuuidtime_286900=1629171688; ezovuuid_286900=cc21719f-4dca-4219-79dc-b7f938001d69; ezopvc_286900=1; ezCMPCCS=true; _ga=GA1.2.2131205262.1629171689; _gid=GA1.2.834587389.1629171689; _gat_gtag_UA_186817945_1=1; _dlt=1; __qca=P0-318660226-1629171689737; ezux_lpl_286900=1629171690516|7f6fc91e-8c53-4cac-4aa0-3b0e7649f083|false
:path
/13915.html?relatedposts=1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
riftv.net
referer
https://riftv.net/13915.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/13915.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with
XMLHttpRequest

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
x-content-type-options
nosniff
server
o2switch-PowerBoost-v3
x-powered-by
PHP/7.4.22
x-pingback
https://riftv.net/xmlrpc.php
content-type
application/json; charset=utf-8
float-left-right.js
sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/
2 KB
1 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/riftv.net/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/float-left-right.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:57 GMT
content-encoding
gzip
age
103057
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
x-middleton-response
200
content-length
672
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
pjvBEtFdGOu1ZKGJJEk00nYnzRA1XoVVUatfKRocy1T0k2LoLmxnoA==
AGSKWxXciuxYG1dm8e2fdUoM4ogMzAKWzmnJb9gz69GuKMaUHoCk4F9DeemS5sBk18rCmFp96DFl4-D3PA_L2aiCqGM=
fundingchoicesmessages.google.com/el/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXciuxYG1dm8e2fdUoM4ogMzAKWzmnJb9gz69GuKMaUHoCk4F9DeemS5sBk18rCmFp96DFl4-D3PA_L2aiCqGM=?pvid=1BBF52E5-063F-416D-8465-10877CE11C15&anonid=111DC17E-F984-4C4C-9A1A-F29547346CFA
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.6ZgQMiRLF3E.es5.O/d=1/rs=AJlcJMzfr8eZ6Vo-GTdabkOsqX1mehA29A/m=loader_js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oGAwdekY0NxgB6lK3M1ggA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oGAwdekY0NxgB6lK3M1ggA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-oGAwdekY0NxgB6lK3M1ggA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oGAwdekY0NxgB6lK3M1ggA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUvxl1EK_b0EjeY3jDOgfchAC7Ble1GVubWq_HzDoxXXek7Yp8M1p3QTu_WM8w8qTvhxFbX0rUK_Apow9Vqptk=
fundingchoicesmessages.google.com/f/
72 KB
27 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUvxl1EK_b0EjeY3jDOgfchAC7Ble1GVubWq_HzDoxXXek7Yp8M1p3QTu_WM8w8qTvhxFbX0rUK_Apow9Vqptk=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjI5MTcxNjk0LDc5MjAwMDAwMF0sIjFCQkY1MkU1LTA2M0YtNDE2RC04NDY1LTEwODc3Q0UxMUMxNSIsIjExMURDMTdFLUY5ODQtNEM0Qy05QTFBLUYyOTU0NzM0NkNGQSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3JpZnR2Lm5ldC8xMzkxNS5odG1sIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.6ZgQMiRLF3E.es5.O/d=1/rs=AJlcJMzfr8eZ6Vo-GTdabkOsqX1mehA29A/m=loader_js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2vyIr5p/+8ONk66WsWDmYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2vyIr5p/+8ONk66WsWDmYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-2vyIr5p/+8ONk66WsWDmYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-2vyIr5p/+8ONk66WsWDmYA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
199 B
655 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=riftv.net&callback=_gfp_s_&client=ca-pub-4786732530380180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Friftv.net%2F13915.html&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Friftv.net%2F13915.html&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 81C7
6 KB
868 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1629171694&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Friftv.net%2F13915.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694564&bpp=3&bdt=5418&idt=96&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338567251340&frm=20&pv=2&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1629171694&plat=1%3A16777216%2C2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Friftv.net%2F13915.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694564&bpp=3&bdt=5418&idt=96&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8338567251340&frm=20&pv=2&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 17 Aug 2021 03:41:34 GMT
server
cafe
content-length
845
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 17-Aug-2021 03:56:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 17 Aug 2021 03:41:34 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8551
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113446242536"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27733
x-xss-protection
0
expires
Tue, 17 Aug 2021 03:41:34 GMT
sharing.min.js
sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/sharedaddy/
12 KB
4 KB
Script
General
Full URL
https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/sharedaddy/sharing.min.js?screx=1&sxcb=2a
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:1000:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 23:03:50 GMT
content-encoding
gzip
age
103064
x-cache
Hit from cloudfront
x-middleton-display
staticcontent_sol
access-control-allow-methods
GET, HEAD
x-middleton-response
200
x-nc
HIT lhr 1
access-control-allow-origin
*
last-modified
Tue, 13 Jul 2021 14:05:09 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
strict-transport-security
max-age=15552000
content-type
application/javascript
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-ez-proxy-out
true 2.3
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
grohqx4A3PsWaCTeCEJ4W3uY0sl5igJWd00gf8-a4QKHY-I1gUTsVQ==
expires
Mon, 15 Aug 2022 23:03:50 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Tue, 17 Aug 2021 03:41:34 GMT
count.json
api.pinterest.com/v1/urls/
85 B
378 B
Script
General
Full URL
https://api.pinterest.com/v1/urls/count.json?callback=WPCOMSharing.update_pinterest_count&url=https%3A%2F%2Friftv.net%2F13915.html
Requested by
Host: sf.ezoiccdn.com
URL: https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/sharedaddy/sharing.min.js?screx=1&sxcb=2a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
x-content-type-options
nosniff
x-cdn
akamai
akamai-grn
0.9d6656b8.1629171694.9d256df
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-pinterest-rid
9022448863066248
content-length
85
expires
Tue, 17 Aug 2021 03:56:34 GMT
