Submitted URL: http://risu.io/
Effective URL: https://risu.io/
Submission: On October 21 via manual from SG — Scanned from SG

Summary

This website contacted 72 IPs in 9 countries across 83 domains to perform 368 HTTP transactions. The main IP is 2606:4700:3108::ac42:2afe, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.
This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
2 21 2606:4700:310... 13335 (CLOUDFLAR...)
4 2404:6800:400... 15169 (GOOGLE)
8 34.98.102.251 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
32 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
7 2404:6800:400... 15169 (GOOGLE)
21 2404:6800:400... 15169 (GOOGLE)
9 35.186.215.140 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
5 13 103.254.153.160 59253 (LEASEWEB-...)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
23 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
24 2406:2600:7:1... 55569 (CRITEO-AS...)
1 2001:4860:480... 15169 (GOOGLE)
8 16 2406:2600:7:1... 55569 (CRITEO-AS...)
16 2406:2600:7:1... 55569 (CRITEO-AS...)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
6 9 142.251.12.156 15169 (GOOGLE)
3 5 104.18.26.193 13335 (CLOUDFLAR...)
4 6 103.43.90.53 29990 (ASN-APPNEX)
8 182.161.73.136 55569 (CRITEO-AS...)
4 8 35.190.36.98 15169 (GOOGLE)
4 8 139.162.38.30 63949 (AKAMAI-LI...)
4 34.36.145.36 396982 (GOOGLE-CL...)
8 15 23.108.98.2 59253 (LEASEWEB-...)
4 4 23.39.5.30 16625 (AKAMAI-AS)
8 184.51.97.92 16625 (AKAMAI-AS)
4 4 2406:da18:929... 16509 (AMAZON-02)
4 4 15.197.193.217 16509 (AMAZON-02)
4 4 35.213.12.39 15169 (GOOGLE)
1 34.111.79.67 396982 (GOOGLE-CL...)
38 69 69.173.158.64 26667 (RUBICONPR...)
4 2404:6800:400... 15169 (GOOGLE)
15 60.199.208.47 9924 (TFN-TW Ta...)
2 4 52.46.155.104 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.95.126.138 16509 (AMAZON-02)
2 2 54.65.219.118 16509 (AMAZON-02)
2 2 13.228.126.19 16509 (AMAZON-02)
1 184.28.235.160 20940 (AKAMAI-ASN1)
1 18.139.177.100 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 2600:9000:200... 16509 (AMAZON-02)
1 2 13.33.33.90 16509 (AMAZON-02)
1 172.64.146.152 13335 (CLOUDFLAR...)
1 131.153.206.102 59210 (PHOENIXNA...)
1 1 52.54.122.44 14618 (AMAZON-AES)
1 2 209.191.163.210 14744 (INTERNAP-...)
1 1 182.161.73.146 55569 (CRITEO-AS...)
1 1 54.164.154.71 14618 (AMAZON-AES)
1 34.149.50.64 396982 (GOOGLE-CL...)
1 1 192.132.33.69 18568 (BIDTELLECT)
2 2 185.84.60.20 198622 (ADFORM)
2 2 2001:df2:a300... 6336 (TURN-US-ASN)
6 6 74.118.186.107 6336 (TURN-US-ASN)
1 1 35.190.60.146 15169 (GOOGLE)
1 54.77.100.160 16509 (AMAZON-02)
1 1 67.202.105.21 32748 (STEADFAST)
1 34.117.239.71 396982 (GOOGLE-CL...)
2 2 34.192.58.244 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 3.75.11.145 16509 (AMAZON-02)
1 34.107.140.113 396982 (GOOGLE-CL...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 98.98.134.243 21859 (ZEN-ECN)
1 66.225.223.159 3949 (NTTA-3946)
1 34.254.46.142 16509 (AMAZON-02)
1 52.24.170.180 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
1 52.74.118.249 16509 (AMAZON-02)
1 1 35.247.47.28 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 2a02:fa8:c411... 399104 (CNVR-APAC)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 23.106.127.164 59253 (LEASEWEB-...)
1 13.251.79.216 16509 (AMAZON-02)
1 52.74.188.84 16509 (AMAZON-02)
1 2600:9000:20c... 16509 (AMAZON-02)
1 52.84.251.87 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 96.46.186.182 7979 (SERVERS-COM)
1 1 154.59.122.79 174 (COGENT-174)
2 2 64.202.112.127 23352 (SERVERCEN...)
1 35.214.255.49 15169 (GOOGLE)
1 1 2620:116:800e... 16509 (AMAZON-02)
1 2a02:fa8:c411... 399104 (CNVR-APAC)
1 159.89.246.130 14061 (DIGITALOC...)
1 1 204.2.56.70 2914 (NTT-LTD-2914)
1 1 23.106.127.53 59253 (LEASEWEB-...)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 1 13.224.250.81 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
12 130.211.28.216 15169 (GOOGLE)
368 72
Apex Domain
Subdomains
Transfer
81 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
94 KB
58 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
42288b8fa538cea18b23ef3066c419ff.safeframe.googlesyndication.com
e330217ec61857017b5eac8d29abd0f4.safeframe.googlesyndication.com
2baa1f706c3b659225e2755858a40724.safeframe.googlesyndication.com
4cbb8452ef827087d81924830a391e50.safeframe.googlesyndication.com
565 KB
41 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
mug.criteo.com — Cisco Umbrella Rank: 2541
dis.criteo.com — Cisco Umbrella Rank: 648
59 KB
32 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
739 KB
30 risu.io
risu.io
assets.risu.io
1 MB
28 aralego.com
agent.aralego.com — Cisco Umbrella Rank: 398910
ads.aralego.com — Cisco Umbrella Rank: 41987
sync.aralego.com — Cisco Umbrella Rank: 3055
20 KB
24 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
337 KB
20 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 50390
gocm.c.appier.net — Cisco Umbrella Rank: 2653
pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 287399
9 KB
19 feebee.tw
img.feebee.tw — Cisco Umbrella Rank: 303831
fsa-api.feebee.tw — Cisco Umbrella Rank: 286778
213 KB
15 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 17979
206 KB
13 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 109834
ssl.sitemaji.com — Cisco Umbrella Rank: 292675
72 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
710 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
5 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 178
4 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
3 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
5 KB
6 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1528
74 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
3 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
19 KB
4 feebee.com.tw
fsa-api.feebee.com.tw — Cisco Umbrella Rank: 288784
15 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
4 KB
3 dotomi.com
rubicon-match.dotomi.com — Cisco Umbrella Rank: 2868
match.sync.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2422
993 B
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 617
i6.liadm.com — Cisco Umbrella Rank: 3258
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
233 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
975 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
998 B
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
1003 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
637 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
886 B
2 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
events-ssc.33across.com — Cisco Umbrella Rank: 2272
788 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
989 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
885 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1199
1 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1105
sync1.intentiq.com — Cisco Umbrella Rank: 2757
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
118 KB
2 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 12369
515 B
1 smadex.com
cm.smadex.com — Cisco Umbrella Rank: 2857
581 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
515 B
1 mxptint.net
rbp.mxptint.net — Cisco Umbrella Rank: 3906
694 B
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3977
406 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
505 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
156 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1393
657 B
1 aniview.com
sync.aniview.com — Cisco Umbrella Rank: 2431
251 B
1 media.net
prebid-s2s.media.net — Cisco Umbrella Rank: 37558
509 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
471 B
1 undertone.com
usr.undertone.com — Cisco Umbrella Rank: 2350
294 B
1 servebom.com
pixel.servebom.com — Cisco Umbrella Rank: 14408
595 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 752
599 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1472
359 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
691 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
173 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
631 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
230 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 773
385 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 2802
326 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 900
287 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1171
44 B
1 t13.io
s2s.t13.io — Cisco Umbrella Rank: 4908
449 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1304
186 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 4591
326 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 914
441 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1013
348 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 4707
284 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1089
493 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
449 B
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1720
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1985
530 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
280 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 1185
645 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 416
515 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1386
213 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
46 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
328 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1113
7 KB
368 83
Domain Requested by
56 pixel.rubiconproject.com 30 redirects risu.io
31 pagead2.googlesyndication.com risu.io
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
24 static.criteo.net agent.aralego.com
static.criteo.net
ads.aralego.com
risu.io
23 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
risu.io
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
22 risu.io 3 redirects risu.io
assets.risu.io
static.cloudflareinsights.com
16 bidder.criteo.com static.criteo.net
16 gum.criteo.com 8 redirects static.criteo.net
15 sync.aralego.com 8 redirects ads.aralego.com
risu.io
15 cdn.aralego.net agent.aralego.com
risu.io
ads.aralego.com
13 token.rubiconproject.com 8 redirects eus.rubiconproject.com
12 img.feebee.tw ad.sitemaji.com
12 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
12 ads.aralego.com 4 redirects agent.aralego.com
ads.aralego.com
9 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
risu.io
9 ad.sitemaji.com assets.risu.io
risu.io
ad.sitemaji.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
risu.io
8 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
8 gocm.c.appier.net 4 redirects risu.io
ad2.apx.appier.net
8 ad2.apx.appier.net 4 redirects risu.io
8 mug.criteo.com
8 assets.risu.io risu.io
assets.risu.io
7 fsa-api.feebee.tw
7 www.gstatic.com www.recaptcha.net
www.gstatic.com
googleads.g.doubleclick.net
6 www.google.com tpc.googlesyndication.com
6 www.recaptcha.net risu.io
www.gstatic.com
www.recaptcha.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
risu.io
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 cdnjs.cloudflare.com ad.sitemaji.com
4 fsa-api.feebee.com.tw ad.sitemaji.com
4 sync.1rx.io 4 redirects
4 s.amazon-adsystem.com 2 redirects risu.io
4 ssl.sitemaji.com ad.sitemaji.com
4 x.bidswitch.net 4 redirects
4 match.adsrvr.org 4 redirects
4 pr-bh.ybp.yahoo.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 pmp-beacon.apx.appier.net ad2.apx.appier.net
4 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
4 fonts.googleapis.com risu.io
assets.risu.io
googleads.g.doubleclick.net
3 aax-eu.amazon-adsystem.com 2 redirects
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com risu.io
www.googletagmanager.com
www.google-analytics.com
2 b1sync.zemanta.com 2 redirects
2 rubicon-match.dotomi.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 i.liadm.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 c1.adform.net 2 redirects
2 ce.lijit.com 1 redirects
2 pixel.tapad.com 1 redirects
2 ups.analytics.yahoo.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 www.googletagservices.com risu.io
googleads.g.doubleclick.net
2 www.google.com.sg
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
1 cm.smadex.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 rbp.mxptint.net 1 redirects
1 e.serverbid.com
1 match.sync.ad.cpe.dotomi.com
1 cms.quantserve.com 1 redirects
1 csync.loopme.me
1 ums.acuityplatform.com 1 redirects
1 sync.aniview.com
1 prebid-s2s.media.net
1 dsp.adfarm1.adition.com 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 usr.undertone.com
1 pixel.servebom.com
1 ads.yieldmo.com
1 crb.kargo.com
1 rtb-csync.smartadserver.com
1 bh.contextweb.com 1 redirects
1 tr.blismedia.com
1 um.simpli.fi 1 redirects
1 cm.adgrx.com
1 visitor.omnitagjs.com
1 cs.yellowblue.io
1 sync.outbrain.com
1 match.deepintent.com
1 s2s.t13.io
1 exchange.mediavine.com
1 i6.liadm.com
1 events-ssc.33across.com
1 ssc-cms.33across.com 1 redirects
1 cs.minutemedia-prebid.com
1 id.rlcdn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 bttrack.com 1 redirects
1 s.seedtag.com risu.io
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 prebid.a-mo.net risu.io
1 capi.connatix.com risu.io
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 match.sharethrough.com risu.io
1 hb.yahoo.net
1 px.ads.linkedin.com risu.io
1 4cbb8452ef827087d81924830a391e50.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 2baa1f706c3b659225e2755858a40724.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 e330217ec61857017b5eac8d29abd0f4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 42288b8fa538cea18b23ef3066c419ff.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 odr.mookie1.com risu.io
1 s0.2mdn.net googleads.g.doubleclick.net
1 analytics.google.com www.googletagmanager.com
1 agent.aralego.com 1 redirects
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.cloudflareinsights.com risu.io
368 115

