riffberg.com Open in urlscan Pro
154.91.176.218 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://riffberg.com/login.jsp
Submission: On October 01 via api (October 1st 2024, 8:21:53 pm UTC) from US — Scanned from GB

Summary HTTP 182 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 22 domains to perform 182 HTTP transactions. The main IP is 154.91.176.218, located in Hong Kong, Hong Kong and belongs to AROSS-AS, US. The main domain is riffberg.com.
TLS certificate: Issued by R11 on September 30th 2024. Valid for: 3 months.

This is the only time riffberg.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au Jibun Bank (Financial)

Domain & IP information

	IP Address	AS Autonomous System
21	154.91.176.218 154.91.176.218	400619 (AROSS-AS) (AROSS-AS)
2	63.33.186.64 63.33.186.64	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:235... 2600:9000:235a:2e00:10:3572:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.24 18.66.147.24	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	124.83.185.124 124.83.185.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
9	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:249... 2600:9000:2490:bc00:18:15b9:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.213.168.153 23.213.168.153	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.213.164.35 23.213.164.35	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.245.86.65 18.245.86.65	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:235... 2600:9000:2359:f600:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.103.88.160 104.103.88.160	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
2	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
6 22	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
6 22	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	52.194.158.90 52.194.158.90	16509 (AMAZON-02) (AMAZON-02)
2	184.30.24.30 184.30.24.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.114.202.197 3.114.202.197	16509 (AMAZON-02) (AMAZON-02)
2	3.113.46.9 3.113.46.9	16509 (AMAZON-02) (AMAZON-02)
3 6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
182	27

21 154.91.176.218 (Hong Kong, Hong Kong)

ASN400619 (AROSS-AS, US)

riffberg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.186.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:235a:2e00:10:3572:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-24.fra60.r.cloudfront.net

p.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.83.185.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:bc00:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.168.153 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-168-153.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-35.deploy.static.akamaitechnologies.com

cdn.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-65.fra60.r.cloudfront.net

tk.csolution.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:f600:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

trj.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.88.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-88-160.deploy.static.akamaitechnologies.com

cdn.kaizenplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.194.158.90 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-158-90.ap-northeast-1.compute.amazonaws.com

i.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-30.deploy.static.akamaitechnologies.com

i6.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.202.197 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-202-197.ap-northeast-1.compute.amazonaws.com

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.113.46.9 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-46-9.ap-northeast-1.compute.amazonaws.com

log-v4-insight.kaizenplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 td.doubleclick.net — Cisco Umbrella Rank: 216	38 KB
22	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4792	1 KB
22	google.com 6 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
21	riffberg.com riffberg.com	2 MB
16	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	1 MB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	6 KB
9	segreencolumn.com ob.segreencolumn.com — Cisco Umbrella Rank: 32399 obs.segreencolumn.com — Cisco Umbrella Rank: 26360	42 KB
9	bing.com bat.bing.com — Cisco Umbrella Rank: 378	17 KB
6	googleadservices.com 3 redirects www.googleadservices.com — Cisco Umbrella Rank: 99	8 KB
5	smartnews-ads.com cdn.smartnews-ads.com — Cisco Umbrella Rank: 86595 i.smartnews-ads.com — Cisco Umbrella Rank: 89969 i6.smartnews-ads.com — Cisco Umbrella Rank: 93258	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	80 KB
3	kaizenplatform.net cdn.kaizenplatform.net — Cisco Umbrella Rank: 633596 log-v4-insight.kaizenplatform.net — Cisco Umbrella Rank: 523353	101 KB
2	line.me tr.line.me — Cisco Umbrella Rank: 16729	850 B
2	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 7948	11 KB
2	fraud-alert.net static.fraud-alert.net p.fraud-alert.net	21 KB
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 12400	8 KB
1	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 236317	319 B
1	valuecommerce.com trj.valuecommerce.com — Cisco Umbrella Rank: 232159	5 KB
1	csolution.jp tk.csolution.jp	2 KB
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 17650	10 KB
0	Failed function sub() { [native code] }. Failed
0	yahoo.co.jp Failed b99.yahoo.co.jp Failed apm.yahoo.co.jp Failed
182	22

	Domain	Requested by
22	www.google.co.uk	riffberg.com
22	www.google.com	6 redirects riffberg.com
22	googleads.g.doubleclick.net	6 redirects www.googletagmanager.com
21	riffberg.com	riffberg.com
19	td.doubleclick.net	www.googletagmanager.com
16	www.googletagmanager.com	riffberg.com
12	www.facebook.com	riffberg.com
9	bat.bing.com	riffberg.com bat.bing.com
8	obs.segreencolumn.com	riffberg.com ob.segreencolumn.com
6	www.googleadservices.com	3 redirects www.googletagmanager.com
4	connect.facebook.net	riffberg.com connect.facebook.net
2	log-v4-insight.kaizenplatform.net	cdn.kaizenplatform.net
2	i6.smartnews-ads.com	riffberg.com
2	i.smartnews-ads.com	riffberg.com
2	tr.line.me	riffberg.com
2	s.yimg.jp	riffberg.com ob.segreencolumn.com
2	seal.digicert.com	riffberg.com
1	a.imgvc.com	riffberg.com
1	cdn.kaizenplatform.net	riffberg.com
1	trj.valuecommerce.com	riffberg.com
1	tk.csolution.jp	riffberg.com
1	cdn.smartnews-ads.com	riffberg.com
1	d.line-scdn.net	riffberg.com
1	ob.segreencolumn.com	riffberg.com
1	p.fraud-alert.net	static.fraud-alert.net
1	static.fraud-alert.net	riffberg.com
0	localhost Failed	riffberg.com
0	apm.yahoo.co.jp Failed	s.yimg.jp
0	b99.yahoo.co.jp Failed	s.yimg.jp
182	29

This site contains links to these domains. Also see Links.

Domain
ib.jibunbank.co.jp
help.jibunbank.co.jp
www.jibunbank.co.jp

Subject Issuer	Validity	Valid
*.demiangufen.com R11	`2024-09-30` - `2024-12-29`	3 months	crt.sh
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-01-30`	a year	crt.sh
*.fraud-alert.net Amazon RSA 2048 M02	`2024-09-13` - `2025-10-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2024-09-20` - `2025-10-19`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.segreencolumn.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-24` - `2025-09-23`	a year	crt.sh
*.smartnews-ads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.csolution.jp Amazon RSA 2048 M03	`2024-03-25` - `2025-04-23`	a year	crt.sh
*.valuecommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-09` - `2025-10-10`	a year	crt.sh
*.kaizenplatform.net GeoTrust RSA CA 2018	`2024-03-04` - `2025-03-07`	a year	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2024-08-08` - `2025-09-09`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.co.uk WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.imgvc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-10-31`	a year	crt.sh
*.googleadservices.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 20 frames:

Frame: http://localhost/
Frame ID: 080BBB4400498CEEA53B06B9B7010416
Requests: 161 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1727814095608&cv=11&fst=1727814095608&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 76CDAD83CB45884D39853DFDC82DAC82
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727814095680&cv=11&fst=1727814095680&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: E8ABF11B0DFF98BB02519135D88382CE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727814095740&cv=11&fst=1727814095740&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 2A42450F645CE41820352A1715318FB0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709179453?random=1727814095891&cv=11&fst=1727814095891&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 01514BC758A238BBCC18C252EB0C34A3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1727814096047&cv=11&fst=1727814096047&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: E64AB8896AAFF234F5EC3172D902FD41
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721159065?random=1727814096199&cv=11&fst=1727814096199&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: AE6168B2DAE5B5147BA5E0BA2EBF9C18
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709179453?random=1727814096763&cv=11&fst=1727814096763&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A024CE40EA00600AA21199457FEEC870
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/723623815?random=1727814096855&cv=11&fst=1727814096855&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 8597002EEB7187863A2E6FEC5C1EA0C5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/942787950?random=1727814098156&cv=11&fst=1727814098156&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4259CC8515724B75A8908F9A49D46F21
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709209482?random=1727814098344&cv=11&fst=1727814098344&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 8184C602044F5B963D8E2B88B0F04444
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/612303449?random=1727814098467&cv=11&fst=1727814098467&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 10DF8F6AF59E0A0349E3819B5C5205C8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721159065?random=1727814098575&cv=11&fst=1727814098575&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 97713CB0A4644CC3D6528DAA7AC25A6C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721477044?random=1727814098659&cv=11&fst=1727814098659&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E3A053076AEEE0946A2D99C441A18C00
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1727814099236&cv=11&fst=1727814099236&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 2853845F6F0E7D43BBD9FD16B9955E40
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1727814099347&cv=11&fst=1727814099347&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: F0BBC0EB12A92CFC16347047E6FA0073
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1727814099392&cv=11&fst=1727814099392&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 1E5275A368CC7B5D1662523EED1B0F71
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1727814099482&cv=11&fst=1727814099482&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 86FD3F7FC4F7F7394CDAE77160D26A04
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727814099520&cv=11&fst=1727814099520&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 77417265061FFB9ED28C59CE1882A843
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1727814099606&cv=11&fst=1727814099606&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 52068182B87906B68EA73BF24FE54F55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン | ログイン | auじぶん銀行

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

77 %
HTTPS

46 %
IPv6

22
Domains

29
Subdomains

27
IPs

6
Countries

3869 kB
Transfer

7267 kB
Size

22
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://ib.jibunbank.co.jp/security/ap/manageloginpw/resetloginpw/resetloginpwidentificationinit
Title: ログインパスワードを忘れた・ロックしてしまったお客さま

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=999
Title: ログインできなくなりました。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=518
Title: ログインパスワードとは何ですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=536
Title: お客さま番号とログインパスワードを正しく入力しても、インターネットバンキングにログインできません。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=528
Title: ログインパスワードを忘れてしまいました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=599
Title: ログインパスワードを何度も間違えて、入力できなくなりました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://www.jibunbank.co.jp/common/redirector.html?id=3484
Title: 全てを見る

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQI&pscrd=IhMI-sbwjIHuiAMV64-DBx0bTht2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQI&pscrd=IhMI-sbwjIHuiAMV64-DBx0bTht2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfxgd4tioAsoJgPa2cD2QIL5gI548O7-pxshWPq0NkB3fiTeC7&random=1718226949 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQI&pscrd=IhMI-sbwjIHuiAMV64-DBx0bTht2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfxgd4tioAsoJgPa2cD2QIL5gI548O7-pxshWPq0NkB3fiTeC7&random=1718226949&ipr=y

Request Chain 118

https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI-MXwjIHuiAMVyouDBx0TnyLmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI-MXwjIHuiAMVyouDBx0TnyLmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfdZtEENZxUVz6AksB1ra59bEYzEtZhpfCxiFj_HJaD_g4K0ya&random=2967272545 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI-MXwjIHuiAMVyouDBx0TnyLmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfdZtEENZxUVz6AksB1ra59bEYzEtZhpfCxiFj_HJaD_g4K0ya&random=2967272545&ipr=y

Request Chain 119

https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIuMjwjIHuiAMVsoiDBx2zzDlDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIuMjwjIHuiAMVsoiDBx2zzDlDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfoKwZlNF32lYOKl2D9TjRdegqH_yrZWsBnbzqsZArAMdxMNVT&random=1990367632 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIuMjwjIHuiAMVsoiDBx2zzDlDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfoKwZlNF32lYOKl2D9TjRdegqH_yrZWsBnbzqsZArAMdxMNVT&random=1990367632&ipr=y