/
graph.facebook.com/
244 B
658 B
Script
General
Full URL
https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Friftv.net%2F13915.html
Requested by
Host: sf.ezoiccdn.com
URL: https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/p/jetpack/10.0/_inc/build/sharedaddy/sharing.min.js?screx=1&sxcb=2a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev
1004263186
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
182
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
DdfMOvyZ4rlR87YRqjGyqHOQZv4qPjQa4edKV1c6obNT5HcbR03SjypbzILu0/99atVF0goK078ttXdXQyLbuQ==
x-fb-trace-id
GhGrPe9qN48
date
Tue, 17 Aug 2021 03:41:34 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ABQxmHqWrEQ9l6O8su8_yfe
cache-control
no-store
facebook-api-version
v4.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
123 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=pinterest&r=0.24974598696522365
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.8114304956963516
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.0&blog=187526598&post=13915&tz=0&srv=riftv.net&host=riftv.net&ref=&fcp=3513&rand=0.2689481622346903
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
AGSKWxVz3-p4x4-s9DolBWJzXRv_x32jjBaiCrGIilSm92S22tuitWV4Vig3UkUQBVuNo5SulakcNewpy9i6jzfySx_E6cKnvRNm6Xr-gFyt8IKbv5X1rOMIVzL0yRdUM_j6YzRpD9lww42D3C10r7LLJyGADbxC70e8bydbEz3JbM_L55sDRoU5GhtiSSxx
fundingchoicesmessages.google.com/el/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVz3-p4x4-s9DolBWJzXRv_x32jjBaiCrGIilSm92S22tuitWV4Vig3UkUQBVuNo5SulakcNewpy9i6jzfySx_E6cKnvRNm6Xr-gFyt8IKbv5X1rOMIVzL0yRdUM_j6YzRpD9lww42D3C10r7LLJyGADbxC70e8bydbEz3JbM_L55sDRoU5GhtiSSxx
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.ksegGfZA2BQ.es5.O/d=1/rs=AJlcJMysVx_e9mFcO0NqnOn557aGLCit_A/m=iabccpawebsignalscript
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/8gZ2XH2/vo7EzG3BBA01w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/8gZ2XH2/vo7EzG3BBA01w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-/8gZ2XH2/vo7EzG3BBA01w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/8gZ2XH2/vo7EzG3BBA01w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVz3-p4x4-s9DolBWJzXRv_x32jjBaiCrGIilSm92S22tuitWV4Vig3UkUQBVuNo5SulakcNewpy9i6jzfySx_E6cKnvRNm6Xr-gFyt8IKbv5X1rOMIVzL0yRdUM_j6YzRpD9lww42D3C10r7LLJyGADbxC70e8bydbEz3JbM_L55sDRoU5GhtiSSxx
fundingchoicesmessages.google.com/el/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVz3-p4x4-s9DolBWJzXRv_x32jjBaiCrGIilSm92S22tuitWV4Vig3UkUQBVuNo5SulakcNewpy9i6jzfySx_E6cKnvRNm6Xr-gFyt8IKbv5X1rOMIVzL0yRdUM_j6YzRpD9lww42D3C10r7LLJyGADbxC70e8bydbEz3JbM_L55sDRoU5GhtiSSxx
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.ksegGfZA2BQ.es5.O/d=1/rs=AJlcJMysVx_e9mFcO0NqnOn557aGLCit_A/m=iabccpawebsignalscript
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PrjvzY5xgwd+n4ozzNLPTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PrjvzY5xgwd+n4ozzNLPTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 17 Aug 2021 03:41:34 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-PrjvzY5xgwd+n4ozzNLPTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PrjvzY5xgwd+n4ozzNLPTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVW7s3o9QfaTdLdkwHsDltjcETFRYFWS4nZqslIllLEE66ZFfhn8Ig0a3Htz3vsyy9BIFYn6vF-Ovg5m3dyy5ZUpD2mwCak7tzXLyEIIpdPyFnr1lUoOYVbggnBRNKMSO_dQGJa1Rgh6kdMJvB2LhoWMZGSqt8EPGOtb_Xs89JO6Y6UEZmqZJc_gnNH
fundingchoicesmessages.google.com/f/
70 KB
25 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVW7s3o9QfaTdLdkwHsDltjcETFRYFWS4nZqslIllLEE66ZFfhn8Ig0a3Htz3vsyy9BIFYn6vF-Ovg5m3dyy5ZUpD2mwCak7tzXLyEIIpdPyFnr1lUoOYVbggnBRNKMSO_dQGJa1Rgh6kdMJvB2LhoWMZGSqt8EPGOtb_Xs89JO6Y6UEZmqZJc_gnNH?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjI5MTcxNjk0LDkxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9yaWZ0di5uZXQvMTM5MTUuaHRtbCJd
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.ksegGfZA2BQ.es5.O/d=1/rs=AJlcJMysVx_e9mFcO0NqnOn557aGLCit_A/m=iabccpawebsignalscript
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xjhHZABwLLf8GChIAyKl7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-xjhHZABwLLf8GChIAyKl7A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-xjhHZABwLLf8GChIAyKl7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-xjhHZABwLLf8GChIAyKl7A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 36AF
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Tue, 17 Aug 2021 00:18:26 GMT
expires
Wed, 17 Aug 2022 00:18:26 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
12188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0D8A
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oGe2FcxN7hLt/GE7ucJ+JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

expires
Tue, 17 Aug 2021 03:41:34 GMT
date
Tue, 17 Aug 2021 03:41:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-oGe2FcxN7hLt/GE7ucJ+JQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 03:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 03:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ACD3
27 KB
11 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 17 Aug 2021 03:41:35 GMT
server
cafe
content-length
11414
x-xss-protection
0
set-cookie
IDE=AHWqTUlDsEbHWWld8MFUHbHi3VKMMInw3KlrLuAb__iIi86x1RPBlzRNUbhzLvXX23g; expires=Sun, 11-Sep-2022 03:41:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 17 Aug 2021 03:41:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 138C
436 B
236 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=1007504430&pi=t.aa~a.880195255~i.2~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280&nras=3&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vk5YENhyVA&p=https%3A//riftv.net&dtd=61
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=1007504430&pi=t.aa~a.880195255~i.2~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280&nras=3&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1712&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vk5YENhyVA&p=https%3A//riftv.net&dtd=61
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 17 Aug 2021 03:41:35 GMT
server
cafe
content-length
212
x-xss-protection
0
set-cookie
IDE=AHWqTUlFWjnNJ20Bs7wqQTyectZ8IJIfa6WkOiARrD0DhrSCzjv7qHtDj5e3WGq-kt8; expires=Sun, 11-Sep-2022 03:41:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 17 Aug 2021 03:41:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0A0E