This site contains links to these domains. Also see Links.

Domain
docs.risu.io
pqina.nl
lin.ee
m.me
docs.google.com
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-26 -
2024-03-24
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
assets.risu.io
GTS CA 1D4
2023-10-04 -
2024-01-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
misc.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
feebee.com.tw
R3
2023-09-05 -
2023-12-04
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.google.com.sg
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-19 -
2023-11-19
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-28 -
2023-12-21
3 months crt.sh
pmp-beacon.apx.appier.net
GTS CA 1P5
2023-08-22 -
2023-11-20
3 months crt.sh
*.c.appier.net
GTS CA 1P5
2023-09-01 -
2023-11-30
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-10-04 -
2024-01-02
3 months crt.sh

This page contains 61 frames:

Primary Page: https://risu.io/
Frame ID: 4DECF78CFC12E5F561192A939808DE76
Requests: 59 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: 531A6CC9929F94BFD53F7CDCB5523419
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html?hello=world
Frame ID: C5196841BCFEF338524269E07B2F4D0F
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
Frame ID: A9E5141FEFAA92D241F9FC18DC17B8A0
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=normal&cb=2aqmkjjakxy
Frame ID: 6E2301A275BAD7755564AC173E53ECF3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1697824893&plat=1%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853692880&bpp=5&bdt=369&idt=606&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8681809998057&frm=20&pv=2&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=643
Frame ID: 1F1EFDEF3B7A95BC7897AE5E406AA458
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DCDCABCB61D3171A3FFBA037F83F2882
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C64003B95F18EF83D922D37E60207255
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=7&bdt=1646&idt=-M&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0&nras=2&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Lr7G2jVaiv&p=https%3A//risu.io&dtd=18
Frame ID: 10AF3520A7E09222DF08DB16493846A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=1&bdt=1646&idt=-M&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8O4Zb9Hkaf&p=https%3A//risu.io&dtd=28
Frame ID: 224C11E5C0CD0BD7FA679F89E8D04295
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=1&bdt=1646&idt=-M&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=uldQjjnX2S&p=https%3A//risu.io&dtd=38
Frame ID: 772704DEBAB0E0B3E0D2AC03B8683FDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=4&bdt=1646&idt=4&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wtnpu11Qle&p=https%3A//risu.io&dtd=47
Frame ID: 7C5C823E64442F165DC33482192193AF
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: B7DC135CDF1D7DCFBB7D9AC009EFEE47
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: CB988E3C0FFF8CB5E5EEB40609B4126C
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 166630C78D66D6D7A6CF0BD397A172AF
Requests: 7 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: D9CF67AE6DD7BD179F0288664817680C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Frame ID: 2D273A7F225C469423925EA9AF497DFC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Frame ID: EC39E378474DE68A6155F84EE8387FEF
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 7EAF25CC368918E879AD58938B38652A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjn6IP6ATAB&v=APEucNUZznVPM6zlEz0oLFhb0iPnQs8QI4xL_gmPeSqu5_RhmFsq5R5xY_ebofQgnWkNDdQikr6kbRA9EJ8cC9xWrQYRKTXTtQ
Frame ID: 3D217C92F90F30D8783B10ECADF849AB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Frame ID: 398611C871A60F47D08C87413E8D3CFD
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A15B12F437891BA02BCDFE79A571E904
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 127DD5EF4BA4C411AF0460CF1913968D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: AD56B7334A8B22D393420FE8E7ACFC4F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 5F54E4B26D42B18492BBF1AB83679D0F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: B69E7008D7CD946497FEDCBC70178FE2
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 1A8E496AEE87C9B0082CD1686D37879C
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 86D24ECDCC6042DCBD02A90BBDAE2492
Requests: 6 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 1B96719D0CC83D364B8F77C73B309CFB
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: EC8A297C2B5B9A522DEAC73191E5DBAA
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: B66364D5A61248A58561D4412BCB5976
Requests: 19 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8F8B6C3F663EE1A1CF689538A780B8D8
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 1142A567A0205CE018EE8718306937AD
Requests: 19 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 55A67EEF281FD9843FE1ACD244B937AC
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 02CE5DC8FBA2254589F40DF7055CFB8A
Requests: 20 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E142E40C5CF4742B2F8FFC80D551A45B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 6E0B2B58384E2FB4DD1050E91C380A9B
Requests: 19 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 3578B75AA20BB2B20672783D2675629C
Requests: 9 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 7895774752B31217D55C4DC83CF26358
Requests: 9 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: DA48BC6515589CE8D5AA1021B4B89842
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 92B1E2ACA6E66A19789C08E771B702B6
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 59CD78E7FB513235CF7C9AAA97151A58
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 74EF44E94C863DA2C7C9D2768B25A509
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 8F66E91D8AB0F793D2752B0ADAA20DBA
Requests: 2 HTTP requests in this frame

Frame: https://42288b8fa538cea18b23ef3066c419ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 43F855A4ABCEED3F06A7EA72425A0C7F
Requests: 1 HTTP requests in this frame

Frame: https://e330217ec61857017b5eac8d29abd0f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 04E94BCC2C8E2E26C2BB713DDAFE6B9D
Requests: 1 HTTP requests in this frame

Frame: https://2baa1f706c3b659225e2755858a40724.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: AC87F386E77409B201D67228A41AF269
Requests: 1 HTTP requests in this frame

Frame: https://4cbb8452ef827087d81924830a391e50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 75BCA3199357AB7E77DF428DF87D65C7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Frame ID: 137731D96D856E452F53403AD55DF91D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F42C69FA5CB036AA7B7231A9EAE4177B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CE30DE780123C9A34D65142F9EB0880
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E892875CF6675ECF41F9868FC1D4EEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE65301637203736F79633D56AE9D192
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F3FF77DD75D15DB4FC4F27D4617A82A9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8857F5716055E2472FBE4BCC131389BD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD5C36D44B01FC2264CC59524B6B0DB8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9593A27DA6840A79DBB14AC2D1461677
Requests: 2 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 6FBE0B695803FE6C3DA72B8DB72D0D4F
Requests: 8 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 9B8B89698638E88091B6D0E20DE10EBB
Requests: 5 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 7692D36A5883EDC7D19F5212533A019A
Requests: 5 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Frame ID: 60B7D88366C99965D2F394A9DF649AD3
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

短網址。行銷。分析 - Risu.io

Page URL History Show full URLs

  1. http://risu.io/ HTTP 301
    https://risu.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