Request Chain 161

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIxbCGjYHuiAMVJ4uDBx1B6js9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckt1TUEzaC1Xcl82eEFJSFFoMUQ2aEVYT25GaVhtazZweXpmSWVCNTM3QUVyNGFYZFl4QlRCSQ HTTP 302
https://www.google.com/pagead/1p-conversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIxbCGjYHuiAMVJ4uDBx1B6js9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckt1TUEzaC1Xcl82eEFJSFFoMUQ2aEVYT25GaVhtazZweXpmSWVCNTM3QUVyNGFYZFl4QlRCSQ&is_vtc=1&cid=CAQSKQDpaXnftUe6JziQX5V4fMx_mOEEgeoNbnio5YK3_JCG0Ih1XEYzqosn&random=3960196052 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIxbCGjYHuiAMVJ4uDBx1B6js9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckt1TUEzaC1Xcl82eEFJSFFoMUQ2aEVYT25GaVhtazZweXpmSWVCNTM3QUVyNGFYZFl4QlRCSQ&is_vtc=1&cid=CAQSKQDpaXnftUe6JziQX5V4fMx_mOEEgeoNbnio5YK3_JCG0Ih1XEYzqosn&random=3960196052&ipr=y

Request Chain 164

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIo9GOjYHuiAMVV4mDBx0I5CVgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck41YXpsbnNSTE82S096amthazlIQnpZLVhscENrenNJXy1SeWpOdG1nN0ZSOGdGM1ZTQTNTWQ HTTP 302
https://www.google.com/pagead/1p-conversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIo9GOjYHuiAMVV4mDBx0I5CVgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck41YXpsbnNSTE82S096amthazlIQnpZLVhscENrenNJXy1SeWpOdG1nN0ZSOGdGM1ZTQTNTWQ&is_vtc=1&cid=CAQSKQDpaXnfs4fOkMfDMkaSI8SOGwF9zXyoHwzmg3GQd8FPvhypcUbN-akk&random=22193456 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIo9GOjYHuiAMVV4mDBx0I5CVgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck41YXpsbnNSTE82S096amthazlIQnpZLVhscENrenNJXy1SeWpOdG1nN0ZSOGdGM1ZTQTNTWQ&is_vtc=1&cid=CAQSKQDpaXnfs4fOkMfDMkaSI8SOGwF9zXyoHwzmg3GQd8FPvhypcUbN-akk&random=22193456&ipr=y

Request Chain 169

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI7LOWjYHuiAMV_IqDBx28JQPjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJNRjhQNzhhaVRGUUtWRnFhdHlYenhGREVJOEFFa0RwS282Y0VYdnc2Z2VmOHJ1UGFBNGx6bw HTTP 302
https://www.google.com/pagead/1p-conversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI7LOWjYHuiAMV_IqDBx28JQPjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJNRjhQNzhhaVRGUUtWRnFhdHlYenhGREVJOEFFa0RwS282Y0VYdnc2Z2VmOHJ1UGFBNGx6bw&is_vtc=1&cid=CAQSKQDpaXnfUyNf-E5EyC4AsqL4DSpSbTYP79gb_QS6cXngAv4QQbtn1YV9&random=1413178665 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI7LOWjYHuiAMV_IqDBx28JQPjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJNRjhQNzhhaVRGUUtWRnFhdHlYenhGREVJOEFFa0RwS282Y0VYdnc2Z2VmOHJ1UGFBNGx6bw&is_vtc=1&cid=CAQSKQDpaXnfUyNf-E5EyC4AsqL4DSpSbTYP79gb_QS6cXngAv4QQbtn1YV9&random=1413178665&ipr=y

182 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.jsp Show response
riffberg.com/ 19 KB
19 KB 1617ms
499ms Document
text/html 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: c7dae3c7ee9f18d0e2c6c58877284c7e3efc52061a2ed31db79c6f4456ad1ee0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 19673
content-type: text/html;charset=UTF-8
date: Tue, 01 Oct 2024 20:21:20 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 all.js Show response
riffberg.com/js/ 256 KB
257 KB 903ms
901ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/all.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"261634-1727680664000"
accept-ranges: bytes
content-length: 261634
date: Tue, 01 Oct 2024 20:21:20 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 app.js Show response
riffberg.com/js/ 190 KB
191 KB 453ms
451ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/app.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"194353-1727680664000"
accept-ranges: bytes
content-length: 194353
date: Tue, 01 Oct 2024 20:21:20 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 style.css
riffberg.com/style/css/ 516 KB
520 KB 455ms
453ms Stylesheet
text/css 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/style/css/style.css
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 60fb7676356c6f47177b6a602932a741b2368577fa6c33c5b1d383bdff7dd899

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"528492-1727698150000"
accept-ranges: bytes
content-length: 528492
date: Tue, 01 Oct 2024 20:21:20 GMT
last-modified: Mon, 30 Sep 2024 12:09:10 GMT
content-type: text/css
server: Apache
vary: Accept-Encoding

GET
H2 200 common.js Show response
riffberg.com/js/ 4 KB
4 KB 455ms
453ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/common.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 275c9465b2561fcc96e4f99beb30d8bb4156f3405b6cb8354a51c1af400b771e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"4484-1727710072288"
accept-ranges: bytes
content-length: 4484
date: Tue, 01 Oct 2024 20:21:20 GMT
last-modified: Mon, 30 Sep 2024 15:27:52 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 extended_timeout.js Show response
riffberg.com/js/ 3 KB
3 KB 454ms
453ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/extended_timeout.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"3334-1727680664000"
accept-ranges: bytes
content-length: 3334
date: Tue, 01 Oct 2024 20:21:20 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
riffberg.com/js/ 86 KB
86 KB 901ms
900ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/jquery-3.4.1.min.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"88145-1680887322000"
accept-ranges: bytes
content-length: 88145
date: Tue, 01 Oct 2024 20:21:20 GMT
last-modified: Fri, 07 Apr 2023 17:08:42 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 img_site-logo_pc.png
riffberg.com/style/img/ 2 KB
2 KB 747ms
746ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riffberg.com/style/img/img_site-logo_pc.png
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 2154
date: Tue, 01 Oct 2024 20:21:20 GMT
etag: W/"2154-1727687748000"
last-modified: Mon, 30 Sep 2024 09:15:48 GMT
content-type: image/png
server: Apache

GET
H2 200 img_site-logo_sp.png
riffberg.com/style/img/ 2 KB
2 KB 747ms
747ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riffberg.com/style/img/img_site-logo_sp.png
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 1829
date: Tue, 01 Oct 2024 20:21:20 GMT
etag: W/"1829-1727687748000"
last-modified: Mon, 30 Sep 2024 09:15:48 GMT
content-type: image/png
server: Apache

GET
H2 200 before_auth.css
riffberg.com/style/css/ 447 B
543 B 254ms
254ms Stylesheet
text/css 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/style/css/before_auth.css
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"447-1727680708000"
accept-ranges: bytes
content-length: 447
date: Tue, 01 Oct 2024 20:21:23 GMT
last-modified: Mon, 30 Sep 2024 07:18:28 GMT
content-type: text/css
server: Apache
vary: Accept-Encoding

GET
H2 200 question.svg
riffberg.com/style/img/ 717 B
801 B 490ms
490ms Image
image/svg+xml 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riffberg.com/style/img/question.svg
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 717
date: Tue, 01 Oct 2024 20:21:23 GMT
etag: W/"717-1727688026000"
last-modified: Mon, 30 Sep 2024 09:20:26 GMT
content-type: image/svg+xml
server: Apache

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 155 B
560 B 705ms
571ms Image
image/png 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=BDWjGLpY&referer=ib.jibunbank.co.jp&format=png&lang=ja&seal_number=18&seal_size=s&an=min

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

Strict-Transport-Security: max-age=31536000
cache-control: max-age=7776000
x-envoy-upstream-service-time: 27
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Mon, 30 Dec 2024 20:21:23 GMT
Content-Length: 155
Date: Tue, 01 Oct 2024 20:21:23 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
last-modified: Tue, 01 Oct 2024 20:21:22 GMT
Server: nginx

GET
H2 200 gtm.js Show response
riffberg.com/js/ 504 KB
507 KB 478ms
478ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cc160f9188f87d0f995c97c540ac7dfab1f76678e2fea1775e471c2a0a46f002

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"515639-1727680328000"
accept-ranges: bytes
content-length: 515639
date: Tue, 01 Oct 2024 20:21:23 GMT
last-modified: Mon, 30 Sep 2024 07:12:08 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 seal.min.js Show response
riffberg.com/js/ 8 KB
8 KB 482ms
482ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/seal.min.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"7741-1727688784000"
accept-ranges: bytes
content-length: 7741
date: Tue, 01 Oct 2024 20:21:23 GMT
last-modified: Mon, 30 Sep 2024 09:33:04 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 p_img04.png
riffberg.com/style/img/ 17 KB
17 KB 480ms
480ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riffberg.com/style/img/p_img04.png
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 17497
date: Tue, 01 Oct 2024 20:21:23 GMT
etag: W/"17497-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img05.png
riffberg.com/style/img/ 18 KB
19 KB 481ms
480ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riffberg.com/style/img/p_img05.png
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 18851
date: Tue, 01 Oct 2024 20:21:23 GMT
etag: W/"18851-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img06.png
riffberg.com/style/img/ 17 KB
17 KB 481ms
479ms Image
image/png 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riffberg.com/style/img/p_img06.png
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 16987
date: Tue, 01 Oct 2024 20:21:23 GMT
etag: W/"16987-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 pc_cachcard_back.gif
riffberg.com/style/img/ 76 KB
77 KB 483ms
482ms Image
image/gif 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://riffberg.com/style/img/pc_cachcard_back.gif
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

accept-ranges: bytes
content-length: 78211
date: Tue, 01 Oct 2024 20:21:23 GMT
etag: W/"78211-1727688220000"
last-modified: Mon, 30 Sep 2024 09:23:40 GMT
content-type: image/gif
server: Apache

GET
H2 200 fraudalert_form.js Show response
riffberg.com/js/ 950 B
1000 B 480ms
480ms Script
application/javascript 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/js/fraudalert_form.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/login.jsp

Response headers

etag: W/"950-1727680664000"
accept-ranges: bytes
content-length: 950
date: Tue, 01 Oct 2024 20:21:23 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

POST
H2 200 pageServlet Show response
riffberg.com/api/ 2 B
28 B 20342ms
20340ms XHR
text/html 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/api/pageServlet
Requested by: Host: riffberg.com
URL: https://riffberg.com/js/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: d8d91b2e06df73d70eb998e274b63b433db68b4fa1cfd0904f21f139b14c5567

Request headers

Referer: https://riffberg.com/login.jsp
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01
Content-Type: application/x-www-form-urlencoded

Response headers

content-length: 2
date: Tue, 01 Oct 2024 20:21:23 GMT
content-type: text/html;charset=UTF-8
server: Apache

GET
H2 200 NotoSansCJKjp-RegularSubset.woff
riffberg.com/style/font/ 397 KB
400 KB 458ms
458ms Font
font/woff 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/style/font/NotoSansCJKjp-RegularSubset.woff
Requested by: Host: riffberg.com
URL: https://riffberg.com/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://riffberg.com
Referer: https://riffberg.com/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 406344
date: Tue, 01 Oct 2024 20:21:23 GMT
etag: W/"406344-1727681130000"
last-modified: Mon, 30 Sep 2024 07:25:30 GMT
content-type: font/woff
server: Apache

GET question.svg
riffberg.com/style/img/ 0
0

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
8 KB 691ms
570ms Script
text/javascript 63.33.186.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

63.33.186.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-186-64.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

Strict-Transport-Security: max-age=31536000
etag: "1e3d-62363a70326c0"
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 7741
Date: Tue, 01 Oct 2024 20:21:24 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
last-modified: Tue, 01 Oct 2024 05:32:51 GMT
Server: nginx

GET p_img04.png
riffberg.com/style/img/ 0
0

GET p_img05.png
riffberg.com/style/img/ 0
0

GET p_img06.png
riffberg.com/style/img/ 0
0

GET
H2 200 NotoSansCJKjp-MediumSubset.woff
riffberg.com/style/font/ 176 KB
0 20039ms
20039ms Font
font/woff 154.91.176.218
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://riffberg.com/style/font/NotoSansCJKjp-MediumSubset.woff
Requested by: Host: riffberg.com
URL: https://riffberg.com/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.218 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://riffberg.com
Referer: https://riffberg.com/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 406932
date: Tue, 01 Oct 2024 20:21:23 GMT
etag: W/"406932-1727681130000"
last-modified: Mon, 30 Sep 2024 07:25:30 GMT
content-type: font/woff
server: Apache