436 B
237 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=852461872&pi=t.aa~a.880195255~i.3~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280&nras=4&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jcnwhq1uCX&p=https%3A//riftv.net&dtd=65
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=852461872&pi=t.aa~a.880195255~i.3~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280&nras=4&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=jcnwhq1uCX&p=https%3A//riftv.net&dtd=65
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 17 Aug 2021 03:41:35 GMT
server
cafe
content-length
213
x-xss-protection
0
set-cookie
IDE=AHWqTUluO90qazwHDebMAPM-ftU7Q6bJRzjNeomtqTjP1gIXzq9O9rKPMeboApm6N2U; expires=Sun, 11-Sep-2022 03:41:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 17 Aug 2021 03:41:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 59CE
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=1791531168&pi=t.aa~a.880195255~i.5~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280&nras=5&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Rb7C3dmiH1&p=https%3A//riftv.net&dtd=68
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=1791531168&pi=t.aa~a.880195255~i.5~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280&nras=5&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2420&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=Rb7C3dmiH1&p=https%3A//riftv.net&dtd=68
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 17 Aug 2021 03:41:35 GMT
server
cafe
content-length
211
x-xss-protection
0
set-cookie
IDE=AHWqTUmZbX3jDoZYOb_F-o810EnLsTlN2CFt5ajDucjXvMVDkb2DeW6x_RQt2ioXwAg; expires=Sun, 11-Sep-2022 03:41:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 17 Aug 2021 03:41:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 26EF
436 B
236 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=4206485171&pi=t.aa~a.880195255~i.6~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280%2C620x280&nras=6&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=p80JEGcjLI&p=https%3A//riftv.net&dtd=72
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=4206485171&pi=t.aa~a.880195255~i.6~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171695&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280%2C620x280&nras=6&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=2742&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=5&fsb=1&xpc=p80JEGcjLI&p=https%3A//riftv.net&dtd=72
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 17 Aug 2021 03:41:35 GMT
server
cafe
content-length
212
x-xss-protection
0
set-cookie
IDE=AHWqTUnyemfIeZv1BXc3o5urTBcf35UtXvSasrk_hpagku-lrcfDRSrDHJ2zU7WJjzA; expires=Sun, 11-Sep-2022 03:41:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 17 Aug 2021 03:41:35 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1468
436 B
237 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=125&adk=1764658282&adf=2437768995&pi=t.aa~a.2420967575~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1629171695&rafmt=1&to=qs&pwprc=4689011020&tp=site_kit&psa=0&format=310x125&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=1&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280%2C620x280%2C620x280&nras=7&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=FMZfDGpqix&p=https%3A//riftv.net&dtd=76
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama.js?client=ca-pub-4786732530380180&plah=riftv.net
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=125&adk=1764658282&adf=2437768995&pi=t.aa~a.2420967575~rp.4&w=310&fwrn=4&fwrnh=100&lmt=1629171695&rafmt=1&to=qs&pwprc=4689011020&tp=site_kit&psa=0&format=310x125&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=1&bdt=5828&idt=1&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0%2C620x280%2C620x280%2C620x280%2C620x280%2C620x280&nras=7&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=6&fsb=1&xpc=FMZfDGpqix&p=https%3A//riftv.net&dtd=76
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 17 Aug 2021 03:41:35 GMT
server
cafe
content-length
213
x-xss-protection
0
set-cookie
IDE=AHWqTUlOUoUEm7F5r4wTzLwpLhjosweyIyL8pJxk3m4IjSA153pKUUR2MTDCdKCMTm0; expires=Sun, 11-Sep-2022 03:41:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 17 Aug 2021 03:41:35 GMT
cache-control
private
Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
pagead2.googlesyndication.com/bg/ Frame 36AF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
12229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13491
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 00:17:46 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210812&jk=465524733194050&bg=!0tGl0ZXNAAZvV8FTb1c7ACkAdvg8Wnpq5kiu07zW_3o0CEABNAEyDW_ui-xW7qFqMGK4A1YWwPP6YQIAAABZUgAAAAxoAQeZAncG6Py1v4vYqDkJf5PrBb9K4O7X32X83j5ApFoTCYR1rUOCrDlM9HQC9A8eBGSQjSGojgrskdC41Eh-pxT2axmWqA5mtTXSOxkfB9zAgb7E2ydbYCw0WvS9qebRygVfnQ4WDZodIzA7e6gsomavP9vfb0a4WUZPLZAQZdSiKhhOy0r8Dmuzs_4lg6vi27EWCTmzF_B1rt4yrhn5t03FdZiWJ_A3aSl1ya0i88LknRffnEA8v7cXuJ-BKS3vIKK9k1FKq1-xq1ahMOuGI7H4T2jH92vBw5V15oiO_kWf0hgEAaEh8eHDnuM97e-lCB39Y6wvUwP_pJnsvRH1R95IfETtyWQk9E4xsWvVFx7S2ZoWeeMjUENp81_v6I-nfy9MdREmyCtscU4oQdPftvcb_lvycD-FbjgIA0C-uvgg8QG4vTUpSCLnBKoWcoXcsx8A30iF02_iJty1IbBQGO7f9ANcSxug8bmUxIpCBHZFSgrBk5PErp-_nZTKddi3vqrdCV4AH3nbAVMW0NoemdDq9JrK05xRSXNkCADWyqNauc63yV-lmEHr6p6OKI09P3qYFJUbDre-R0hW8dgFjn2vEUwJ_oeALATivSry5RWB-URI3M2LYgKqRJTM3B2kHcrvDI3cuaIGbqKhWSkS27k2JtwEKqwivzpQ3Cy6bdCHd3l01ytIgIe_yjWlcFYxZkHSoTEJTG3PaFufgdAAB2tFxnR6BJ-Sq0oLcN8SNJVZf99j0vwI9nDl7TzYKTvwi3MAMGWQEWi5qy-6A9M8cACD5W6XVR25S4lzMQ0CQZYDCz7AkwMK25ygGbTerTSGjGo4CXHPWDPMF9yR
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

adview
googleads.g.doubleclick.net/pagead/ Frame 8E87