368
Requests

76 %
HTTPS

33 %
IPv6

83
Domains

115
Subdomains

72
IPs

9
Countries

4916 kB
Transfer

12702 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://risu.io/ HTTP 301
    https://risu.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Request Chain 25
  • https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Request Chain 52
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 108
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1&C=1
Request Chain 109
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTMw-iUAZ7PqmC7FUcL5pAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG46Bx03NT4M5_I4UoFCDb4&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG46Bx03NT4M5_I4UoFCDb4%26google_cver%3D1
Request Chain 111
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3MTIwOTA3NjUyMDUzNTgwOA%3D%3D
Request Chain 119
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=gflXE3x4NXhZTy94K2wwMXRZRkFydGs2Z1BCdHhKZ0I1VVJJQitXd3M4MzBhdm5DQmFXT1lkWjBMS21UV2lzM1AxUkdXVDVCSE1ydTB4ZUk5dUF0dUo2R0prSklwOGlJYmxTelVxQ1QwWkc4UDV2elM5M3VkVW5hUURNam1sNW01RXhVZGVEdDQzQWxCZG15UldFUDJwK3RZL3FKNUZYTFhoT243c0V5MUpVZmJSV2k2VVFVNnBDdXJra2o1Vk1zc016anBTeEEyejd5cnZmWlNtZWpqZ1NuRXZhZTdkMDUwS1p1UEhJWHE0RVNVaFcxR0lzcEZDZUVjOCt1NWJsa0ViWDc5NEt3T1ovTkhhbWtMdDdtS1VHYXFGQT09fA&cppv=2
Request Chain 127
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TCp04UZXADq7Wgoh_zAzZQ&id=ida4mlvgiastit93r
Request Chain 128
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=jCdJKv1ZC96MWm_-_zAzZQ&id=ida4mlvgiastit93r
Request Chain 129
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=oh8E3rzwAr2Nc5zr_zAzZQ&id=ida4mlvgiastit93r
Request Chain 130
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=W5X0QYC0BYOBCOkE_zAzZQ&id=ida4mlvgiastit93r
Request Chain 137
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=5Cf9zV9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxZSVE4cCUyQkZCQ1phVU44SUZqOEFHNkdyelhFbnJhTlA4SkVaOU12JTJGQldFVjVESVRnNlZtN08lMkJIRSUyRmtSTVB3N3pDZnJrTnglMkZKNUgzU2ZnOU1pWFJHMWVXMVg2QWswbHg2MFRNQnolMkJzNjB0MkxhU3N5RkxzU2ZGTkVxJTJGSTlLdGVXQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=vhe0rHwvNUxHU1lzdXpsSHVra3gwSk5DVXZNRXFYYU16OHlrd1lRNVlxQzIwWWlxS2RvdVNnTE9VazI3SGpqS1Vrck1td0E4aDJ5N2R5VU9DeXhGRzBCYjY2bW0rTnlVL1VmaEhiUit0ZnVHR0RzRzZPaFo0RHRvWEh5bkF2dlc5SEc3eS9WRk9KN2lMb1prcW9IL29CeVZYam53ekFoOFQrOW91TGFFREthY2JnWmNyYzVaWE5QYlFZOGZ1bHpuYmZkTjlHVjA4dmZHbEh0UEVpdnVIMlpuUFQzZ1ZnVWRhbHVlejUvWnZGbFkzS21RclpLSlhrdGZkbVJOQ0RyRVRrb1hwUDRIWllPL0dNRUhIMHN3T2s0WXM4Zz09fA&cppv=2
Request Chain 138
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=5Cf9zV9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxZSVE4cCUyQkZCQ1phVU44SUZqOEFHNkdyelhFbnJhTlA4SkVaOU12JTJGQldFVjVESVRnNlZtN08lMkJIRSUyRmtSTVB3N3pDZnJrTnglMkZKNUgzU2ZnOU1pWFJHMWVXMVg2QWswbHg2MFRNQnolMkJzNjB0MkxhU3N5RkxzU2ZGTkVxJTJGSTlLdGVXQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-Dv5qnxFMURiUVdxaHc3QTBRMWVMY1prUGpPRXdCTERMWit1K3h4czlGWHJLdWFPQkUzc1crcG1HQnFTNlhUYUpHTVhRQjVyekRSZ1VjUzU0aEpLMFBKemZGaTVodGxyZkNmVW5EcVQrbndDVHJqNUZnSWVNRDVmazRmbzNoRnBZRjFoZ0s5cXhmZUFaVy9GMGh1WDFTeXgwVzUzaE5zMzVGVzZNbXozYzhac2NTYnpXenB1d1lYZVVzQUFCQTBvVXVVOVZNck9nb3pmMENxZDJuTDV4Y05leW9jYU42ZVBiaTVUSUdkKzBEVlVPVmpBamUzS1ZvMURmdlRpZVFzeXNXOFdFV09JamtBZ1hnazY2dmlqTzNjZFkvUT09fA&cppv=2
Request Chain 139
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=5Cf9zV9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxZSVE4cCUyQkZCQ1phVU44SUZqOEFHNkdyelhFbnJhTlA4SkVaOU12JTJGQldFVjVESVRnNlZtN08lMkJIRSUyRmtSTVB3N3pDZnJrTnglMkZKNUgzU2ZnOU1pWFJHMWVXMVg2QWswbHg2MFRNQnolMkJzNjB0MkxhU3N5RkxzU2ZGTkVxJTJGSTlLdGVXQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=P3RP4nxGUm1PZEx2dzdtOGpOWFBtYTNQN2VCZ3BIR2tkSTd0MTllVm83cjVUMTYrNm1jc3NPRHFta0MrUm1yTmwxbXQ4SGczWHNCaUhyVjZISmhHVkV6V1MwWEtRNUdZNzZUMHYzMG1pL3haT0VObTl6TUpCeUczNDd4TWtIWm5hQmNRMnlHZ2FjcGVjeC92RGhyZXBhZmVrUUtLM21TQVdGU2lKNDlZSWVIZXNkaDZjbmN4bHB4Q3J3bVo3RlB4NkZzN3hEempMenNwU0FZanI5Q0xiMTFLcU9oYUMrTGtad0MxQUtyakpmamVkZ2hIeHh1OVV4YWVoY2J1dm9XZGtycFVxZXljRy9oMFRQa1FQMVJFSXlyK2RKdz09fA&cppv=2
Request Chain 141
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 145
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 148
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 151
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 161
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 164
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e897d263-9532-3449-983f-39c50ee911ce?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-LfIWo.ZE2oU9RLUgjhuhb3LUnrAYTU6J4vHJUFM-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=259f9059-0f1f-4b0f-bf39-092c79f39291 HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8a13a4da-08f5-42aa-b118-b5396868fcb7&ssp=ucfunnel&gdpr=0&gdpr_consent=
Request Chain 165
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 168
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e897d263-9532-3449-983f-39c50ee911ce?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-DYUyPv5E2oXuBXCRYoYpcPI7Rc26ibOn4alDs7I-~A&redirect=
Request Chain 169
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 177
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e897d263-9532-3449-983f-39c50ee911ce?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-DYUyPv5E2oXuBXCRYoYpcPI7Rc26ibOn4alDs7I-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=259f9059-0f1f-4b0f-bf39-092c79f39291 HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8a13a4da-08f5-42aa-b118-b5396868fcb7
Request Chain 178
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 204
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=6lLr_Hx6dDVMK04rRUU5ZWIrNEVTOC9sVktpZFp1NGc3cDdvbEkrQk40OWpJWUMra2ozQVNNTFRqdmg3YlV2Z3hmR2M4WVRiOFovdmp2OW5udUZhcWF3enpUZysrbDZNSlZxN01Xa205RDRBb0FSYTZkQVNIdWpvZzJ0NjZlZGovcERVMHp0ZThhTVc0VjRlc1RiR0NEaGtXVUZ0dXRzTjZzNWdRb3kvRGUwMnR3Sm5YZ1d6dFJLZnNzMGJRNzFtQWVsNmhmYzZuWHo0MFArZEFoOHdjTGRFbDdSMGtQbFdMaW9UR0c0dlk1SjRkVWFKQ3d4c01wTEgwL1BSL1o2Y0xPMzU1ZWV1dnhpNWhZVGhKV1NsSU5MbWp4QT09fA&cppv=2
Request Chain 205
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Rf_19HxKVmJJYXRxRWYwU0JIVFpkeXZFMUxhdjNJZ3UrcmRQRXpXQ1pLY2Rxak1QUDNOaDVNbDRGRGpndzlXOTRRRUF0UGtPNzZyYmNLbm5VNkJmN3l5N3hCVlRuYmRsY1kxeCtzTkUxeldjZUVYZC93QlF5S2dDc3BnalU3RnZ3OU5uQUk2aWpaRCtjdUliTVkrc0c0TzV3WVBQQy9jOHo3MEZXSk9mNEhQVEZvRXRaNzVDK3c3Q20zMDU4Z0t1dHBpSkIxK0ZWdzJJVCtCN3VoVkdWV1QwTEIybC9TVzArOTIyOEdQRTBEN1JWK2FyQjViK0Uva0Y1akR5MjFubDQ4a09sMU5HSUFtYmFXWUNxTllKSzMvVkJZdz09fA&cppv=2
Request Chain 223
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=rkSgdnxFak85OVd0K2I2Ky84QU83c09IWGk1cUVEVzdyWUdjSllpWlJDeTVocEFFK1FIRjR3VDRQZkVnb2RzMnl6SmJKbUZydHd1MjRHUmYySmphd0V3dFllQk1FNXpMZ1JkSXRnREdWbWJ6Y0thUXBmNUhUOEVxRlhJYVFvdEVlMkRtUnpnQmNhcjMvYzUyN0p2LzlvQ002TGM0Sk5rNmZTNUhrWVI4S2tMaEFJNDUzeHJZbUREN3BCeFhIS1ZpdFZwRzUyVU5jdk1objRKT3hNbnk1YVRnME9NbkcxbE5WRkdXUUdxUE05QklKZ25hN1BNQmEvTXQ4NFJscEtSRU8zOEtJUXZvNTA3V3dWellnZ2hHZVIwT1RYUT09fA&cppv=2
Request Chain 236
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=JGAKWXxnbExQbGdzYWU1Zko0OTd1QTVRWGdaMnRjNGRiRTdGanVmd214SVBJcmhIazF1MDVKZzRLaXJISWVzVFJWMDhMRGxsYldlcnE0bTRlTjlMa1pKWHlmV2tCR3NFMnd4ZG03RTkwODRTVjhveTZVdG1nbUMrYW1jbUh1ZFhzM2RPcVl6OW53OWVjWVpkWjRFcDNKODlNVWEyNi96cjhKK293c2VSd1M2cUFJREpoT3NPM2FnM3k4Z0FCa3RqdmR2ME15RG5jU0pkNDltUjhrUlgxVHFZZzA2dHJRMTlQVlZBVWNETmU2aVZqMzdlcHNrSGlaTVI3dk80d1NGNXliWnc5SmtROTJCdURqeldLTVN4ZXkrNGkrUT09fA&cppv=2
Request Chain 252
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNZE947Y-3-64EO HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNZE947Y-3-64EO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZTg5N2QyNjMtOTUzMi0zNDQ5LTk4M2YtMzljNTBlZTkxMWNl&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 263
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/GwCYr7uYAF1tItEI1BnJ0w?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v5UOxq9E2oKZeD3XugYbfYdE0CL0O43YIb5MYg--~A
Request Chain 264
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sS8dNjOUQRyv45WO7h5oMg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sS8dNjOUQRyv45WO7h5oMg
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB1Dz0F3REr2Ja7B54_Q82E&google_cver=1
Request Chain 266