GET
H2 200 f.js Show response
static.fraud-alert.net/ 56 KB
20 KB 253ms
56ms Script
application/javascript 2600:9000:235a:2e00:10:3572:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fraud-alert.net/f.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/js/fraudalert_form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:2e00:10:3572:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

x-amz-cf-pop: FRA60-P9
content-encoding: gzip
etag: W/"f98f7793266711a8689fe211e9d65b52"
age: 43309
via: 1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: r2pXZjAkyT6JPAIdqYthRHYIOul4Kz4gGTXy3cA0utc5OX_FOV-Qkw==
date: Tue, 01 Oct 2024 08:19:35 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Sun, 22 Oct 2023 12:05:34 GMT
x-amz-server-side-encryption: AES256

GET arrow_gray.svg
riffberg.com/style/img/ 0
0

POST
H2 200 accept Show response
p.fraud-alert.net/ 31 B
512 B 921ms
736ms XHR
text/plain 18.66.147.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.fraud-alert.net/accept
Requested by: Host: static.fraud-alert.net
URL: https://static.fraud-alert.net/f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-24.fra60.r.cloudfront.net
Software: /
Resource Hash: e7c5bb9be0b410f825b9453eb58b18039aa62c82f6795a8f9e84d9cf2e75610d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://riffberg.com/

Response headers

access-control-allow-credentials: true
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
access-control-allow-origin: https://riffberg.com
x-cache: Miss from cloudfront
content-length: 31
x-amz-cf-id: YnDYMhCnsok2qWkm6V2F8d-YybfZPMgLGUOlSLlr_L-BbTcHQY0obg==
date: Tue, 01 Oct 2024 20:21:24 GMT
x-amz-cf-pop: FRA60-P4

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
79 KB 314ms
84ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14077821&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

968b8175e86895e7c073434f9e3e864ec8a871f178ce599df6afa249d8ba3af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 80153
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 32 KB
11 KB 1597ms
495ms Script
application/javascript 124.83.185.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: 0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

x-z-chihaya: r=1
cache-control: public, max-age=600
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 114
ats-carp-promotion: 1
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 10561
date: Tue, 01 Oct 2024 20:19:42 GMT
last-modified: Tue, 01 Oct 2024 08:29:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nghttpx
x-ntap-sg-trace-id: 5c4bc74ff19258bc

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 322ms
97ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c081f944b4aa11625246f10f18927bfeff98a35a5a1be91cc4ee4ec62dcfb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91507
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 366ms
141ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

473f27c7384b4a40885f831052b158d7fd33a6e29b15f4a59ec8647372ea45ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89460
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 416ms
41ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BB11683132944A27986E4319834A2BEB Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:35Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Tue, 01 Oct 2024 20:21:34 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 313ms
111ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b106d120fddcd7c9de1b4f7b6ded8a615334f3e86cfb92723d66508f01105f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89408
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 320ms
128ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd035a977d7e7060becc664f670223ad5e4d2a56e7d034a14023b32af0b19a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89413
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 247 KB
88 KB 324ms
134ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02dc0198f80ba1db50699741906f5f4f8422ece0df8d2267c7d53fd7afd56cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89492
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 70ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-709179453

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7dbf318900fc4f0625fd475b80e05dee53886c49dc18b10e51ce36668543bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 91568
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
85 KB 69ms
54ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-723623815

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f03b542fa1c6564c8dbab92a5da693ed189f2ec7f47250a04abff42927c12ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86465
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ad1f1040ad9ca638cc6ee793ef48a4f6.js Show response
ob.segreencolumn.com/i/ 108 KB
40 KB 449ms
72ms Script
text/javascript 2600:9000:2490:bc00:18:15b9:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:bc00:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 51ae2f5a753c96b5c70779481552f3636df036952791a90c7853af58c73a35f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "1ae5b-YGTsV4Kh386LbDpwhQvf4aaoogg"
age: 11609
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
expires: Wed, 02 Oct 2024 05:08:06 GMT
x-cache: Hit from cloudfront
content-length: 40308
x-amz-cf-id: I04S0X3PQDxCr40GdQKjVCOJt2SguahrwNHOFCUQ6va4ca2JnodQ9A==
date: Tue, 01 Oct 2024 17:08:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: FRA56-P6

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 440ms
76ms Script
application/javascript 23.213.168.153
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.168.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-168-153.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: gzip
x-amz-version-id: aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
etag: "02e4691c0dcc2f7ecef2712fb0f24921"
expires: Sat, 12 Oct 2024 19:41:00 GMT
x-rgw-object-type: Normal
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/javascript
last-modified: Mon, 02 Oct 2023 06:16:39 GMT
x-amz-expiration: expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cache-control: max-age=947965
x-amz-request-id: tx0000006918b62e065fa5b-00651a6066-13dd9984-jp2
accept-ranges: bytes
content-length: 9865
server: VOS

GET
H2 200 pixel.js Show response
cdn.smartnews-ads.com/i/ 5 KB
2 KB 425ms
121ms Script
application/javascript 23.213.164.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartnews-ads.com/i/pixel.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.164.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: max-age=279
content-encoding: gzip
x-amz-meta-version: 8.4.6
etag: "709c82eb76cb41d00bb431534c33b6ff"
x-amz-version-id: U_040zL3HHLQ_Xb5czsQ1qGGPFoW.rFj
expires: Tue, 01 Oct 2024 20:26:14 GMT
accept-ranges: bytes
content-length: 1922
date: Tue, 01 Oct 2024 20:21:35 GMT
last-modified: Mon, 21 Nov 2022 09:11:10 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 163ms
40ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa9185ab1bfe6ccdf160f859377f2c8ed3b102c7a083bbbfb30d2ea3f26ff31f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 20:21:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=23, mss=1232, tbw=5680, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: GGkoKCQ/Z3Gzd7kI0+8WJXNaLGeymtMKoKh602MEa169Clz4RrzJLT3KlCbnm2KpUIKedJoZXZtVWhaIDa/PqQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59127
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 adme_tk.neo Show response
tk.csolution.jp/ 1 KB
2 KB 1232ms
982ms Script
binary/octet-stream 18.245.86.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.csolution.jp/adme_tk.neo
Requested by: Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-65.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

etag: "01b42b52842905b667f426f1145dfab9"
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 1231
x-amz-cf-id: GJy-MrRW3tYK1QZ8zHfzzU0Zs5G21Oy7K5zXa1TD9Ie5tSgNbPvzrw==
date: Tue, 01 Oct 2024 20:21:37 GMT
content-type: binary/octet-stream
last-modified: Tue, 14 Jan 2020 06:27:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6

GET
H2 200 vclp.js Show response
trj.valuecommerce.com/ 4 KB
5 KB 318ms
57ms Script
application/javascript 2600:9000:2359:f600:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trj.valuecommerce.com/vclp.js
Requested by: Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:f600:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fb587c59b0120a6d8ff5d5e6b710c6afcb3b668495988f1e9c66626ea26c9cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type,Content-Range,x-goog-resumable
x-goog-hash: crc32c=OgAn0A==, md5=kCQf0OwmWvrHxLOR4fgqqw==
etag: "90241fd0ec265afac7c4b391e1f82aab"
age: 241
x-goog-stored-content-encoding: identity
expires: Tue, 01 Oct 2024 20:22:34 GMT
x-goog-stored-content-length: 3874
x-cache: Hit from cloudfront
x-amz-cf-id: VbJpVkybiK65e6BTVaSKQAIHU_nQIls9RmqZ-kPguj4zKAWfVsGTLA==
date: Tue, 01 Oct 2024 20:17:34 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 07:06:52 GMT
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljvviwTgMBSOe1Lex1spUp8bV2Knc6Mt2GrF51uebxYATbl6InRqRkoflYeBrana2CJaQcvL1v1DBA
cache-control: max-age=300
x-goog-storage-class: REGIONAL
via: 1.1 343f10c14a24beceec4fd2e9df6f9a50.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1642403212642544
content-length: 3874
x-amz-cf-pop: FRA60-P10
server: UploadServer

GET
H2 200 8c9dd94c00f839.js Show response
cdn.kaizenplatform.net/s/df/ 317 KB
101 KB 1019ms
716ms Script
application/javascript 104.103.88.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Requested by: Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.103.88.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-103-88-160.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 18feb6ecb24ef112ba8662cb6227b45ba57f716feb9cce74e328808b3d64ff7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "f8bee66bc8c7429e3dc32eb70ac8a42d"
x-amz-version-id: null
access-control-allow-methods: GET
date: Tue, 01 Oct 2024 20:21:36 GMT
last-modified: Tue, 20 Aug 2024 07:03:27 GMT
vary: Accept-Encoding
content-type: application/javascript
x-amz-id-2: YQ0zVI4aRfnJGQ5nbc/qqCYjwg14q5pRvxK1f+jUuS3gwTc8p7MuG761HXAGbvEdH+SdQ2eBLhI=
cache-control: max-age=300
x-amz-request-id: QDP3A6PWM9X6H196
accept-ranges: bytes
access-control-allow-origin: *
content-length: 102766
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ad1f1040ad9ca638cc6ee793ef48a4f6.html
obs.segreencolumn.com/ns/ 0
250 B 714ms
218ms Image
text/html 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/ns/ad1f1040ad9ca638cc6ee793ef48a4f6.html?ch=cheq4ppc&gtmcb=790358616
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 01 Oct 2024 20:21:36 GMT
pragma: no-cache
content-type: text/html
cross-origin-resource-policy: cross-origin