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5Ves7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEtgFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjMn-1snMSLsu82ef-c_cAbu6wIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ3ODY3MzI1MzAzODAxODAYAA&sigh=s6liHdDbs7o&tpd=AGWhJmuLB5IN8yUBzgquURIB5r9xD1H0a9WmUkQfCQlvsrSyHkjWZ7-KFWZm5MLFU9Q8KEkZ-sHEHxhc5tLqBBPP8etq5nV01WCgBgGDdtsvO4B46QjOMqf1b46F_ptlWcGTlsx8eFLqEgVF2_n9ZKWPqdnUZ6_PAEn_RvB-KsdYnVDMoTLN6Yw95P220UYnOjVNUMv57VR0dSRQhpXlbEaFmlLddP3Gz-nCDQa10yfDgMx-9WLPeIXvYOOAu7Z0bFmhzeeDdQZvOELfSAB-84aLfaXglgN4PxE_4lErrEOSTIe6_a9h0WE5d8qARpEOhsUNpM5oMwqtC6N-PpmiCEKzGM4Jtlx7b-1QqCNFGpkTpMmd6t7XqrXqjidg0o3Eq36ig73QplX4zmlfdKvJAyUE0K6tROltIXkFUREjqPjqf3p_W17s1alxUnRv5GzYexqgwvPZ-7AC6plVqH56Da6tOdaZXM5sAMO6oeMafn9isKx7cLKPafzWcPC_DtUILuyi3ycB_oPk1KLf9sJKIPn4qfpSxuqUtRbYiUxReCG6WISt16-qd4hDQFIsEymz7Mrqb55ku27CyOkR5sJR4cNWgvMSZFQxxv_AYEhsfAYVv_Nurigv6i_Wb9KNB4qpLbgACaIx8bitBGcZevRDp28X1-OHoEsW5r1P_BRu6uA9c6ALi7omJHP7AHtmG3ucWTIX978qtIq8rZfs8DgrLqLLXsFfxZeoM1hvPuPMknH083AWD_a9tM4p1ae-gTP9ReGTlvO-5bsJPYzu_ItrqZBDHH6F-JIyda1GulkeQqq7tDYqdFOA50_49WKPyE31Dlu85UY8x9JY-ZM3ALfnh3CbogJhz7Zw8pY6wQL-KYJYluDkH7FAZfpPZRn8FfOR6GQEnzOjwv_UHKgqMGBFIet65uy3TgrTeD3WHpdhCf7k217DDI_cB0TrcX007Z7cGIX76HNL26Oibnt8pPRDnbtwYjhmHFwpPUz3709Wmm-fEGV80jVOX9vVMpXHUotRAnxLypkYk0nnr1FE9Fu0XB_Q6m-R63lY3VMFtBhACWoJI3U5buADeenqSAhnMeAw2IQ
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 17 Aug 2021 03:41:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
js
tags.mathtag.com/notify/ Frame 8E87
2 KB
2 KB
Script
General
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpnNE56TTRZVE10TTJSaU15MDVNR1ZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxODczNzA3NzA5NTI0MzIyNzUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGeEg0UjhjUjlKOHFhbW1yVTlJbkFzcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTg3MzcwNzcwOTUyNDMyMjc1L2Ftcy8wLzU0LzIzLzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI5MTcxNjk1LzE2MjkxODQyOTUvNC9wdWItNDc4NjczMjUzMDM4MDE4MC8/CdJsIhVQ9y4LvDcHvBd3xik9X5M&nodeid=521&group=eu&auctionid=6187370770952432275&shardkey=6187370770952432275&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%26client%3Dca-pub-4786732530380180%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.203.0 /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1629171695
Last-Modified
Tue, 17 Aug 2021 03:41:35 GMT
Server
MMBD/3.203.0
x-mm-latency
22 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x69, cdg-bidder-x61
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Tue, 17 Aug 2021 03:41:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 8E87
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:21:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Aug 2021 03:21:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E87
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:35 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Tue, 17 Aug 2021 03:41:35 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 8E87
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:21:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Aug 2021 03:21:38 GMT
nazem-kadri-colorado-avalanche-081920-getty-ftrjpeg_1hnw6k0r9yrn017ox4og00igbh.jpg
i0.wp.com/riftv.net/wp-content/uploads/2021/05/
7 KB
7 KB
Image
General
Full URL
https://i0.wp.com/riftv.net/wp-content/uploads/2021/05/nazem-kadri-colorado-avalanche-081920-getty-ftrjpeg_1hnw6k0r9yrn017ox4og00igbh.jpg?fit=1200%2C675&ssl=1&resize=350%2C200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 17 Aug 2021 03:41:35 GMT
x-content-type-options
nosniff
last-modified
Sat, 14 Aug 2021 04:17:54 GMT
server
nginx
etag
"7c821e1801e78d8e"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://riftv.net/wp-content/uploads/2021/05/nazem-kadri-colorado-avalanche-081920-getty-ftrjpeg_1hnw6k0r9yrn017ox4og00igbh.jpg>; rel="canonical"
content-length
7084
expires
Mon, 14 Aug 2023 16:17:54 GMT
ryan-reaves-053021-getty-ftr_robkhwwuue8n1t48ta7vej6be.jpg
i0.wp.com/riftv.net/wp-content/uploads/2021/05/
94 KB
94 KB
Image
General
Full URL
https://i0.wp.com/riftv.net/wp-content/uploads/2021/05/ryan-reaves-053021-getty-ftr_robkhwwuue8n1t48ta7vej6be.jpg?fit=1200%2C675&ssl=1&resize=350%2C200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Tue, 17 Aug 2021 03:41:35 GMT
x-content-type-options
nosniff
last-modified
Sat, 14 Aug 2021 04:17:54 GMT
server
nginx
etag
"7f947d6b86cd7c1a"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://riftv.net/wp-content/uploads/2021/05/ryan-reaves-053021-getty-ftr_robkhwwuue8n1t48ta7vej6be.jpg>; rel="canonical"
content-length
96162
expires
Mon, 14 Aug 2023 16:17:54 GMT
avalanche-canes-bruins-052921-getty-ftrjpeg_1914251nu3btm1cxe5u4255mot.jpeg
i2.wp.com/riftv.net/wp-content/uploads/2021/05/
20 KB
20 KB
Image
General
Full URL
https://i2.wp.com/riftv.net/wp-content/uploads/2021/05/avalanche-canes-bruins-052921-getty-ftrjpeg_1914251nu3btm1cxe5u4255mot.jpeg?fit=1200%2C675&ssl=1&resize=350%2C200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:35 GMT
x-content-type-options
nosniff
x-bytes-saved
1199
content-length
20453
x-nc
HIT hhn 4
last-modified
Sat, 14 Aug 2021 04:31:09 GMT
server
nginx
etag
"fce40514742b46aa"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://riftv.net/wp-content/uploads/2021/05/avalanche-canes-bruins-052921-getty-ftrjpeg_1914251nu3btm1cxe5u4255mot.jpeg>; rel="canonical"
expires
Mon, 14 Aug 2023 16:31:09 GMT
h78o6ojw9z7r
hal9000.redintelligence.net/zone/ Frame 8E87
11 KB
3 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=6187370770952432275&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6187370770952432275%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_cid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%2526client%253Dca-pub-4786732530380180%2526adurl%253D%26redirect%3D
Requested by
Host: riftv.net
URL: https://riftv.net/13915.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3373
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 8E87
49 B
329 B
Image
General
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=6187370770952432275&node_id=521&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpnNE56TTRZVE10TTJSaU15MDVNR1ZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxODczNzA3NzA5NTI0MzIyNzUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGeEg0UjhjUjlKOHFhbW1yVTlJbkFzcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTg3MzcwNzcwOTUyNDMyMjc1L2Ftcy8wLzU0LzIzLzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI5MTcxNjk1LzE2MjkxODQyOTUvNC9wdWItNDc4NjczMjUzMDM4MDE4MC8/CdJsIhVQ9y4LvDcHvBd3xik9X5M&nodeid=521&group=eu&auctionid=6187370770952432275&shardkey=6187370770952432275&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.203.0 /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Server
MMBD/3.203.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x64, cdg-bidder-x61