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNZE947Y-3-64EO
Request Chain 267
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=259f9059-0f1f-4b0f-bf39-092c79f39291&gdpr=0&gdpr_consent=&expires=30
Request Chain 268
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5aRTk0N1ktMy02NEVP HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFG2LREzGzYUiPnLuWVjO9g&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5aRTk0N1ktMy02NEVP&google_push=
Request Chain 269
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GtMO9t_5SAe-haE25fOa0w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GtMO9t_5SAe-haE25fOa0w
Request Chain 270
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODMyOTFmMWZiODkzZGIzZGE0OWUwZjExMTRiYzkzZDc4NjViNGViMg
Request Chain 271
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAKkh07KZmIAABfcynUzWQ&expires=30
Request Chain 272
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNZE947Y-3-64EO&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNZE947Y-3-64EO&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qNmRLc2NwRTJ1SFpwR0VZeERiVUZvVkpsVW5MZnA2U35B&ovsid=LNZE947Y-3-64EO&dpid=58160
Request Chain 273
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNZE947Y-3-64EO
Request Chain 274
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNZE947Y-3-64EO HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNZE947Y-3-64EO
Request Chain 275
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNZE947Y-3-64EO HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNZE947Y-3-64EO HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNZE947Y-3-64EO&ckls=true&ci=Ke0QtZRxsI&nc=false&trid=-1117914077
Request Chain 276
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LNZE947Y-3-64EO&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 277
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LNZE947Y-3-64EO
Request Chain 279
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LNZE947Y-3-64EO&ex=d-rubiconproject.com&status=ok
Request Chain 280
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eccf4b02-882f-4f1d-a54f-78d5516a935d&expires=30
Request Chain 281
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LNZE947Y-3-64EO HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LNZE947Y-3-64EO&dnr=1
Request Chain 282
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=66827314-7eff-471f-9cfe-c5b3d37931df
Request Chain 283
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=WJ2us4rCWkp7qpN-hDCOm2f-meE
Request Chain 284
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNZE947Y-3-64EO
Request Chain 285
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=0ad961c1-ab53-4600-be6f-3345b7a1edc5
Request Chain 286
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7805708194966705746
Request Chain 287
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7371209076520535808&expires=30
Request Chain 288
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4245704473223045341&expires=60&gdpr=&gdpr_consent=
Request Chain 289
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1697853696275 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1901965491 HTTP 302
  • https://sync.1rx.io/usersync/turn/4245704473223045341?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-ead259be-33f7-4f6b-b2d7-88eab6213477-004%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
Request Chain 290
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 291
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LNZE947Y-3-64EO
Request Chain 292
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LNZE947Y-3-64EO HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNZE947Y-3-64EO&ts=1697853696&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 293
  • https://token.rubiconproject.com/token?pid=49096 HTTP 302
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO HTTP 303
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO&_li_chk=true&previous_uuid=e58335cadb33435887fba933acc0de24 HTTP 303
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO
Request Chain 294
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LNZE947Y-3-64EO HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-ead259be-33f7-4f6b-b2d7-88eab6213477-004%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
Request Chain 295
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LNZE947Y-3-64EO
Request Chain 296
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13 HTTP 302
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Request Chain 298
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9e349af4-4719-4855-9f11-efe6b51de621-65333100-5347&expires=360&gdpr=0&gdpr_consent=
Request Chain 299
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNZE947Y-3-64EO&obUid=&initiator=
Request Chain 300
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LNZE947Y-3-64EO
Request Chain 301
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNZE947Y-3-64EO&name=RUBICON
Request Chain 302
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=ZTMxAAAZU7r25QA_ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZTMxAAAZU7r25QA_&_test=ZTMxAAAZU7r25QA_
Request Chain 304
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F67A3D2D455748F78CD63CEA6BA518B4&expires=365
Request Chain 306
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=kuYdbNaobxnFJzakovWS1Q HTTP 302
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=6dc69a0837de1faa&is_secure=true&networkId=12783&version=1&nuid=kuYdbNaobxnFJzakovWS1Q HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMUFlDjuOGRANCjF9fAAAAAAA&expiration=1697940096&nuid=kuYdbNaobxnFJzakovWS1Q&is_secure=true
Request Chain 307
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=k4Ua8fF5e3qA&ev=1&pid=560687
Request Chain 308
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LNZE947Y-3-64EO
Request Chain 309
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864 HTTP 302
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LNZE947Y-3-64EO
Request Chain 310
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LNZE947Y-3-64EO
Request Chain 311
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11868 HTTP 302
  • https://pixel.servebom.com/partner?svc=us&id=19&uid=LNZE947Y-3-64EO
Request Chain 312
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNZE947Y-3-64EO
Request Chain 313
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Request Chain 314
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7292226097720653981&expires=730
Request Chain 315
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet HTTP 302
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Request Chain 316
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LNZE947Y-3-64EO
Request Chain 317
  • https://ums.acuityplatform.com/tum?umid=2 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=842895733344&expires=30&us_privacy=1---
Request Chain 318
  • https://b1sync.zemanta.com/usersync/rubicon/ HTTP 302
  • https://b1sync.zemanta.com/usersync/rubicon/?s=2 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=HCnQ6pLUZnSnc9DaRZmo
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme HTTP 302
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LNZE947Y-3-64EO
Request Chain 320
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=CKC85Q2kv-YTp77jXfGi4gujt-UTo7vhDfTwutl1
Request Chain 321
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon HTTP 302
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LNZE947Y-3-64EO
Request Chain 322
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856 HTTP 302
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LNZE947Y-3-64EO
Request Chain 323
  • https://rbp.mxptint.net/sn.ashx HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E32F_10AE02F5E_5A97029A&expires=60
Request Chain 324
  • https://ssbsync.smartadserver.com/api/sync?callerId=87 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=138904388235532570&gdpr=0&gdpr_consent=
Request Chain 325
  • https://match.adsby.bidtheatre.com/rubiconmatch HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1f5962dc-f1f1-4156-918f-ea42a5d67e80
Request Chain 326
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=abb38773-ed31-454c-b417-839b6b67fb15&expires=30