GET
H2 200 97022402.js Show response
bat.bing.com/p/action/ 371 B
418 B 51ms
35ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97022402.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a9c46f4371f29ded6f345238dd688515240c3da12b3a220f4f734e7066bb284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CD74B79BC9EE4790ACB1C68690A17277 Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97114338.js Show response
bat.bing.com/p/action/ 371 B
388 B 114ms
98ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97114338.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a9c46f4371f29ded6f345238dd688515240c3da12b3a220f4f734e7066bb284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 646188C351BA4DE6832C609F26DB5896 Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97050327.js Show response
bat.bing.com/p/action/ 371 B
388 B 114ms
98ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a9c46f4371f29ded6f345238dd688515240c3da12b3a220f4f734e7066bb284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4E9580CC30C45968002D9F86E80EC22 Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97050325.js Show response
bat.bing.com/p/action/ 371 B
389 B 112ms
96ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050325.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8a9c46f4371f29ded6f345238dd688515240c3da12b3a220f4f734e7066bb284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 586E698307E84CABAEDBDDF4185CA94F Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:35Z
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 1362ms
508ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=01e18853-2d62-465d-8b18-53d586acd913&b_u=https%3A%2F%2Friffberg.com%2Flogin.jsp&b_d=riffberg.com&b_p=%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=abc7e14b-e97c-4e6b-bf23-f49c61bb0e21&s_id=6f9d76da-64899080&x4=100&e=pv&v=3.4.1&_t=1727814095553
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate
Content-Length: 43
Date: Tue, 01 Oct 2024 20:21:36 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 1195ms
507ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=01e18853-2d62-465d-8b18-53d586acd913&b_u=https%3A%2F%2Friffberg.com%2Flogin.jsp&b_d=riffberg.com&b_p=%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=9dd1ca22-3499-4044-8a02-0c2d3241b696&s_id=6f9d76da-64899080&x4=400&e=pv&v=3.4.1&_t=1727814095561
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate
Content-Length: 43
Date: Tue, 01 Oct 2024 20:21:36 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/ 5 KB
2 KB 261ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1727814095608&cv=11&fst=1727814095608&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb58d66fd0b1a93ef1b895b40c4889570a6d6ed8398cd823ae24b1351a4ae39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2368
date: Tue, 01 Oct 2024 20:21:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 856479406
td.doubleclick.net/td/rul/ Frame 76CD 0
0 346ms
114ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1727814095608&cv=11&fst=1727814095608&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 5 KB
2 KB 182ms
67ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1727814095680&cv=11&fst=1727814095680&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e7aa430690e032bb481bfd2b888d8dbadbe7e6551472215be66f1e4eea7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2355
date: Tue, 01 Oct 2024 20:21:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721484514
td.doubleclick.net/td/rul/ Frame E8AB 0
0 240ms
108ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727814095680&cv=11&fst=1727814095680&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 5 KB
2 KB 72ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1727814095740&cv=11&fst=1727814095740&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70c37b43db7f29193553ea771a59919914824540bf264abc0bcac58688461b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2355
date: Tue, 01 Oct 2024 20:21:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721484514
td.doubleclick.net/td/rul/ Frame 2A42 0
0 237ms
112ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727814095740&cv=11&fst=1727814095740&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 5 KB
2 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1727814095891&cv=11&fst=1727814095891&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf2ff6e8a3f0c7216aad20da3d745d72ca4049bdd538c5fb368f2736c491f962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2372
date: Tue, 01 Oct 2024 20:21:35 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 709179453
td.doubleclick.net/td/rul/ Frame 0151 0
0 92ms
90ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709179453?random=1727814095891&cv=11&fst=1727814095891&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/ 6 KB
2 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1727814096047&cv=11&fst=1727814096047&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20c1820b56cdf40d3a79bf3649ad55a52f7e898599c51b2f9946d56ddbb1af23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2380
date: Tue, 01 Oct 2024 20:21:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721521220
td.doubleclick.net/td/rul/ Frame E64A 0
0 108ms
106ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1727814096047&cv=11&fst=1727814096047&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 5 KB
2 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1727814096199&cv=11&fst=1727814096199&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68eb7822f02f2f1f615c570bbdbed5a3fbb743aaa30aab79548dcb808785d6be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2373
date: Tue, 01 Oct 2024 20:21:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721159065
td.doubleclick.net/td/rul/ Frame AE61 0
0 88ms
87ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721159065?random=1727814096199&cv=11&fst=1727814096199&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ct Show response
obs.segreencolumn.com/ 4 KB
2 KB 345ms
344ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/ct?id=46070&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1727814096702&hl=2&op=0&ag=566412661&rand=0426526201156068782620699507555893271836721292048576226601585480290221852701192285282&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM4MTBdLFsiYWJuY2giLDc1XSxbLTcsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiXX0iXSxbLTI2LCJ7XCJ0amhzXCI6MTgxNTIyNzYsXCJ1amhzXCI6MTQzNzM1NDgsXCJqaHNsXCI6NDI5NDcwNTE1Mn0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEwIl0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFstMTIsIm51bGwiXSxbLTE1LCItIl0sWy02MiwiODAiXSxbLTYzLCIwIl0sWy0xNiwiMCJdLFstMjAsIi0iXSxbLTI3LCJbMjAwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0zNSwiWzE3Mjc4MTQwOTYzODcsLTFdIl0sWy0zOCwiaSwtMSwtMSwwLDAsMSwwLDUyNCw1OTMsNzM0LC0xLDAsNDI0MC4zLDQyNDAuMywxNzQ2OSwxNzQ3MCJdLFstNDEsIi0iXSxbLTUwLCItIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY3LCItIl0sWy0xNywiMTIiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbNDAsNDAsNDAsNDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyODUsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCIsMTYwMCwxMjAwXSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTM0LCItIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTEwLCItIl0sWy0xMywiLSJdLFstNTIsIi0iXSxbLTU1LCIxIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRLWEJrUlVVMU5TVW9ERmhaV1d4ZEtYRjVMWEZ4WFdsWlZURlJYRjFwV1ZCWlFGbGhkQ0Y4SUNRMEpXRjBBV2xnUENnRmFXZzljWEE0QUNseGZEUUZZRFY4UEYxTktBd2dERHdFSUNnNFFGVmhOR1VzWkVWRk5UVWxLQXhZV1Zsc1hTbHhlUzF4Y1YxcFdWVXhVVnhkYVZsUVdVQlpZWFFoZkNBa05DVmhkQUZwWUR3b0JXbG9QWEZ3T0FBcGNYdzBCV0ExZkR4ZFRTZ01JQXc0TERnPT0iXSxbLTU4LCItIl0sWy02OSwiTGludXggeDg2XzY0fEdvb2dsZSBJbmMufDh8MTJ8fDAiXSxbLTUsIi0iXSxbLTIxLCItIl0sWy00NCwiMCwwLDAsNSJdLFstNDcsIkV1cm9wZS9Mb25kb24sZW4tR0IsbGF0bixncmVnb3J5Il0sWy02MSwie1wid2dzbFwiOlwiNDtwYWNrZWRfNHg4X2ludGVnZXJfZG90X3Byb2R1Y3Q7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7cmVhZG9ubHlfYW5kX3JlYWR3cml0ZV9zdG9yYWdlX3RleHR1cmVzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy03MCwiLSJdLFstMSwiLSJdLFstMiwiMjgsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwSXNnSUlqU1ErOGlLZ3FJMG9zSUFpcEZFRVFSSWtVZ2RFUVFwVW9KU0F0Q0FxU0g5R3l5N1pXWitlci9kK2U5MmJ3c0NTRC8xZSJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwiaW50ZXJuYWwtcGRmLXZpZXdlclwiXSJdLFstNDAsIjMzIl0sWy02MCwyMTNdLFstNjYsImdlb2xvY2F0aW9uLGNodWFmdWxsdmVyc2lvbmxpc3QsY3Jvc3NvcmlnaW5pc29sYXRlZCxzY3JlZW53YWtlbG9jayxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGNodWFhcmNoLGNvbXB1dGVwcmVzc3VyZSxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHVzYixjaHNhdmVkYXRhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLHNoYXJlZHN0b3JhZ2UscnVuYWRhdWN0aW9uLGNodWFmb3JtZmFjdG9ycyxjaGRvd25saW5rLG90cGNyZWRlbnRpYWxzLHBheW1lbnQsY2h1YSxjaHVhbW9kZWwsY2hlY3QsYXV0b3BsYXksY2FtZXJhLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYWNjZWxlcm9tZXRlcixjaHVhcGxhdGZvcm12ZXJzaW9uLGlkbGVkZXRlY3Rpb24scHJpdmF0ZWFnZ3JlZ2F0aW9uLGludGVyZXN0Y29ob3J0LGNodmlld3BvcnRoZWlnaHQsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsY2h3aWR0aCxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLGJyb3dzaW5ndG9waWNzLGVuY3J5cHRlZG1lZGlhLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsY2h1YWJpdG5lc3Msc3RvcmFnZWFjY2VzcyxzeW5jeGhyLGNoZGV2aWNlbWVtb3J5LGNodmlld3BvcnR3aWR0aCxwaWN0dXJlaW5waWN0dXJlLG1hZ25ldG9tZXRlcixjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy02OCwiLSJdLFstNzEsImEwMTEwMDEwMTAwMTAwMTAxMDAwMTAxMDAxMTExMTAxMDAwMDEwIl0sWy0yMywiKyJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy02LCItIl0sWy05LCIrIl0sWy0xNCwiLSJdLFstMjUsIi0iXSxbLTMyLCItIl0sWy0zMywiLSJdLFstNDYsIjAiXSxbLTU0LCJ7XCJoXCI6W10sXCJkXCI6W10sXCJiXCI6W1wiXzFcIixcIjI1ODY3ODY5NjFcIl0sXCJzXCI6MX0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjoxOCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjE5MzA4MjAyNzksXCJzZWNcIjpcIlwifSJdLFstMjQsIltdIl0sWy0zMSwiZmFsc2UiXSxbLTUzLCIxMDAiXSxbImJuY2giLDg3MF0sWy00LCItIl0sWy04LCItIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTUxLCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjUsIi0iXSxbImRkYiIsIjAsMjgsMCwwLDIsMCwwLDAsMCwwLDAsMCwwLDAsMiwwLDAsMCwwLDEsMCwxLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMywxLDAsMCwwLDAsMSwzLDksNTIsMCw2OSwwLDAsMCwxLDAsMSwxLDAsMSwxLDEsMCw1OSwwLDAsMCwwLDAsMCwxLDAsMCw4LDEiXSxbImNiIiwiMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMjAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMSwxLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDAsMCwwLDIsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwxOSw1LDAsMCwwLDAsMCwwLDcsMCwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=goDud6wmDd&pto=17791&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1727814096.hDaXjMd53pkAjDBy&suid=1.1727814096.ZgJb7NlVIF8NLCkO&tuid=1.1727814096.dxosdhRmBxQZLr3q&fbc=-&gtm=W10%3D&it=52%2C16079%2C500&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 27afe4bfeeee48d7ff408185b4b2825c88767242000a9617a4bc60b2113054a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://riffberg.com
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1672
date: Tue, 01 Oct 2024 20:21:36 GMT
content-type: text/javascript

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 5 KB
2 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1727814096763&cv=11&fst=1727814096763&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709179453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82a779c4d24ddc82659d0bea3821822d50b461546fea6d47730174e85d9daf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2376
date: Tue, 01 Oct 2024 20:21:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 709179453
td.doubleclick.net/td/rul/ Frame A024 0
0 102ms
100ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709179453?random=1727814096763&cv=11&fst=1727814096763&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709179453

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f60d54396271f15c48eb9004ae57244be6ddd2e7006042abb86e64512d3835e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86458
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aebeec2290168bc8892d2d6590716eb623b4ca9dd29d9d4de1107f802474244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86450
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 90ms
90ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7bffdae1b63b03c7ac9f992da03a46f8212aa37d9b7f03c6dc8417fd37694b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86353
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 104ms
102ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6f17bf3fcb9545862a61951cda176ab0af4f5b2150b0e0bb282ebaa9d6f7310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89361
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/ 5 KB
2 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/?random=1727814096855&cv=11&fst=1727814096855&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723623815

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48f7ba45415214e4caf8a12756882fa9ca25394d03334360c762037589f12719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2377
date: Tue, 01 Oct 2024 20:21:36 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 723623815
td.doubleclick.net/td/rul/ Frame 8597 0
0 95ms
93ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/723623815?random=1727814096855&cv=11&fst=1727814096855&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723623815

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 100ms
100ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ce9331d8aeada97b220c5fc18a7492cd6564094e2b12a4972c8288b2ab11bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86449
x-xss-protection: 0
server: Google Tag Manager

GET
H2 204 0
bat.bing.com/action/ 0
286 B 62ms
61ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97022402&Ver=2&mid=1e848e2b-c8e5-4f02-8e7d-e464618a1c37&sid=c2575d60803211ef8d076f13f71c205a&vid=c2578630803211efa51149b131acaa4c&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Friffberg.com%2Flogin.jsp&r=&lt=4835&evt=pageLoad&sv=1&cdb=AQAQ&rn=389385

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4C202C89BF7B42B5B4F98404C80A635D Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:36Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:36 GMT

GET
H2 204 0
bat.bing.com/action/ 0
230 B 99ms
99ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97050325&tm=gtm002&Ver=2&mid=70bfb678-430f-4024-b3c2-74e86afe220c&sid=c2575d60803211ef8d076f13f71c205a&vid=c2578630803211efa51149b131acaa4c&vids=0&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Friffberg.com%2Flogin.jsp&r=&lt=4835&evt=pageLoad&sv=1&cdb=AQAQ&rn=465750

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D1DEBFDCE029453BBD2C2CE96D7432BF Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:36Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:36 GMT