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 17 Aug 2021 03:41:34 GMT
img
pixel.mathtag.com/event/ Frame 8E87
43 B
360 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6187370770952432275&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpnNE56TTRZVE10TTJSaU15MDVNR1ZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxODczNzA3NzA5NTI0MzIyNzUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGeEg0UjhjUjlKOHFhbW1yVTlJbkFzcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTg3MzcwNzcwOTUyNDMyMjc1L2Ftcy8wLzU0LzIzLzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI5MTcxNjk1LzE2MjkxODQyOTUvNC9wdWItNDc4NjczMjUzMDM4MDE4MC8/CdJsIhVQ9y4LvDcHvBd3xik9X5M&nodeid=521&group=eu&auctionid=6187370770952432275&shardkey=6187370770952432275&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3831 a91c15f master cdg-pixel-x27 /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 17 Aug 2021 03:43:52 GMT
img
tags.mathtag.com/event/ Frame 8E87
49 B
329 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6187370770952432275&st=4562306&time=1629171695&nodeid=521
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTmpnNE56TTRZVE10TTJSaU15MDVNR1ZrTFRBd01EQXRNREF3TURBd01EQXdNREF3LzYxODczNzA3NzA5NTI0MzIyNzUvNjYyMjMyOC80NTYyMzA2LzQvZ0NDcTVFME8wbnZLWWRybXZBNHpGeEg0UjhjUjlKOHFhbW1yVTlJbkFzcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MTg3MzcwNzcwOTUyNDMyMjc1L2Ftcy8wLzU0LzIzLzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjI5MTcxNjk1LzE2MjkxODQyOTUvNC9wdWItNDc4NjczMjUzMDM4MDE4MC8/CdJsIhVQ9y4LvDcHvBd3xik9X5M&nodeid=521&group=eu&auctionid=6187370770952432275&shardkey=6187370770952432275&sid=4562306&cid=6622328&bp=a_bdhgdj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%26client%3Dca-pub-4786732530380180%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.203.0 /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Server
MMBD/3.203.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x38, cdg-bidder-x61
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 17 Aug 2021 03:41:34 GMT
request.php
hal900023.redintelligence.net/ Frame 8E87
Redirect Chain
  • https://hal900023.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=89d93b76e7&subid=&uid=607b283e147fa1f0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900023.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=89d93b76e7&subid=&uid=607b283e147fa1f0&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
613 B
938 B
Script
General
Full URL
https://hal900023.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=89d93b76e7&subid=&uid=607b283e147fa1f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6187370770952432275%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_cid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%2526client%253Dca-pub-4786732530380180%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-4786732530380180%26output%3Dhtml%26h%3D280%26adk%3D2681345953%26adf%3D634733667%26pi%3Dt.aa~a.880195255~i.1~rp.4%26w%3D620%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1629171694%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4689011020%26tp%3Dsite_kit%26psa%3D0%26ad_type%3Dtext_image%26format%3D620x280%26url%3Dhttps%253A%252F%252Friftv.net%252F13915.html%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D155%26rw%3D620%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1629171694974%26bpp%3D3%26bdt%3D5828%26idt%3D-M%26shv%3Dr20210812%26mjsv%3Dm202108100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D08741881cc88d9fd-229d17faacc90033%253AT%253D1629171694%253ART%253D1629171694%253AS%253DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D8338567251340%26frm%3D20%26pv%3D1%26ga_vid%3D2131205262.1629171689%26ga_sid%3D1629171695%26ga_hid%3D1669268315%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D322%26ady%3D1302%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066429%252C20211866%252C31062297%26oid%3D3%26pvsid%3D465524733194050%26eae%3D0%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dhn4kM2k3Pa%26p%3Dhttps%253A%2F%2Friftv.net%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Friftv.net&random=2471830557137&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Aug 2021 03:41:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
34978300012357000951407011689023
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
332
Expires
Tue, 17 Aug 2021 04:41:35 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 17 Aug 2021 03:41:35 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=89d93b76e7&subid=&uid=607b283e147fa1f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6187370770952432275%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_cid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%2526client%253Dca-pub-4786732530380180%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-4786732530380180%26output%3Dhtml%26h%3D280%26adk%3D2681345953%26adf%3D634733667%26pi%3Dt.aa~a.880195255~i.1~rp.4%26w%3D620%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1629171694%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4689011020%26tp%3Dsite_kit%26psa%3D0%26ad_type%3Dtext_image%26format%3D620x280%26url%3Dhttps%253A%252F%252Friftv.net%252F13915.html%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D155%26rw%3D620%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1629171694974%26bpp%3D3%26bdt%3D5828%26idt%3D-M%26shv%3Dr20210812%26mjsv%3Dm202108100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D08741881cc88d9fd-229d17faacc90033%253AT%253D1629171694%253ART%253D1629171694%253AS%253DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D8338567251340%26frm%3D20%26pv%3D1%26ga_vid%3D2131205262.1629171689%26ga_sid%3D1629171695%26ga_hid%3D1669268315%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D322%26ady%3D1302%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066429%252C20211866%252C31062297%26oid%3D3%26pvsid%3D465524733194050%26eae%3D0%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dhn4kM2k3Pa%26p%3Dhttps%253A%2F%2Friftv.net%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Friftv.net&random=2471830557137&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 17 Aug 2021 04:41:35 +0200
request_content.php
hal900023.redintelligence.net/ Frame 289F
4 KB
2 KB
Document
General
Full URL
https://hal900023.redintelligence.net/request_content.php?s=34978300012357000951407011689023&a=2a097962