368 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
risu.io/
Redirect Chain
  • http://risu.io/
  • https://risu.io/
13 KB
5 KB
Document
General
Full URL
https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc056f3accbdc5bd8528fa6e1ab56a67ad07ab2bbf478758eb945e9891c045b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8195e9c98b6d563a-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 21 Oct 2023 02:01:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
4c49987a-c6c7-4e66-839a-1237c79fbb8c
x-runtime
0.037337
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
8195e9c95b863db7-SIN
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 21 Oct 2023 02:01:32 GMT
Expires
Sat, 21 Oct 2023 03:01:32 GMT
Location
https://risu.io/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
5 KB
611 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 02:01:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Oct 2023 02:01:32 GMT
css2
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35d16f915b6dc9c6a619f60e6bb768c5226e12242caa7ce24e7946b6c0a57a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 02:01:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Oct 2023 02:01:32 GMT
application-025be2bd.css
assets.risu.io/packs/css/layouts/
528 KB
67 KB
Stylesheet
General
Full URL
https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:58:08 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
39804
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68120
header-419e5bb6.css
assets.risu.io/packs/css/commons/
226 B
364 B
Stylesheet
General
Full URL
https://assets.risu.io/packs/css/commons/header-419e5bb6.css
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 13:44:28 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
44224
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
index-01566233.css
assets.risu.io/packs/css/home/
131 KB
19 KB
Stylesheet
General
Full URL
https://assets.risu.io/packs/css/home/index-01566233.css
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:09:53 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
67899
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19083
email-decode.min.js
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
817 B
Script
General
Full URL
https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 11:32:23 GMT
server
cloudflare
etag
W/"652d1f47-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8195e9ca4be7563a-SIN
expires
Mon, 23 Oct 2023 02:01:32 GMT
rocket-loader.min.js
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 11:32:23 GMT
server
cloudflare
etag
W/"652d1f47-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8195e9ca4be8563a-SIN
expires
Mon, 23 Oct 2023 02:01:32 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8195e9ca69a018be-SIN
css2
fonts.googleapis.com/
6 KB
888 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Allison&family=Cabin+Sketch&family=Great+Vibes&family=Kanit:wght@300&family=Niconne&family=Sacramento&family=Share+Tech+Mono&display=swap
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/home/index-01566233.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f4af0a679f4cc41a57a54371c1032f9e353a3cbcb47494c174b6b948609cc0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://assets.risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 02:01:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Oct 2023 02:01:32 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 15:50:48 GMT
x-content-type-options
nosniff
age
36644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 15:50:48 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://risu.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:11:27 GMT
x-content-type-options
nosniff
age
183005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:11:27 GMT
bootstrap-icons-dfd0ea12.woff2
assets.risu.io/packs/media/fonts/
88 KB
88 KB
Font
General
Full URL
https://assets.risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