GET
H2 204 0
bat.bing.com/action/ 0
230 B 94ms
94ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97114338&tm=gtm002&Ver=2&mid=086ecc4d-ad94-4de7-9d31-3cc4949cdcac&sid=c2575d60803211ef8d076f13f71c205a&vid=c2578630803211efa51149b131acaa4c&vids=0&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Friffberg.com%2Flogin.jsp&r=&lt=4835&evt=pageLoad&sv=1&cdb=AQAQ&rn=383383

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49AEA58360FA4BD8951A208B9B154539 Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:36Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:36 GMT

GET
H2 204 0
bat.bing.com/action/ 0
230 B 93ms
92ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97050327&tm=gtm002&Ver=2&mid=a1c8bb80-af5e-4210-a472-88731372e90b&sid=c2575d60803211ef8d076f13f71c205a&vid=c2578630803211efa51149b131acaa4c&vids=0&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Friffberg.com%2Flogin.jsp&r=&lt=4835&evt=pageLoad&sv=1&cdb=AQAQ&rn=932120

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81BEC8F68BEE462BBA33D6FBDAA89525 Ref B: LON04EDGE0812 Ref C: 2024-10-01T20:21:36Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 01 Oct 2024 20:21:36 GMT

GET
H3 200 594307549455110 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 337ms
333ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/594307549455110?v=2.9.170&r=stable&domain=riffberg.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c16007618f73d725fdfa9d1f533047394154fbbd5825df7179b2c7c2b1fb0d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 20:21:37 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=74, mss=1232, tbw=68510, tp=64, tpl=0, uplat=129, ullat=1
pragma: public
x-fb-debug: xaOPeie1bl47q3n+Yp+WxrQyM/eNlZtBBIL8NU05HsdBLdBbuc8baby/1Q3IE1I9mvyRBAa1aSjuuK4vw4mhBA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 805ms
240ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1727814095740&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfrzbKMRZqnPH2iGHIB8Gl3_4OTSD7pA&random=1170446994&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721484514/ 42 B
64 B 797ms
257ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721484514/?random=1727814095740&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfrzbKMRZqnPH2iGHIB8Gl3_4OTSD7pA&random=1170446994&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/856479406/ 42 B
64 B 799ms
240ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856479406/?random=1727814095608&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfHfACA4umr1UFHZXOuxCo7_74O2pQkg&random=2371204157&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/856479406/ 42 B
64 B 797ms
257ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/856479406/?random=1727814095608&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfHfACA4umr1UFHZXOuxCo7_74O2pQkg&random=2371204157&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 799ms
240ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1727814095680&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf6H4ZT7BhdQUiE3G4_brlOsIketlvlQ&random=284352294&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721484514/ 42 B
64 B 795ms
257ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721484514/?random=1727814095680&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf6H4ZT7BhdQUiE3G4_brlOsIketlvlQ&random=284352294&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 p
i.smartnews-ads.com/ 2 B
645 B 1636ms
553ms Image
text/plain 52.194.158.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=d650045319e0726eca67e9c1&t=1727814097&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=cf7bb4d3-62ea-4b1e-ae9a-0a2a148c2fbb
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.158.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-158-90.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

date: Tue, 01 Oct 2024 20:21:38 GMT
content-type: text/plain; charset=utf-8
content-length: 2

GET
H/1.1 200
OK smallest.png
i6.smartnews-ads.com/ 95 B
474 B 1238ms
283ms Image
image/png 184.30.24.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.smartnews-ads.com/smallest.png?id=d650045319e0726eca67e9c1&t=1727814097&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=cf7bb4d3-62ea-4b1e-ae9a-0a2a148c2fbb
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-30.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

ETag: "71a50dbba44c78128b221b7df7bb51f1"
Connection: keep-alive
x-amz-request-id: RJMS1VDRVY6MFEJ4
Accept-Ranges: bytes
Content-Length: 95
Date: Tue, 01 Oct 2024 20:21:38 GMT
Last-Modified: Wed, 09 Feb 2022 07:40:21 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: vAO7BgWF1unR+/IWEZ3aaUVF0OFkPIwvoz5BDHA3FEe8sdz4AvuBf7JdPJcafvRhshPnBy4VUFA=

GET
H2 200 p
i.smartnews-ads.com/ 2 B
647 B 1635ms
555ms Image
text/plain 52.194.158.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=20e53d0c41d51e3a8a128563&t=1727814097&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=cf7bb4d3-62ea-4b1e-ae9a-0a2a148c2fbb
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.194.158.90 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-158-90.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

date: Tue, 01 Oct 2024 20:21:38 GMT
content-type: text/plain; charset=utf-8
content-length: 2

GET
H/1.1 200
OK smallest.png
i6.smartnews-ads.com/ 95 B
474 B 1240ms
288ms Image
image/png 184.30.24.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.smartnews-ads.com/smallest.png?id=20e53d0c41d51e3a8a128563&t=1727814097&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=cf7bb4d3-62ea-4b1e-ae9a-0a2a148c2fbb
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-30.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

ETag: "71a50dbba44c78128b221b7df7bb51f1"
Connection: keep-alive
x-amz-request-id: RJMS1VDRVY6MFEJ4
Accept-Ranges: bytes
Content-Length: 95
Date: Tue, 01 Oct 2024 20:21:38 GMT
Last-Modified: Wed, 09 Feb 2022 07:40:21 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: vAO7BgWF1unR+/IWEZ3aaUVF0OFkPIwvoz5BDHA3FEe8sdz4AvuBf7JdPJcafvRhshPnBy4VUFA=

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 256ms
254ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1727814095891&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfPmchMTL3ttH8cNuapdKvMMBKjVaehxNXjTVszIjffVMUs-wI&random=3589297349&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/709179453/ 42 B
64 B 247ms
245ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/709179453/?random=1727814095891&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfPmchMTL3ttH8cNuapdKvMMBKjVaehxNXjTVszIjffVMUs-wI&random=3589297349&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721521220/ 42 B
64 B 253ms
251ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721521220/?random=1727814096047&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfFDtktU6XltlBKgCiyRNGjTjf72tuPgRPXzyIeQnJClTk-uau&random=3745511539&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721521220/ 42 B
64 B 251ms
249ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721521220/?random=1727814096047&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfFDtktU6XltlBKgCiyRNGjTjf72tuPgRPXzyIeQnJClTk-uau&random=3745511539&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 251ms
249ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1727814096199&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfFATTdE5riaTG2L14NqY_7kLcpyYvcVgcZiAm0DztcgHoWdCd&random=1605539429&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721159065/ 42 B
64 B 251ms
249ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721159065/?random=1727814096199&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfFATTdE5riaTG2L14NqY_7kLcpyYvcVgcZiAm0DztcgHoWdCd&random=1605539429&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET conversion_async.js
b99.yahoo.co.jp/pagead/ 0
0

GET
H2 200 bf.png
a.imgvc.com/i/ 107 B
319 B 1215ms
302ms Image
image/png 3.114.202.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.114.202.197 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-202-197.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf1a7f633dec01a17bcf07e2c185937489d3eac9776a2aa322960f446f935c50

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://riffberg.com
Referer: https://riffberg.com/

Response headers

front-end-https: on
cache-control: max-age=63072000, private
expires: Thu, 01 Oct 2026 20:21:39 GMT
access-control-allow-origin: *
content-length: 107
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: image/png
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx

POST
H2 200 event Show response
log-v4-insight.kaizenplatform.net/kz/insight/ 254 B
478 B 1267ms
615ms XHR
application/json 3.113.46.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log-v4-insight.kaizenplatform.net/kz/insight/event
Requested by: Host: cdn.kaizenplatform.net
URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.46.9 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-46-9.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 525579232d5a1967e977d493dcb10a20c0a5b97eac8cb198071eee8593f0a94e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://riffberg.com/

Response headers

cache-control: no-cache,max-age=0
access-control-allow-credentials: true
expires: Thu, 31 Oct 2024 20:21:38 GMT
access-control-allow-origin: https://riffberg.com
content-length: 254
p3p: CP="CAO PSA OUR"
date: Tue, 01 Oct 2024 20:21:38 GMT
content-type: application/json
vary: Origin

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 253ms
252ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1727814096763&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfkGktJK-PAZv-eoFz-DZd_2-p7voMiUrSNinIcrFWsp8GWXZ0&random=2597271720&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/709179453/ 42 B
64 B 250ms
250ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/709179453/?random=1727814096763&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfkGktJK-PAZv-eoFz-DZd_2-p7voMiUrSNinIcrFWsp8GWXZ0&random=2597271720&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/ 6 KB
2 KB 182ms
181ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/?random=1727814098156&cv=11&fst=1727814098156&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e3f2e8ffc5472816c2112381900dfcf3f92cd0aaf51b95808f3c8ff0a0b832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2389
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 942787950
td.doubleclick.net/td/rul/ Frame 4259 0
0 87ms
85ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/942787950?random=1727814098156&cv=11&fst=1727814098156&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/ 6 KB
2 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/?random=1727814098344&cv=11&fst=1727814098344&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8265aa5b04cce7e18032467d6e6e017a71e92c09e2b06349c16ac6bd8b08080d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2391
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 709209482
td.doubleclick.net/td/rul/ Frame 8184 0
0 76ms
74ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709209482?random=1727814098344&cv=11&fst=1727814098344&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/ 6 KB
2 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/?random=1727814098467&cv=11&fst=1727814098467&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afaee37cb2809e65cdce8f4417a5ce01dd1f6238bd70aa58221718315812792a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2386
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 612303449
td.doubleclick.net/td/rul/ Frame 10DF 0
0 87ms
86ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/612303449?random=1727814098467&cv=11&fst=1727814098467&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 6 KB
2 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1727814098575&cv=11&fst=1727814098575&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5a81da458a444d873d9cf2b36c82b0fc39d07393b61e3dea1c4f107c8f02e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2387
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721159065
td.doubleclick.net/td/rul/ Frame 9771 0
0 85ms
84ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721159065?random=1727814098575&cv=11&fst=1727814098575&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/723623815/ 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/723623815/?random=1727814096855&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf_j_UeFcL3LXVM2JgCPxv9qiJS0MXRJu4l0ydo5YmqkILS_Yx&random=694134153&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/723623815/ 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/723623815/?random=1727814096855&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf_j_UeFcL3LXVM2JgCPxv9qiJS0MXRJu4l0ydo5YmqkILS_Yx&random=694134153&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/ 6 KB
2 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/?random=1727814098659&cv=11&fst=1727814098659&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6205e645f7990cb96e980f69499f21af1f6055c23406f2078e41268d9e8ea693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2389
date: Tue, 01 Oct 2024 20:21:38 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721477044
td.doubleclick.net/td/rul/ Frame E3A0 0
0 89ms
88ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721477044?random=1727814098659&cv=11&fst=1727814098659&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 32 KB
0 0ms
0ms Script
application/javascript 124.83.185.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 124.83.185.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: 0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

x-z-chihaya: r=1
cache-control: public, max-age=600
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 114
ats-carp-promotion: 1
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 10561
date: Tue, 01 Oct 2024 20:19:42 GMT
last-modified: Tue, 01 Oct 2024 08:29:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nghttpx
x-ntap-sg-trace-id: 5c4bc74ff19258bc

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7fb35f7ebb30b50e6c50f50652d61e0d1d48debb44ef1e87ff0c9f89846076ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89415
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7a6379127f648af10267dda848d8c55c31accc57b3c792c4be66534df410f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89407
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Requested by

Host: riffberg.com
URL: https://riffberg.com/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5748a2ce3f494b6bed0a2e075c0711b504728084ae6de2d6a622e7b323524d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 01 Oct 2024 20:21:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 01 Oct 2024 20:21:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Oct 2024 19:03:53 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89415
x-xss-protection: 0
server: Google Tag Manager

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/721484514/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWx...
https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQI&pscrd...
https://www.google.co.uk/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQI&psc...