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=89d93b76e7&subid=&uid=607b283e147fa1f0&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6187370770952432275%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_cid%3D2dc4611b-2fef-4b01-86e2-693f890aee09%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC2MiW7y8bYfMwg4vv9Q-pv5zIDM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNDc4NjczMjUzMDM4MDE4MMgBCagDAaoEuQFP0L_htMXF1eai14T4PjJFoRf6naB_umZEPTdcIuYY0KkJH9z5Fl7naeZLtCs2Yd4hakl0uP12s5ul466JsugGLclgp0FdzjP6KVU-gyuUTUGa4JWHBOomlF4mGyeahbxuRbG8o61cS4T5mmNR5dEzQBq_rczVEH3s126arXTeiMu-N2rFC4AOy8NpKR0ugoftGVuPHyAK8VnBxwGgxRk338_QjIv821tg2B8pfsPXUhecrkun1M7QsIAGk-bExZnd9a_6AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1KWlT7LmGpxzphjiZUx-GdwGeqmQ%2526client%253Dca-pub-4786732530380180%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-4786732530380180%26output%3Dhtml%26h%3D280%26adk%3D2681345953%26adf%3D634733667%26pi%3Dt.aa~a.880195255~i.1~rp.4%26w%3D620%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1629171694%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D4689011020%26tp%3Dsite_kit%26psa%3D0%26ad_type%3Dtext_image%26format%3D620x280%26url%3Dhttps%253A%252F%252Friftv.net%252F13915.html%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D155%26rw%3D620%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1629171694974%26bpp%3D3%26bdt%3D5828%26idt%3D-M%26shv%3Dr20210812%26mjsv%3Dm202108100101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D08741881cc88d9fd-229d17faacc90033%253AT%253D1629171694%253ART%253D1629171694%253AS%253DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D8338567251340%26frm%3D20%26pv%3D1%26ga_vid%3D2131205262.1629171689%26ga_sid%3D1629171695%26ga_hid%3D1669268315%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D322%26ady%3D1302%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D21066429%252C20211866%252C31062297%26oid%3D3%26pvsid%3D465524733194050%26eae%3D0%26fc%3D1408%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3Dhn4kM2k3Pa%26p%3Dhttps%253A%2F%2Friftv.net%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Friftv.net&random=2471830557137&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
hal900023.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=f3f6fca85edde1eb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 17 Aug 2021 04:41:35 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1414
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB37
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 16 Aug 2021 11:56:19 GMT
expires
Tue, 17 Aug 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
56716
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8E87
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame EB37
35 B
363 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGphU-9WXRXuBS1t1qktX2U&google_cver=1&google_push=AYg5qPKZsiTgWFY3cA1wuaJnPxLNZF36hEyBRtGBOe2Fxz0m6Rxcw04crgsN_4Oqh-7eAkkp48R_x6t8qXU-3fG9seMtbwHVpv1f
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB37
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJnk-9V8d0ty_GABgTiEUTg&google_cver=1&google_push=AYg5qPJm9C095y7mg579pVYn_lpwDkW32EbfQieW88F85Ngcd9rHmmoXus0FeXNiVVT_nFT54qRDCBLMyhVKH_UOO0BU1x-WdIxHAw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJm9C095y7mg579pVYn_lpwDkW32EbfQieW88F85Ngcd9rHmmoXus0FeXNiVVT_nFT54qRDCBLMyhVKH_UOO0BU1x-WdIxHAw&google_hm=Q0FFU0VKbmstOVY4ZDB...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJm9C095y7mg579pVYn_lpwDkW32EbfQieW88F85Ngcd9rHmmoXus0FeXNiVVT_nFT54qRDCBLMyhVKH_UOO0BU1x-WdIxHAw&google_hm=Q0FFU0VKbmstOVY4ZDB0eV9HQUJnVGlFVVRn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Aug 2021 03:41:34 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJm9C095y7mg579pVYn_lpwDkW32EbfQieW88F85Ngcd9rHmmoXus0FeXNiVVT_nFT54qRDCBLMyhVKH_UOO0BU1x-WdIxHAw&google_hm=Q0FFU0VKbmstOVY4ZDB0eV9HQUJnVGlFVVRn
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB37
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESENZelQGSE_pvul0KqA_iM6M&google_cver=1&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3IQ
  • https://rtb.openx.net/sync/dds?google_gid=CAESENZelQGSE_pvul0KqA_iM6M&google_cver=1&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3I...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3IQ&google_hm=XUebgWjayroyhzHfz2Ia6g==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3IQ&google_hm=XUebgWjayroyhzHfz2Ia6g==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:34 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIIOGfqPiJB4i0FgEQwPi_HmbqQPkZaeNnGLM-bRAxpza3_lXz7X8l1B3rrCGgnln0eHLEnpkYpBMDYSWV8B7asrYkY0Xh3IQ&google_hm=XUebgWjayroyhzHfz2Ia6g==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
v7mptro7e9ri8k3p34l68rv51q9g0kui
pixel
cm.g.doubleclick.net/ Frame EB37
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MYbeuKn7RAq1gAQvfnivQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MYbeuKn7RAq1gAQvfnivQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKkKNhhg01Ib75US2ywISwGpf6s_TUzhaI5xlWGcHloZDDaHJxFGpXZSvQ6sCriJgF2KHBVlmjA4mfoajJwz6Ye73TdVC_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MYbeuKn7RAq1gAQvfnivQA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKkKNhhg01Ib75US2ywISwGpf6s_TUzhaI5xlWGcHloZDDaHJxFGpXZSvQ6sCriJgF2KHBVlmjA4mfoajJwz6Ye73TdVC_g
date
Tue, 17 Aug 2021 03:41:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EB37
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJqm3KP_3PYb_BDbnYTCkRk&google_cver=1&google_push=AYg5qPIzl5PoErleT-mr5o87XRcb-1yZuTwsSkK7fjRer626mYck_oaKsYP52y3vRfxc1EwDLvX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NGSVJIUzAtMUYtOFNORw==&google_push=AYg5qPIzl5PoErleT-mr5o87XRcb-1yZuTwsSkK7fjRer626mYck_oaKsYP52y3vRfxc1EwDLvXJF0PpBxp03Wgmxu3olcvzJ5s7
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NGSVJIUzAtMUYtOFNORw==&google_push=AYg5qPIzl5PoErleT-mr5o87XRcb-1yZuTwsSkK7fjRer626mYck_oaKsYP52y3vRfxc1EwDLvXJF0PpBxp03Wgmxu3olcvzJ5s7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NGSVJIUzAtMUYtOFNORw==&google_push=AYg5qPIzl5PoErleT-mr5o87XRcb-1yZuTwsSkK7fjRer626mYck_oaKsYP52y3vRfxc1EwDLvXJF0PpBxp03Wgmxu3olcvzJ5s7
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame EB37
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkab...