Referer
https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Origin
https://risu.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 12:31:10 GMT
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
48622
content-type
application/font-woff2
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90528
index-2e1e8e88a148c184c660.js
assets.risu.io/packs/js/home/
1 MB
435 KB
Script
General
Full URL
https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:09:53 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
67899
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
445335
api.js
www.recaptcha.net/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e9ba1bfc7ef233c083781b83c6f0aad52addba5176a6a32a49dfb04ff2ebc2f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 21 Oct 2023 02:01:32 GMT
zh-TW.js
assets.risu.io/javascripts/i18n/
23 KB
10 KB
Script
General
Full URL
https://assets.risu.io/javascripts/i18n/zh-TW.js?b8928d7ddbc6bd8fd605402c4caed5ba
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:03:31 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 20 Oct 2023 18:23:40 GMT
server
nginx
age
3481
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10051
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9b625567e20660f1d04118890281e9d198ac3c67742a9a4788bb01fedda2565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51265
x-xss-protection
0
server
cafe
etag
16738140833713585115
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d8173ca9f2919e73dc0b81c1a8a710eb2fb4737abfaa1b6448590894a2823eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51097
x-xss-protection
0
server
cafe
etag
7343769478352766298
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:32 GMT
header-284b48f4c520b20108dc.js
assets.risu.io/packs/js/commons/
470 KB
143 KB
Script
General
Full URL
https://assets.risu.io/packs/js/commons/header-284b48f4c520b20108dc.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 16:55:56 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
32736
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146149
application-bc03df23d8f68313a035.js
assets.risu.io/packs/js/layouts/
54 KB
17 KB
Script
General
Full URL
https://assets.risu.io/packs/js/layouts/application-bc03df23d8f68313a035.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:07:24 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
nginx
age
42848
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17116
main.js
risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame 531A
Redirect Chain
  • https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
7 KB
3 KB
Script
General
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Protocol
H3
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59a671546c79a789b9c2c21d08137d4c7732db7465aabb5c1a1a0b3c8ce447c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8195e9cb6fb84649-SIN
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 21 Oct 2023 02:01:32 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
cache-control
max-age=300, public
cf-ray
8195e9cb3f984649-SIN
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/
188 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6458c281d330479b7224a393414973157d40c4a7e5bc82c9ca85562f506bd573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69455
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 21 Oct 2023 02:01:32 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/
470 KB
187 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__zh_cn.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64274572fa9096a4bcaa338651bdaac5f7bf33c99abba0f1409f5a5223dd580a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Origin
https://risu.io
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 08:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191166
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 08:59:17 GMT
8195e9c98b6d563a
risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 531A
0
267 B
XHR
General
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/8195e9c98b6d563a
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
br
server
cloudflare
cf-ray
8195e9cc58214649-SIN
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/
394 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
129201c81befd51415186f1f919ed0ccf1af0c9cb94070c06047eccf6d9772bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136857
x-xss-protection
0
server
cafe
etag
397748526147501545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/ Frame C519
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20190131/zrt_lookup.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
86246
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 02:04:06 GMT
etag
4569948109300706969
expires
Fri, 03 Nov 2023 02:04:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.js
risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame 531A
Redirect Chain
  • https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
7 KB
3 KB
Script
General
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Protocol
H3
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e1cbca6d05d80f43b06dbf7ae51088cedc201953dda0fcc38880138b1adc7e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8195e9cf29774649-SIN
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 21 Oct 2023 02:01:33 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
cache-control
max-age=300, public
cf-ray
8195e9cdd8d54649-SIN
alt-svc
h3=":443"; ma=86400
ysm_risu.js
ad.sitemaji.com/
45 KB
14 KB
Script
General
Full URL
https://ad.sitemaji.com/ysm_risu.js
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
1dd42b9a451f55c2f58373fbdf4e33d18b694f66463a13283a1731e5ca2592ed