42 B
64 B

67ms
65ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQI&pscrd=IhMI-sbwjIHuiAMV64-DBx0bTht2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfxgd4tioAsoJgPa2cD2QIL5gI548O7-pxshWPq0NkB3fiTeC7&random=1718226949&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=171348630&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCJDJsQI&pscrd=IhMI-sbwjIHuiAMV64-DBx0bTht2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfxgd4tioAsoJgPa2cD2QIL5gI548O7-pxshWPq0NkB3fiTeC7&random=1718226949&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/721521220/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW...
https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI-...
https://www.google.co.uk/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhM...

42 B
64 B

64ms
62ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI-MXwjIHuiAMVyouDBx0TnyLmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfdZtEENZxUVz6AksB1ra59bEYzEtZhpfCxiFj_HJaD_g4K0ya&random=2967272545&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1256120862&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybEC&pscrd=IhMI-MXwjIHuiAMVyouDBx0TnyLmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfdZtEENZxUVz6AksB1ra59bEYzEtZhpfCxiFj_HJaD_g4K0ya&random=2967272545&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/856479406/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWx...
https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIuM...
https://www.google.co.uk/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMI...

42 B
64 B

62ms
62ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIuMjwjIHuiAMVsoiDBx2zzDlDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfoKwZlNF32lYOKl2D9TjRdegqH_yrZWsBnbzqsZArAMdxMNVT&random=1990367632&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=442333778&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybEC&pscrd=IhMIuMjwjIHuiAMVsoiDBx2zzDlDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS8&is_vtc=1&cid=CAQSKQDpaXnfoKwZlNF32lYOKl2D9TjRdegqH_yrZWsBnbzqsZArAMdxMNVT&random=1990367632&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 tc_imp.gif
obs.segreencolumn.com/tracker/ 43 B
102 B 121ms
115ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268e9cf34ee47839b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a178d6a2717071a10acf9f29f671c8287dd00256c1ffe2a7f5580388c61c603300571925651583c015997eb394b77be26bb25cb43e2916af05265ae0e257b1bdf50eb42f497d7de6fbb2807ff7ecaa8556d8e0e3143714493d6026cf560b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7278ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dde46c9e3409d8fecd284e1ef2643cfa931160efdcaa72dd03ac4ee3d24bc21bd9d36d9a6d279c9827da6d92cefab6cdb3f11338ae6bf2fbb9234e2bfe8a35c6e617f1125852880045d98f86c3cdb08d21da6a9edeb38f38b62f3574947f2885999d0e7f81b928e541e6d315d6528f3d0c0b548c6eec439cd0ad3fe0d476870ce08bdbcb7789490435bd1e5a137f433e9fec62be42c79a9536a4de2bbd9c2fce89ecfd6b84bdeb1f3e3e84a91004deb4285409f3e0f41ff02890f841fdfc3ce42ed36dcc068a50aefc2ecd083af6b28024632d6a682908550ba9e38a70d302b7454e5f28f8b44fdc84190cfeb8d8a6bd6cc2edece087f8aff24a533dfb4785b4456f8343601bcb7e5e796fea66ac7110def6c060887cca228baf30d0bf0c9d6712272003110f8e94a18268695f88195b94d4dbbcb8cb570597b6a325e29e1b21a586173f29a2e0832253fe35994ddc5fba6b8918c9c90df9bd30e59389d6984e64f18a6c19d071d8d1d6d260941248655eeb7a5f42f5e606dbfe1ed89885c953cf808f320a374eb823ff4df516e6d90bcb400b402b463f7ca04892937115ef7dcacc9829cb8d09d56679af0d6e78ceac807605bd20b1d74f8465645713e3653e88aecb7a9f027c888f10a2d6c1edc01f8b4f5f2309e0377807de82065fb935fbec8170cdc1e60e416efd29735916c5164cf4c6ad4b44d2707bd0948e5ddb8bf99c1b30b030a7153300995c297ec9c2550299dce1dee7b40ff363e51795579dd0519fb4a67c25e5d0119eddebff&cri=goDud6wmDd&ts=2111&cb=1727814098813
Requested by: Host: riffberg.com
URL: https://riffberg.com/login.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Tue, 01 Oct 2024 20:21:38 GMT
pragma: no-cache
content-type: image/gif

GET /
apm.yahoo.co.jp/rt/ 0
0

GET 6e83bc93-6eea-4a88-a2e8-c48742d9dbcc
https://riffberg.com/ Frame 0
0

GET /
apm.yahoo.co.jp/rt/ 0
0

GET 8c0fed1d-50fa-4efe-9a0b-f5bad15252cf
https://riffberg.com/ Frame 0
0

GET
H3 200 2401863046519079 Show response
connect.facebook.net/signals/config/ 35 KB
6 KB 170ms
170ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2401863046519079?v=2.9.170&r=stable&domain=riffberg.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7b3e31540319bccec80f6a0a81ebd6eb56cbc024ef92c650bb1e33056713f28

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: MODERATE; q=0.3, rtt=178, rtx=0, c=89, mss=1232, tbw=87190, tp=82, tpl=0, uplat=125, ullat=0
pragma: public
x-fb-debug: 6fnCYeYpE645i35ImwgnR1XFwR2n0Bm0XgBl4kv7QQRzCIJyhULy7haum+DjmEBZhl9Esdb++pDl+N8FiUSglA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 247ms
96ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=594307549455110&ev=PageView&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099028&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=84f318&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&rqm=GET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 317ms
167ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=PageView&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099028&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=84f318&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420905050611098873"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420905050611098873", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: rl6AtOJPwmatBzwRhCCAHEQiCihEjXvDqPOwjy+ol4Vdcs33tCAjdxIht4/JAC+0DFLj5zDgwTI4piI1ey1Hjg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1392, tbw=3096, tp=-1, tpl=-1, uplat=110, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.google.com/pagead/1p-user-list/942787950/ 42 B
64 B 69ms
68ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942787950/?random=1727814098156&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfSh72WyFvouXOPA1F75u-D8_0pOpyhggEdL9de1FbB-3RvfCO&random=3816203575&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/942787950/ 42 B
64 B 72ms
71ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/942787950/?random=1727814098156&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfSh72WyFvouXOPA1F75u-D8_0pOpyhggEdL9de1FbB-3RvfCO&random=3816203575&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/709209482/ 42 B
64 B 82ms
81ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709209482/?random=1727814098344&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfEwBLKM0nsmmYL8hyn8rmC5-y70vIntjUd9ptJOQYhXv8uyO_&random=2748125985&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/709209482/ 42 B
64 B 88ms
88ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/709209482/?random=1727814098344&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be4a10h2za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfEwBLKM0nsmmYL8hyn8rmC5-y70vIntjUd9ptJOQYhXv8uyO_&random=2748125985&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/612303449/ 42 B
64 B 84ms
82ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/612303449/?random=1727814098467&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfQWfUlBUB2TDe0r5Jdfvb9evV4ZDuKeJj_p7AzejX-qPdrvAc&random=2934965512&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/612303449/ 42 B
64 B 79ms
78ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/612303449/?random=1727814098467&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfQWfUlBUB2TDe0r5Jdfvb9evV4ZDuKeJj_p7AzejX-qPdrvAc&random=2934965512&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 85ms
84ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1727814098575&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfnDYs7guNLNrXpBccDwN9ma1PhIpDA2BNtvkaMXZuWtLG3PW5&random=3004129919&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721159065/ 42 B
64 B 88ms
87ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721159065/?random=1727814098575&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0h1za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfnDYs7guNLNrXpBccDwN9ma1PhIpDA2BNtvkaMXZuWtLG3PW5&random=3004129919&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721477044/ 42 B
64 B 83ms
75ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721477044/?random=1727814098659&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfATBEEHpqu5WHbfzIR0Zg-CwBC2b8YY9q1jjaQhO-1G-S2ICf&random=3982518366&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721477044/ 42 B
64 B 77ms
76ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721477044/?random=1727814098659&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfATBEEHpqu5WHbfzIR0Zg-CwBC2b8YY9q1jjaQhO-1G-S2ICf&random=3982518366&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET conversion_async.js
b99.yahoo.co.jp/pagead/ 0
0

GET /
apm.yahoo.co.jp/rt/ 0
0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/ 6 KB
2 KB 68ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1727814099236&cv=11&fst=1727814099236&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31ca5614c6d3a50609b134ed01586444147d414e39aa952fa604396958be15de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2397
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 856479406
td.doubleclick.net/td/rul/ Frame 2853 0
0 96ms
93ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1727814099236&cv=11&fst=1727814099236&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/856479406/ 6 KB
3 KB 62ms
62ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/856479406/?random=1727814099347&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0d7e18e609aaa0289157e7e94a5fdeff06c81645e66661d13e6588b9349945d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2681
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 856479406
td.doubleclick.net/td/rul/ Frame F0BB 0
0 95ms
90ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1727814099347&cv=11&fst=1727814099347&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/ 6 KB
2 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1727814099392&cv=11&fst=1727814099392&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98cee4b9169b1c682e7ba39291d9c491501acc034e87d7c1fc77fb2cd927a75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2398
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721521220
td.doubleclick.net/td/rul/ Frame 1E52 0
0 104ms
96ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1727814099392&cv=11&fst=1727814099392&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/721521220/ 5 KB
3 KB 65ms
65ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/721521220/?random=1727814099482&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d18fe42fefe83b9e871ffae98a636e214ef33c2d2f803e756f9fb53636d80fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2661
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721521220
td.doubleclick.net/td/rul/ Frame 86FD 0
0 90ms
89ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1727814099482&cv=11&fst=1727814099482&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 6 KB
2 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1727814099520&cv=11&fst=1727814099520&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f06ce3942a6df9cf3bb2e517a574fdc06b28857dab9e539652dfab8cc75ba64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2388
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721484514
td.doubleclick.net/td/rul/ Frame 7741 0
0 93ms
90ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727814099520&cv=11&fst=1727814099520&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/721484514/ 6 KB
3 KB 66ms
66ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/721484514/?random=1727814099606&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0a61766f7d4672d34b43c519eda27e88259922836f0604d180316d2d70fa73fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2652
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721484514
td.doubleclick.net/td/rul/ Frame 5206 0
0 91ms
71ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1727814099606&cv=11&fst=1727814099606&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://riffberg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 01 Oct 2024 20:21:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2401863046519070 Show response
connect.facebook.net/signals/config/ 2 KB
1 KB 166ms
166ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2401863046519070?v=2.9.170&r=stable&domain=riffberg.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbf7ca1d30c15f3d3fd302b8629f22227d54e61c4cd2ec880f82f81415ec0cd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=124, rtx=0, c=94, mss=1232, tbw=93590, tp=90, tpl=0, uplat=114, ullat=0
pragma: public
x-fb-debug: QI3GYJ9SAr6fg5FHibSF0Wo89nTv/heAvp7600bvSd52XUeGlXVMEid0rIdzak5wU6QSAL7kzNYE87hxB/Dgzg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 113ms
112ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099655&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=bd9df5&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&cas=7469710046409932&rqm=GET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1392, tbw=6619, tp=-1, tpl=-1, uplat=1, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
864 B 146ms
145ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099655&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=bd9df5&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&cas=7469710046409932&rqm=FGET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420905049900156552"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: a0lX30DhVV7GYXibCX4mZ7fPSSwNfW4KLy/vRI9ggOfuu0HvXAcLikAVKVGl38habmsFHcb7huHizQaSeM3deA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420905049900156552", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1392, tbw=6959, tp=-1, tpl=-1, uplat=102, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 112ms
111ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099657&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=cea3e1&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&tm=1&cs_cc=1&cas=6234696556613005&rqm=GET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1392, tbw=6813, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1017 B 166ms
166ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099657&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=cea3e1&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&tm=1&cs_cc=1&cas=6234696556613005&rqm=FGET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420905048996600258"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420905048996600258", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: bugHFE8HDqRAQWYLLinEm1fIjcMOGzG3k0NS7RSlzZ8Hn36kK0yO4Aj99s6ND2DGo8ZG8AhoHV2l3t7VSFGexA==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1392, tbw=7845, tp=-1, tpl=-1, uplat=106, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.google.com/pagead/1p-user-list/856479406/ 42 B
64 B 59ms
59ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856479406/?random=1727814099236&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf68KnNrCF0y_6rtO5CHiC9GG58yatnk32V8-aPJpNAfvcIdQu&random=1443510159&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/856479406/ 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/856479406/?random=1727814099236&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf68KnNrCF0y_6rtO5CHiC9GG58yatnk32V8-aPJpNAfvcIdQu&random=1443510159&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/856479406/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1...
https://www.google.com/pagead/1p-conversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=1016...
https://www.google.co.uk/pagead/1p-conversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=10...