0
0

trk
ag.innovid.com/ Frame EB37
43 B
297 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEI4XUpgmCHAARtUsR8RLTj8&google_cver=1&google_push=AYg5qPK18JeB1fiwRDonWKNETs56V6IOSWtX_wOR7v2Oqpq_pOgfhMbtQfeT3fPb2HKgJfq7uO1vtxqkbHQ5YZKSugzhNQxk8nw1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:8678:af0d:fda8:5a84 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Aug 2021 03:41:35 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame EB37
0
244 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-bnJbJOhvV89AWeJ7XJn4r8Pl2G-DIXNDxuqTMcOd3Hb-8E5c1w9Om7JQjdVnpowqdE9H
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&adk=2681345953&adf=634733667&pi=t.aa~a.880195255~i.1~rp.4&w=620&fwrn=4&fwrnh=100&lmt=1629171694&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=4689011020&tp=site_kit&psa=0&ad_type=text_image&format=620x280&url=https%3A%2F%2Friftv.net%2F13915.html&flash=0&fwr=0&pra=3&rh=155&rw=620&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629171694974&bpp=3&bdt=5828&idt=-M&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D08741881cc88d9fd-229d17faacc90033%3AT%3D1629171694%3ART%3D1629171694%3AS%3DALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g&prev_fmts=0x0&nras=2&correlator=8338567251340&frm=20&pv=1&ga_vid=2131205262.1629171689&ga_sid=1629171695&ga_hid=1669268315&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=322&ady=1302&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066429%2C20211866%2C31062297&oid=3&pvsid=465524733194050&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hn4kM2k3Pa&p=https%3A//riftv.net&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 289F
77 KB
77 KB
Image
General
Full URL
https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=34978300012357000951407011689023&a=2a097962
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.36.108.3 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3112796.ip-54-36-108.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://hal900023.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Last-Modified
Mon, 23 Jul 2018 15:19:51 GMT
Server
nginx
ETag
"5b55f217-1348d"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
78989
viewability
hal900023.redintelligence.net/ Frame 289F
0
150 B
Script
General
Full URL
https://hal900023.redintelligence.net/viewability?s=34978300012357000951407011689023&a=c365a0e1&vb=m
Requested by
Host: hal900023.redintelligence.net
URL: https://hal900023.redintelligence.net/request_content.php?s=34978300012357000951407011689023&a=2a097962
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash

Request headers

Referer
https://hal900023.redintelligence.net/request_content.php?s=34978300012357000951407011689023&a=2a097962
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 03:41:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 289F
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
greenoaks.gif
g.ezoic.net/detroitchicago/
0
20 B
XHR
General
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3ZjZmYzkxZS04YzUzLTRjYWMtNGFhMC0zYjBlNzY0OWYwODMiLCJkb21haW5faWQiOiIyODY5MDAiLCJ0X2Vwb2NoIjoxNjI5MTcxNjg4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiN2Y2ZmM5MWUtOGM1My00Y2FjLTRhYTAtM2IwZTc2NDlmMDgzIiwiZG9tYWluX2lkIjoiMjg2OTAwIiwidF9lcG9jaCI6MTYyOTE3MTY4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDgtMTcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiLTEyMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjdmNmZjOTFlLThjNTMtNGNhYy00YWEwLTNiMGU3NjQ5ZjA4MyIsImRvbWFpbl9pZCI6IjI4NjkwMCIsInRfZXBvY2giOjE2MjkxNzE2ODgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjdmNmZjOTFlLThjNTMtNGNhYy00YWEwLTNiMGU3NjQ5ZjA4MyIsImRvbWFpbl9pZCI6IjI4NjkwMCIsInRfZXBvY2giOjE2MjkxNzE2ODgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiN2Y2ZmM5MWUtOGM1My00Y2FjLTRhYTAtM2IwZTc2NDlmMDgzIiwiZG9tYWluX2lkIjoiMjg2OTAwIiwidF9lcG9jaCI6MTYyOTE3MTY4OCwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:36 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://riftv.net
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Mon, 16 Aug 2021 03:41:35 UTC
greenoaks.gif
g.ezoic.net/detroitchicago/
0
176 B
XHR
General
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3ZjZmYzkxZS04YzUzLTRjYWMtNGFhMC0zYjBlNzY0OWYwODMiLCJkb21haW5faWQiOiIyODY5MDAiLCJ0X2Vwb2NoIjoxNjI5MTcxNjg4LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiIxMjc0In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMzU2In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjQ0In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiNDQifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTM3MSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjdmNmZjOTFlLThjNTMtNGNhYy00YWEwLTNiMGU3NjQ5ZjA4MyIsImRvbWFpbl9pZCI6IjI4NjkwMCIsInRfZXBvY2giOjE2MjkxNzE2ODgsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjM1MTMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3ZjZmYzkxZS04YzUzLTRjYWMtNGFhMC0zYjBlNzY0OWYwODMiLCJkb21haW5faWQiOiIyODY5MDAiLCJ0X2Vwb2NoIjoxNjI5MTcxNjg4LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjM1MTMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3ZjZmYzkxZS04YzUzLTRjYWMtNGFhMC0zYjBlNzY0OWYwODMiLCJkb21haW5faWQiOiIyODY5MDAiLCJ0X2Vwb2NoIjoxNjI5MTcxNjg4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiN2Y2ZmM5MWUtOGM1My00Y2FjLTRhYTAtM2IwZTc2NDlmMDgzIiwiZG9tYWluX2lkIjoiMjg2OTAwIiwidF9lcG9jaCI6MTYyOTE3MTY4OCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX1d