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 12:50:58 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 03 Oct 2023 09:44:48 GMT
server
nginx/1.12.1 (Ubuntu)
age
47435
etag
W/"651be290-b282"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13635
expires
Sat, 21 Oct 2023 12:50:58 GMT
abs027-4bed8014.svg
risu.io/packs/media/abs/
898 B
566 B
XHR
General
Full URL
https://risu.io/packs/media/abs/abs027-4bed8014.svg
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
age
46360
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8195e9cea9304649-SIN
alt-svc
h3=":443"; ma=86400
gra001-b98babf3.svg
risu.io/packs/media/gra/
425 B
451 B
XHR
General
Full URL
https://risu.io/packs/media/gra/gra001-b98babf3.svg
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
age
1620133
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8195e9cea9324649-SIN
alt-svc
h3=":443"; ma=86400
gen002-c35b3731.svg
risu.io/packs/media/gen/
2 KB
1 KB
XHR
General
Full URL
https://risu.io/packs/media/gen/gen002-c35b3731.svg
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/js/home/index-2e1e8e88a148c184c660.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 07:53:50 GMT
server
cloudflare
age
922450
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8195e9cea9334649-SIN
alt-svc
h3=":443"; ma=86400
facebook-icon-43072eec.svg
risu.io/packs/media/brands/
802 B
602 B
Image
General
Full URL
https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 07:53:50 GMT
server
cloudflare
age
26584753
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8195e9cec9454649-SIN
alt-svc
h3=":443"; ma=86400
google-icon-501a643d.svg
risu.io/packs/media/brands/
1 KB
790 B
Image
General
Full URL
https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
age
2063501
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8195e9cec9464649-SIN
alt-svc
h3=":443"; ma=86400
image_page-2402d7aa.jpg
risu.io/packs/media/demo/
82 KB
82 KB
Image
General
Full URL
https://risu.io/packs/media/demo/image_page-2402d7aa.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 07:53:50 GMT
server
cloudflare
age
46360
cf-polished
status=not_needed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8195e9cec9494649-SIN
alt-svc
h3=":443"; ma=86400
content-length
84081
analytic_page-559230f7.jpg
risu.io/packs/media/demo/
109 KB
109 KB
Image
General
Full URL
https://risu.io/packs/media/demo/analytic_page-559230f7.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 07:53:50 GMT
server
cloudflare
age
922450
cf-polished
status=not_needed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8195e9ced94b4649-SIN
alt-svc
h3=":443"; ma=86400
content-length
111521
social_seo_page-da2061df.jpg
risu.io/packs/media/demo/
125 KB
125 KB
Image
General
Full URL
https://risu.io/packs/media/demo/social_seo_page-da2061df.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 16 Dec 2022 07:53:50 GMT
server
cloudflare
age
46360
cf-polished
status=not_needed
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8195e9ced94e4649-SIN
alt-svc
h3=":443"; ma=86400
content-length
127530
qrcode-58d486d7.png
risu.io/packs/media/demo_linebot/
340 B
589 B
Image
General
Full URL
https://risu.io/packs/media/demo_linebot/qrcode-58d486d7.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
cf-cache-status
HIT
age
46360
cf-polished
origFmt=png, origSize=432
content-disposition
inline; filename="qrcode-58d486d7.webp"
alt-svc
h3=":443"; ma=86400
content-length
340
cf-bgj
imgq:100,h2pri
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8195e9ced94f4649-SIN
IMG_0822-19d28120.PNG
risu.io/packs/media/demo_linebot/
251 KB
252 KB
Image
General
Full URL
https://risu.io/packs/media/demo_linebot/IMG_0822-19d28120.PNG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
cf-cache-status
HIT
age
196666
cf-polished
origFmt=png, origSize=281534
content-disposition
inline; filename="IMG_0822-19d28120.webp"
alt-svc
h3=":443"; ma=86400
content-length
257502
cf-bgj
imgq:100,h2pri
last-modified
Tue, 30 May 2023 02:32:07 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8195e9ced9504649-SIN
shape-1-c213d1b6.svg
risu.io/packs/media/components/
10 KB
3 KB
Image
General
Full URL
https://risu.io/packs/media/components/shape-1-c213d1b6.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Dec 2022 07:53:50 GMT
server
cloudflare
age
46360
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8195e9ced9514649-SIN
alt-svc
h3=":443"; ma=86400
rum
risu.io/cdn-cgi/
0
135 B
XHR
General
Full URL
https://risu.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type
application/json