42 B
64 B

66ms
66ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIxbCGjYHuiAMVJ4uDBx1B6js9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckt1TUEzaC1Xcl82eEFJSFFoMUQ2aEVYT25GaVhtazZweXpmSWVCNTM3QUVyNGFYZFl4QlRCSQ&is_vtc=1&cid=CAQSKQDpaXnftUe6JziQX5V4fMx_mOEEgeoNbnio5YK3_JCG0Ih1XEYzqosn&random=3960196052&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/856479406/?random=309095546&cv=11&fst=1727814099347&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U7bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIxbCGjYHuiAMVJ4uDBx1B6js9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckt1TUEzaC1Xcl82eEFJSFFoMUQ2aEVYT25GaVhtazZweXpmSWVCNTM3QUVyNGFYZFl4QlRCSQ&is_vtc=1&cid=CAQSKQDpaXnftUe6JziQX5V4fMx_mOEEgeoNbnio5YK3_JCG0Ih1XEYzqosn&random=3960196052&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721521220/ 42 B
64 B 64ms
64ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721521220/?random=1727814099392&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfKMjjeVFYXeDpCx0JcUH3ha17uTpSRmjDaj_ebxeEBQ61YCmO&random=4248870551&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721521220/ 42 B
64 B 64ms
64ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721521220/?random=1727814099392&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfKMjjeVFYXeDpCx0JcUH3ha17uTpSRmjDaj_ebxeEBQ61YCmO&random=4248870551&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/721521220/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l...
https://www.google.com/pagead/1p-conversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101...
https://www.google.co.uk/pagead/1p-conversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=1...

42 B
64 B

60ms
59ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIo9GOjYHuiAMVV4mDBx0I5CVgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck41YXpsbnNSTE82S096amthazlIQnpZLVhscENrenNJXy1SeWpOdG1nN0ZSOGdGM1ZTQTNTWQ&is_vtc=1&cid=CAQSKQDpaXnfs4fOkMfDMkaSI8SOGwF9zXyoHwzmg3GQd8FPvhypcUbN-akk&random=22193456&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/721521220/?random=1815957740&cv=11&fst=1727814099482&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiRybECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIo9GOjYHuiAMVV4mDBx0I5CVgMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pck41YXpsbnNSTE82S096amthazlIQnpZLVhscENrenNJXy1SeWpOdG1nN0ZSOGdGM1ZTQTNTWQ&is_vtc=1&cid=CAQSKQDpaXnfs4fOkMfDMkaSI8SOGwF9zXyoHwzmg3GQd8FPvhypcUbN-akk&random=22193456&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
143 B 222ms
216ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://riffberg.com/

Response headers

access-control-allow-origin: https://riffberg.com
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
16 B 209ms
207ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://riffberg.com/

Response headers

access-control-allow-origin: https://riffberg.com
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 69ms
68ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1727814099520&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfbfvVQw1XaY9zqcMYQ8ARHxFmfGJ3PkWYiiJGQqsa-unBo663&random=2184394747&rmt_tld=0&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/721484514/ 42 B
64 B 68ms
66ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/721484514/?random=1727814099520&cv=11&fst=1727812800000&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfbfvVQw1XaY9zqcMYQ8ARHxFmfGJ3PkWYiiJGQqsa-unBo663&random=2184394747&rmt_tld=1&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:39 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/721484514/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&t...
https://www.google.com/pagead/1p-conversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~1016...
https://www.google.co.uk/pagead/1p-conversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~10...

42 B
64 B

67ms
66ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI7LOWjYHuiAMV_IqDBx28JQPjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJNRjhQNzhhaVRGUUtWRnFhdHlYenhGREVJOEFFa0RwS282Y0VYdnc2Z2VmOHJ1UGFBNGx6bw&is_vtc=1&cid=CAQSKQDpaXnfUyNf-E5EyC4AsqL4DSpSbTYP79gb_QS6cXngAv4QQbtn1YV9&random=1413178665&ipr=y

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/721484514/?random=1109381687&cv=11&fst=1727814099606&bg=ffffff&guid=ON&async=1&gtm=45be49u0za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Friffberg.com%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1506910098.1727814095&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgiQybECShVldmVudC1zb3VyY2UsIHRyaWdnZXJaAwoBAWIECgICAw&pscrd=IhMI7LOWjYHuiAMV_IqDBx28JQPjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhVodHRwczovL3JpZmZiZXJnLmNvbS9CV0NoQUk4THZ1dHdZUWotWGgwc0dMX0kxZkVpMEFyeE5pckJNRjhQNzhhaVRGUUtWRnFhdHlYenhGREVJOEFFa0RwS282Y0VYdnc2Z2VmOHJ1UGFBNGx6bw&is_vtc=1&cid=CAQSKQDpaXnfUyNf-E5EyC4AsqL4DSpSbTYP79gb_QS6cXngAv4QQbtn1YV9&random=1413178665&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 01 Oct 2024 20:21:40 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 40ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=594307549455110&ev=CHEQ&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099925&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=6d110a&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&rqm=GET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=5553, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 145ms
144ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=CHEQ&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099925&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=6d110a&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420905054730329317"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 20:21:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: eICqIjl47S51Fj6lvsMwabUJA5pQsgqv1ZPGJnOHMk8H+uwr+Fy/NaWm6O7i27c7abKn2BQ3ytkUXnJkrs1Z/w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420905054730329317", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=24, mss=1232, tbw=6545, tp=22, tpl=0, uplat=103, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 42ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=CHEQ&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099928&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=1cef68&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&cas=24333884979543306&rqm=GET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=6113, tp=17, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 146ms
144ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CHEQ&dl=https%3A%2F%2Friffberg.com&rl=&if=false&ts=1727814099928&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=4124&fbp=fb.1.1727814099012.65835682752732243&pm=1&hrl=1cef68&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&cs_cc=1&cas=24333884979543306&rqm=FGET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420905055048435446"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 20:21:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 3YYrDzUD8sjNXaX05Fhx9lr+ki/FQIu3dt6DadNkjW7L7U8ZeLgfqHEemuKlF8ANo3GS2VxifXKrLBBAo8dR2A==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420905055048435446", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=24, mss=1232, tbw=9761, tp=25, tpl=0, uplat=104, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 47ms
45ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519070&ev=CHEQ&dl=https%3A%2F%2Friffberg.com%2Flogin.jsp&rl=&if=false&ts=1727814099929&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&rqm=GET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=6305, tp=19, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 01 Oct 2024 20:21:39 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 154ms
153ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519070&ev=CHEQ&dl=https%3A%2F%2Friffberg.com%2Flogin.jsp&rl=&if=false&ts=1727814099929&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1727814097040&coo=false&rqm=FGET

Requested by

Host: riffberg.com
URL: https://riffberg.com/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://riffberg.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420905055030769098"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 01 Oct 2024 20:21:40 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: tQkYAxGSK3eZ2B5TF3ck+llMd+W/0UeFdC5grFSif3uGW/mg5KYAfY5N8LshRB2w/YM4R0L0c6d9bXVrfXY6Qw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420905055030769098", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=24, mss=1232, tbw=10641, tp=26, tpl=0, uplat=113, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 416ms
415ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://riffberg.com/

Response headers

access-control-allow-origin: https://riffberg.com
content-length: 0
date: Tue, 01 Oct 2024 20:21:42 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET /
localhost/ 0
0

POST
H2 204 events
log-v4-insight.kaizenplatform.net/kz/insight/ 0
188 B 1386ms
567ms Ping
text/plain 3.113.46.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log-v4-insight.kaizenplatform.net/kz/insight/events
Requested by: Host: cdn.kaizenplatform.net
URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.46.9 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-46-9.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://riffberg.com/

Response headers

expires: Thu, 31 Oct 2024 20:21:44 GMT
access-control-allow-origin: https://riffberg.com
cache-control: no-cache,max-age=0
p3p: CP="CAO PSA OUR"
date: Tue, 01 Oct 2024 20:21:44 GMT
vary: Origin
access-control-allow-credentials: true

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 145ms
144ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://riffberg.com/

Response headers

access-control-allow-origin: https://riffberg.com
content-length: 0
date: Tue, 01 Oct 2024 20:21:43 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 137ms
130ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://riffberg.com/

Response headers

access-control-allow-origin: https://riffberg.com
content-length: 0
date: Tue, 01 Oct 2024 20:21:48 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: riffberg.com
URL: https://riffberg.com/style/img/question.svg

Domain: riffberg.com
URL: https://riffberg.com/style/img/p_img04.png

Domain: riffberg.com
URL: https://riffberg.com/style/img/p_img05.png

Domain: riffberg.com
URL: https://riffberg.com/style/img/p_img06.png

Domain: riffberg.com
URL: https://riffberg.com/style/img/arrow_gray.svg

Domain: b99.yahoo.co.jp
URL: https://b99.yahoo.co.jp/pagead/conversion_async.js

Domain: apm.yahoo.co.jp
URL: https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.1287649&pvid=jdjhbsumtum1qvwhyv&__lt__cid_valid=true&_impl=ytag

Domain: apm.yahoo.co.jp
URL: https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.1363883&pvid=jdjhbsumtum1qvwhyv&__lt__cid_valid=true&_impl=ytag

Domain: riffberg.com
URL: blob:https://riffberg.com/6e83bc93-6eea-4a88-a2e8-c48742d9dbcc

Domain: apm.yahoo.co.jp
URL: https://apm.yahoo.co.jp/rt/?p=A8K4W9L35V&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.585189&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag

Domain: riffberg.com
URL: blob:https://riffberg.com/8c0fed1d-50fa-4efe-9a0b-f5bad15252cf

Domain: b99.yahoo.co.jp
URL: https://b99.yahoo.co.jp/pagead/conversion_async.js

Domain: apm.yahoo.co.jp
URL: https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=cheq_invalidUsers&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814099.3175292&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag

Domain: apm.yahoo.co.jp
URL: https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=cheq_invalidUsers&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814099.9927287&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag

Domain: localhost
URL: http://localhost/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au Jibun Bank (Financial)