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:36 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://riftv.net
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Mon, 16 Aug 2021 03:41:35 UTC
greenoaks.gif
g.ezoic.net/detroitchicago/
0
20 B
XHR
General
Full URL
https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3ZjZmYzkxZS04YzUzLTRjYWMtNGFhMC0zYjBlNzY0OWYwODMiLCJkb21haW5faWQiOiIyODY5MDAiLCJ0X2Vwb2NoIjoxNjI5MTcxNjg4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiN2Y2ZmM5MWUtOGM1My00Y2FjLTRhYTAtM2IwZTc2NDlmMDgzIiwiZG9tYWluX2lkIjoiMjg2OTAwIiwidF9lcG9jaCI6MTYyOTE3MTY4OCwiZGF0YSI6W3sibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMTczNjAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIxIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiI2OTMxMjAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjQzMzIifV19XQ==
Requested by
Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-4y06-12y07-1y19-5y0b-5y0d-10y13-3y17-3y1a-2y1b-1y1d-2y1f-2y1e-4y20-3y52-1&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1ax1bx1dx1fx1ex20x52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 03:41:36 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://riftv.net
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
content-length
0
expires
Mon, 16 Aug 2021 03:41:35 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YRsv71zJxBlk4rb_vKkqPwAABG8AAAIB&google_cver=1&google_gid=CAESEHqEDuQLSdDcNEiAQhr7W04&google_push=AYg5qPIPfs_Ueehph6bM-A7brZQVjhTRUFkabhKth_JOTYdaYqUiGipEVWLiF-KLl_26dFlF-8dwnG7F_XcXIvWcNLye_v4BSlMO7A

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUmZbX3jDoZYOb_F-o810EnLsTlN2CFt5ajDucjXvMVDkb2DeW6x_RQt2ioXwAg
.riftv.net/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1629171694775],null,null]
.riftv.net/ Name: __qca
Value: P0-318660226-1629171689737
.riftv.net/ Name: _dlt
Value: 1
.riftv.net/ Name: ezovuuid_286900
Value: cc21719f-4dca-4219-79dc-b7f938001d69
.riftv.net/ Name: _gat_gtag_UA_186817945_1
Value: 1
.riftv.net/ Name: ezoadgid_286900
Value: -1
.riftv.net/ Name: _ga
Value: GA1.2.2131205262.1629171689
.riftv.net/ Name: __gads
Value: ID=08741881cc88d9fd-229d17faacc90033:T=1629171694:RT=1629171694:S=ALNI_MahWVBb_Ie8vWFJ76jrdQ6NiwIj1g
.riftv.net/ Name: _gid
Value: GA1.2.834587389.1629171689
.riftv.net/ Name: ezCMPCCS
Value: true
.riftv.net/ Name: ezopvc_286900
Value: 1
.riftv.net/ Name: ezovuuidtime_286900
Value: 1629171688
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: f3f6fca85edde1eb
riftv.net/ Name: ezux_lpl_286900
Value: 1629171694889|7f6fc91e-8c53-4cac-4aa0-3b0e7649f083|false
.riftv.net/ Name: ezoab_286900
Value: mod32-c
.riftv.net/ Name: ezoref_286900
Value:
.riftv.net/ Name: lp_286900
Value: https://riftv.net/13915.html

2 Console Messages

Source Level URL
Text
console-api log URL: https://sf.ezoiccdn.com/ezossp/https/c0.wp.com/c/5.8/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=2a(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://sf.ezoiccdn.com/ezossp/https/cdn.onesignal.com/sdks/OneSignalSDK.js?screx=1&sxcb=2a(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
api.pinterest.com
c0.wp.com
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
delegation-sante.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.ezoic.net
googleads.g.doubleclick.net
graph.facebook.com
hal9000.redintelligence.net
hal900023.redintelligence.net
i0.wp.com
i2.wp.com
image6.pubmatic.com
itsssl.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
riftv.net
rtb.openx.net
rules.quantcount.com
secure.quantserve.com
sf.ezoiccdn.com
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
104.75.88.209
109.234.160.166
138.201.63.157
172.217.16.130
18.159.80.129
18.195.172.136
185.29.132.242
185.64.189.115
192.0.76.3
192.0.77.2
192.0.77.37
2.18.233.201
2600:9000:2104:1000:1d:3142:8200:93a1
2600:9000:2104:1600:6:44e3:f8c0:93a1
2606:4700:3030::6815:1e26
2a00:1450:4001:802::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9a
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f145:82:face:b00c:0:25de
2a05:d01c:1d8:8101:8678:af0d:fda8:5a84
35.227.252.103
51.161.131.47
54.36.108.3
69.173.144.139
78.46.23.46
91.228.74.133
06846dba8a4d1e730d69fa533570d270e8185ba7ae036820c9d4ed35c7aa28da
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
070edfef42e0980783d0acf8fa9ca6a9833b994eca13ffaa94e9a2deb47c92cf
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
55af0bd0a8bcedb984d0d75fc571ecee29b27c546f0b4a371ed9ed8a2baf60a1
5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a
6488dfa2efd57445f30050510665ebb17f4345c2c62214f88e408a82154e276e
7993120cc0fe72682d787a28c9e0e6fa013c14907e114f8265ce605509b7a112
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
b18be65ecdd361acdd321f5c89b3ba9a3d34c5202526bec83a70aaaad74e649c
b45a1e86cd070e041e8a80406c0455ed660af03734518ad2eb122a031a56813a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
bc8ad11ba11bc2194ac139f62888d05ba7ab4608f238f62de254ce113fa440d2
bd60495c3c07a7fd25f0aa2f5383bcd13bfda1bf31ebf7fa5e7e4e66ff1f15dc
c0f1490a560b8fa0539cc122b88b74b8b1502275bc556fa9656989d1527b0d53
c1862eda84fdc62c14eb3baaf7f70f8d2eeb1e0d41d9f133d4d2eb65f23e0ffd
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
db9f29f97fa768125e9f646e53f5a9271dff55ccf5f6d15126768d8749766880
e63e29bf8100b5560e2574cf7d44637b405c9235a02f8e09c6cc7b52bb1b213d
e7791dbbce31f833b0b36d940413aa7d175af11fa62d6357f5f555e1d552cb95
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ea2ababc30e456846310dfe02ae49db7fe6866c0cb5ad6b432c53bacda37b3c1