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
riffberg.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 8D44677E7447DA15AE44FF40B84C0239
riffberg.com/	1970-01-21 09:22:49	Name: _pk_id.1077564906.9913 Value: 82a6079c09fdb47b.1727814084.1.1727814084.1727814084.
riffberg.com/	1970-01-20 23:56:55	Name: _pk_ses.1077564906.9913 Value: *
.fraud-alert.net/	1970-01-21 08:42:30	Name: caulisCookie Value: 1105953707348996096
.riffberg.com/	1970-01-21 02:06:30	Name: _gcl_au Value: 1.1.1506910098.1727814095
.riffberg.com/	1970-01-21 09:32:54	Name: __lt__cid Value: 01e18853-2d62-465d-8b18-53d586acd913
.riffberg.com/	1970-01-20 23:56:55	Name: __lt__sid Value: 6f9d76da-64899080
.doubleclick.net/	1970-01-21 09:18:30	Name: IDE Value: AHWqTUmGDY37EfNOoc3klNGSuGWwe0KwQ0DzKvWqU4pgNu56zMdi-TUefpfy3WuI
obs.segreencolumn.com/	1970-01-21 08:00:44	Name: cg_uuid Value: e04d79c40b8a73c31700b14a7956aeb4
.riffberg.com/	1970-01-21 02:08:18	Name: _cq_duid Value: 1.1727814096.hDaXjMd53pkAjDBy
.riffberg.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1727814096.ZgJb7NlVIF8NLCkO
.riffberg.com/	1970-01-20 23:58:20	Name: _uetsid Value: c2575d60803211ef8d076f13f71c205a
.riffberg.com/	1970-01-21 09:18:30	Name: _uetvid Value: c2578630803211efa51149b131acaa4c
.line.me/	1970-01-21 09:32:54	Name: _ldbrbid Value: tr__k1y/XGb8WdAwi9TnfIiXAg==
.bing.com/	1970-01-21 09:18:30	Name: MUID Value: 31ADC7025FCB631D34F1D2095E706292
riffberg.com/	1970-01-21 09:32:54	Name: snexid Value: cf7bb4d3-62ea-4b1e-ae9a-0a2a148c2fbb
.riffberg.com/	1970-01-21 08:42:30	Name: _yjsu_yjad Value: 1727814097.43d57006-fa7d-4355-9156-73a56f98d649
.riffberg.com/	1969-12-31 23:59:59	Name: _kys Value: QEkRGrH6uWA4wA_.riffberg.com
i.smartnews-ads.com/	1970-01-21 00:06:58	Name: AWSALBTGCORS Value: /dY5oSd6KdAFQzv1J4/mzQSk01l0T316E6LLpcRvuwXxAHICIklD9xmULsFSTyUigUL4wpokairEEEVyZZYdcUq+kMp/08Qzb4s074pDV+fo5WEF217bJz0JVFvhj95V+gtPAlN8CvLZKqPesPxeJT1JWPnKfCAtE4SI13UqBCwbOInryLg=
.smartnews-ads.com/	1970-01-21 09:32:54	Name: g Value: AB5Y5Y2aDxsT-QjTJcdVF2CWqeXniXH6GgdN4lTYzKZGpJXFrHygN1CXT_AyrRsljS53kKO4XymoAHfvM5NB7wc%3D
.riffberg.com/	1970-01-21 02:06:30	Name: _fbp Value: fb.1.1727814099012.65835682752732243
.riffberg.com/	1970-01-21 09:32:54	Name: _kyp Value: QEkQBhnJAABX6M2kuEfFxXPFYS2zWYJdB8kJ1QGoGm0E0ZRD5QfG6EnCFHKXJJN941hgl0HyQpNaRJFA_.riffberg.com+eh+riffberg.com

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://riffberg.com/login.jsp Message: [DOM] Found 2 elements with non-unique id #pressedButtonId: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://riffberg.com/login.jsp Message: [DOM] Found 2 elements with non-unique id #screenId: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://riffberg.com/login.jsp Message: [DOM] Found 2 elements with non-unique id #viewName: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://riffberg.com/login.jsp Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://riffberg.com/login.jsp Message: Access to fetch at 'https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.1287649&pvid=jdjhbsumtum1qvwhyv&__lt__cid_valid=true&_impl=ytag' from origin 'https://riffberg.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.1287649&pvid=jdjhbsumtum1qvwhyv&__lt__cid_valid=true&_impl=ytag Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://riffberg.com/login.jsp Message: Access to fetch at 'https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.1363883&pvid=jdjhbsumtum1qvwhyv&__lt__cid_valid=true&_impl=ytag' from origin 'https://riffberg.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.1363883&pvid=jdjhbsumtum1qvwhyv&__lt__cid_valid=true&_impl=ytag Message: Failed to load resource: net::ERR_FAILED
worker	verbose	URL: blob:https://riffberg.com/6e83bc93-6eea-4a88-a2e8-c48742d9dbcc(Line 1) Message: Error
javascript	error	URL: https://riffberg.com/login.jsp Message: Access to fetch at 'https://apm.yahoo.co.jp/rt/?p=A8K4W9L35V&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.585189&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag' from origin 'https://riffberg.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://apm.yahoo.co.jp/rt/?p=A8K4W9L35V&label=&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814098.585189&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://riffberg.com/login.jsp Message: Access to fetch at 'https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=cheq_invalidUsers&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814099.9927287&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag' from origin 'https://riffberg.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=cheq_invalidUsers&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814099.9927287&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://riffberg.com/login.jsp Message: Access to fetch at 'https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=cheq_invalidUsers&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814099.3175292&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag' from origin 'https://riffberg.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=cheq_invalidUsers&ref=https%3A%2F%2Friffberg.com%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1727814099.3175292&pvid=jdjhbsumtum1qvwhyv&su=43d57006-fa7d-4355-9156-73a56f98d649&__lt__cid_valid=true&_impl=ytag Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
apm.yahoo.co.jp
b99.yahoo.co.jp
bat.bing.com
cdn.kaizenplatform.net
cdn.smartnews-ads.com
connect.facebook.net
d.line-scdn.net
googleads.g.doubleclick.net
i.smartnews-ads.com
i6.smartnews-ads.com
localhost
log-v4-insight.kaizenplatform.net
ob.segreencolumn.com
obs.segreencolumn.com
p.fraud-alert.net
riffberg.com
s.yimg.jp
seal.digicert.com
static.fraud-alert.net
td.doubleclick.net
tk.csolution.jp
tr.line.me
trj.valuecommerce.com
www.facebook.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
apm.yahoo.co.jp
b99.yahoo.co.jp
localhost
riffberg.com
104.103.88.160
124.83.185.124
142.250.186.98
147.92.191.92
154.91.176.218
18.245.86.65
18.66.147.24
184.30.24.30
23.213.164.35
23.213.168.153
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2359:f600:18:82c:9d80:93a1
2600:9000:235a:2e00:10:3572:e540:93a1
2600:9000:2490:bc00:18:15b9:5a80:93a1
2620:1ec:33:1::10
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:828::2002
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.113.46.9
3.114.202.197
52.194.158.90
63.33.186.64
02dc0198f80ba1db50699741906f5f4f8422ece0df8d2267c7d53fd7afd56cca
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a61766f7d4672d34b43c519eda27e88259922836f0604d180316d2d70fa73fe
0b106d120fddcd7c9de1b4f7b6ded8a615334f3e86cfb92723d66508f01105f7
0d7e18e609aaa0289157e7e94a5fdeff06c81645e66661d13e6588b9349945d9
0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17
105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8
18feb6ecb24ef112ba8662cb6227b45ba57f716feb9cce74e328808b3d64ff7a
1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49
20c1820b56cdf40d3a79bf3649ad55a52f7e898599c51b2f9946d56ddbb1af23
275c9465b2561fcc96e4f99beb30d8bb4156f3405b6cb8354a51c1af400b771e
27afe4bfeeee48d7ff408185b4b2825c88767242000a9617a4bc60b2113054a1
31ca5614c6d3a50609b134ed01586444147d414e39aa952fa604396958be15de
3aebeec2290168bc8892d2d6590716eb623b4ca9dd29d9d4de1107f802474244
3ce9331d8aeada97b220c5fc18a7492cd6564094e2b12a4972c8288b2ab11bbc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f06ce3942a6df9cf3bb2e517a574fdc06b28857dab9e539652dfab8cc75ba64
473f27c7384b4a40885f831052b158d7fd33a6e29b15f4a59ec8647372ea45ea
48f7ba45415214e4caf8a12756882fa9ca25394d03334360c762037589f12719
4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8
51ae2f5a753c96b5c70779481552f3636df036952791a90c7853af58c73a35f9
525579232d5a1967e977d493dcb10a20c0a5b97eac8cb198071eee8593f0a94e
5748a2ce3f494b6bed0a2e075c0711b504728084ae6de2d6a622e7b323524d66
58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6
60fb7676356c6f47177b6a602932a741b2368577fa6c33c5b1d383bdff7dd899
6205e645f7990cb96e980f69499f21af1f6055c23406f2078e41268d9e8ea693
68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a
68eb7822f02f2f1f615c570bbdbed5a3fbb743aaa30aab79548dcb808785d6be
6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d
70c37b43db7f29193553ea771a59919914824540bf264abc0bcac58688461b22
72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc
79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4
7f03b542fa1c6564c8dbab92a5da693ed189f2ec7f47250a04abff42927c12ec
7fb35f7ebb30b50e6c50f50652d61e0d1d48debb44ef1e87ff0c9f89846076ca
7fb587c59b0120a6d8ff5d5e6b710c6afcb3b668495988f1e9c66626ea26c9cd
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
8265aa5b04cce7e18032467d6e6e017a71e92c09e2b06349c16ac6bd8b08080d
82a779c4d24ddc82659d0bea3821822d50b461546fea6d47730174e85d9daf95
89e3f2e8ffc5472816c2112381900dfcf3f92cd0aaf51b95808f3c8ff0a0b832
8a9c46f4371f29ded6f345238dd688515240c3da12b3a220f4f734e7066bb284
8c16007618f73d725fdfa9d1f533047394154fbbd5825df7179b2c7c2b1fb0d1
9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1
968b8175e86895e7c073434f9e3e864ec8a871f178ce599df6afa249d8ba3af9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98cee4b9169b1c682e7ba39291d9c491501acc034e87d7c1fc77fb2cd927a75a
a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f
a6f17bf3fcb9545862a61951cda176ab0af4f5b2150b0e0bb282ebaa9d6f7310
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa9185ab1bfe6ccdf160f859377f2c8ed3b102c7a083bbbfb30d2ea3f26ff31f
af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f
afaee37cb2809e65cdce8f4417a5ce01dd1f6238bd70aa58221718315812792a
b59e7aa430690e032bb481bfd2b888d8dbadbe7e6551472215be66f1e4eea7fd
b7a6379127f648af10267dda848d8c55c31accc57b3c792c4be66534df410f68
bf1a7f633dec01a17bcf07e2c185937489d3eac9776a2aa322960f446f935c50
bf2ff6e8a3f0c7216aad20da3d745d72ca4049bdd538c5fb368f2736c491f962
c081f944b4aa11625246f10f18927bfeff98a35a5a1be91cc4ee4ec62dcfb1df
c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac
c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c
c5a81da458a444d873d9cf2b36c82b0fc39d07393b61e3dea1c4f107c8f02e40
c7b3e31540319bccec80f6a0a81ebd6eb56cbc024ef92c650bb1e33056713f28
c7dae3c7ee9f18d0e2c6c58877284c7e3efc52061a2ed31db79c6f4456ad1ee0
cc160f9188f87d0f995c97c540ac7dfab1f76678e2fea1775e471c2a0a46f002
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18fe42fefe83b9e871ffae98a636e214ef33c2d2f803e756f9fb53636d80fd7
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d7dbf318900fc4f0625fd475b80e05dee53886c49dc18b10e51ce36668543bca
d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41
d8d91b2e06df73d70eb998e274b63b433db68b4fa1cfd0904f21f139b14c5567
dbb58d66fd0b1a93ef1b895b40c4889570a6d6ed8398cd823ae24b1351a4ae39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413
e7c5bb9be0b410f825b9453eb58b18039aa62c82f6795a8f9e84d9cf2e75610d
e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f60d54396271f15c48eb9004ae57244be6ddd2e7006042abb86e64512d3835e4
f7bffdae1b63b03c7ac9f992da03a46f8212aa37d9b7f03c6dc8417fd37694b8
fbf7ca1d30c15f3d3fd302b8629f22227d54e61c4cd2ec880f82f81415ec0cd9
fd035a977d7e7060becc664f670223ad5e4d2a56e7d034a14023b32af0b19a21

riffberg.com Open in urlscan Pro 154.91.176.218 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

182 Requests

77 %HTTPS

46 %IPv6

22 Domains

29 Subdomains

27 IPs

6 Countries

3869 kBTransfer

7267 kBSize

22 Cookies

7 Outgoing links

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

riffberg.com Open in urlscan Pro
154.91.176.218 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

77 %
HTTPS

46 %
IPv6

22
Domains

29
Subdomains

27
IPs

6
Countries

3869 kB
Transfer

7267 kB
Size

22
Cookies

182 HTTP transactions
0 data transactions