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://risu.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8195e9cf29844649-SIN
anchor
www.recaptcha.net/recaptcha/api2/ Frame A9E5
58 KB
33 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__zh_cn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31ec142211e7b706592b302b831d4381a10394af784fe43dedf14eddba1e27b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EIm_V4MvWMXyS4H9j5icWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EIm_V4MvWMXyS4H9j5icWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.recaptcha.net/recaptcha/api2/ Frame 6E23
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=normal&cb=2aqmkjjakxy
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__zh_cn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c904e3340cf21aeff72cbe67b6fac82ef9924f7550da06fd18cf78e109dd8d31
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-870QQUfN6W8ZIycwrGFA5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-870QQUfN6W8ZIycwrGFA5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:33 GMT
expires
Sat, 21 Oct 2023 02:01:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 21 Oct 2023 00:39:04 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4949
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 21 Oct 2023 02:39:04 GMT
js
www.googletagmanager.com/gtag/
240 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f89874f4560f47cae07e0598799ad9d39a8e432c4682cbb9fe6deb3799f5f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85319
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 02:01:33 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 6E23
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=normal&cb=2aqmkjjakxy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 16:50:50 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame 6E23
470 KB
187 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__zh_cn.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=normal&cb=2aqmkjjakxy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64274572fa9096a4bcaa338651bdaac5f7bf33c99abba0f1409f5a5223dd580a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 08:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191166
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 08:59:17 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame A9E5
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
378643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Oct 2024 16:50:50 GMT
recaptcha__zh_cn.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame A9E5
470 KB
187 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__zh_cn.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64274572fa9096a4bcaa338651bdaac5f7bf33c99abba0f1409f5a5223dd580a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 08:59:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
191166
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 19 Oct 2024 08:59:17 GMT
cookie.js
partner.googleadservices.com/gampad/
381 B
328 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=risu.io&callback=_gfp_s_&client=ca-pub-9208708170783140
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8db3f39ef051d100d6fa7163f0f733a74b9886c0670ce5e6fff967962e83634b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1F1E
275 KB
78 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1697824893&plat=1%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l&format=0x0&url=https%3A%2F%2Frisu.io%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853692880&bpp=5&bdt=369&idt=606&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8681809998057&frm=20&pv=2&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=643
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13f498b70b68125c1b4d866861cc2e7d3cc8edb70bc4bde1e96f46d558861912
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
80047
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:33 GMT
expires
Sat, 21 Oct 2023 02:01:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=grecaptcha-badge&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231017&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8916fc0ac1156325552ab72774b66ad02f314ef0c4787e3e3039ce07376fb4f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12248
x-xss-protection
0
8195e9c98b6d563a
risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 531A
0
267 B
XHR
General
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/8195e9c98b6d563a
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3108::ac42:2afe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
br
server
cloudflare
cf-ray
8195e9d1ab1b4649-SIN
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11709
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:13:13 GMT
server
cloudflare
etag
"64ec3af9-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAhSa8dLoCuaykoH5QsdniKituP%2BZSX4gnnnNsv4J3RgKullml1xKYxNUUvFTNtKrUJYbHERSerq6D9jUfakn3GXbBqL4gOCgAZOusby%2Fht89zPHcGNbypWybGsIUgXE5k4iMeBwGGKm3u15Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8195e9d29c044983-SIN

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 02:01:33 GMT
collect
www.google-analytics.com/g/
0
156 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je3ai0&_p=432406190&cid=864304769.1697853694&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697853693&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
16 B
36 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=432406190&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2F&ul=en-us&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1484944157&gjid=1584125942&cid=864304769.1697853694&tid=UA-146086888-1&_gid=1996665837.1697853694&_r=1&_slc=1&gtm=45He3ai0n81MR8WJDJ&z=1871681699
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1c::8a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A9E5
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:19:59 GMT
x-content-type-options
nosniff
age
139294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 26 Oct 2023 11:19:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A9E5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:25:14 GMT
x-content-type-options
nosniff
age
128179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 14:25:14 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A9E5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 11:29:51 GMT
x-content-type-options
nosniff
age
138702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 11:29:51 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame A9E5
105 B
138 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
355081070e11424d188d81fa89bf9cdec380a94e25ca5536d88dc66f9e890591
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 21 Oct 2023 02:01:33 GMT
collect
stats.g.doubleclick.net/j/
8 B
347 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146086888-1&cid=864304769.1697853694&jid=1484944157&gjid=1584125942&_gid=1996665837.1697853694&_u=YADAAEAAAAAAACAAI~&z=26582543
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 21 Oct 2023 02:01:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
230 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c00::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bc3d8a513819c72daa05b4075726cfa15ebea4dd3e79e5a3249a903ff3b5534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83441
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 21 Oct 2023 02:01:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DCDC
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
85152
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 02:22:21 GMT
expires
Sat, 19 Oct 2024 02:22:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C640
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de22606e02e9e23e618984cbc85fd8135a9a68ad7f194655b562b69caf27bb16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ga8gbjoHT7k_za0vyhukYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Ga8gbjoHT7k_za0vyhukYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:33 GMT
expires
Sat, 21 Oct 2023 02:01:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/
42 B
296 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=864304769.1697853694&jid=1484944157&_u=YADAAEAAAAAAACAAI~&z=359977109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=864304769.1697853694&jid=1484944157&_u=YADAAEAAAAAAACAAI~&z=359977109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
653 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4992
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5yA653JGW%2FbNbapiNtSy5vdYJpqr56UCKOw714SnM7TX9l2VHzoUpraxA9MFLFLx6rrn6yHuZ%2FQmTYytUES94dKTx3YMv7BD8HQPBr6RV2fMJELNKQpq86Aub9XRt7v%2Bp6oTou9fFQWmOQCXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8195e9d38cac4983-SIN
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/
159 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/reactive_library_fy2021.js?bust=31079013
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5237a9e17be2f529af7fa2d495567588b2a011afdaba04f651d19e96a25d4de1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55362
x-xss-protection
0
server
cafe
etag
8341963101284393077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:34 GMT
ad_request
ads.aralego.com/
2 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.03800047341057455&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
8e53ca6776c4413027a35650530e0f25b85681de85281497158c3f594a78c914

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:34 GMT
X-Width
728
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
Transfer-Encoding
chunked
Connection
close
ad_request
ads.aralego.com/
2 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.18028293917393956&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
09f20106f914b462dbf2b0d906733416b2e12dc225dfbfcc671a3ca32780af90

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:34 GMT
X-Width
728
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
Transfer-Encoding
chunked
Connection
close
ad_request
ads.aralego.com/
2 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9342782381107941&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
24f42563df20177865a3f861cf7e3fc5b4ac7119d4ead4c580be76c6ebec15df

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:34 GMT
X-Width
728
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
Transfer-Encoding
chunked
Connection
close
ad_request
ads.aralego.com/
2 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9870647339917404&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e18b322349b1c2a076fde80e1a84dfffadc5ee22715263c07ad75ca5ec83b1f3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:34 GMT
X-Width
728
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
Transfer-Encoding
chunked
Connection
close
ads
googleads.g.doubleclick.net/pagead/ Frame 10AF
436 B
238 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1377134958&pi=t.aa~a.99561451~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=7&bdt=1646&idt=-M&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0&nras=2&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Lr7G2jVaiv&p=https%3A//risu.io&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7736b7f1936ef9d23be1c9cca32b66e57128a754b265ddfb04f1de0bac190fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
expires
Sat, 21 Oct 2023 02:01:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 224C
436 B
238 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1636878560&adf=1831041&pi=t.aa~a.1587783460~rp.1&w=1116&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1116x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=1&bdt=1646&idt=-M&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=1837&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=8O4Zb9Hkaf&p=https%3A//risu.io&dtd=28
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
798a1d4922e76229f35c8efffe568f03942a91ddcf9fbe3bda9672fcf12d5ccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
expires
Sat, 21 Oct 2023 02:01:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7727
436 B
235 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1028885750&adf=2395231771&pi=t.aa~a.689068970~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=1&bdt=1646&idt=-M&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0%2C1200x280%2C1116x280&nras=4&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=uldQjjnX2S&p=https%3A//risu.io&dtd=38
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d29e7e192c2ac13b2c9629253b79c0c2874b9ed1e7a6c37c9e7113355f4c7047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
210
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
expires
Sat, 21 Oct 2023 02:01:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7C5C
436 B
238 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&h=280&adk=1248013043&adf=1296158383&pi=t.aa~a.99552785~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1697824894&rafmt=1&to=qs&pwprc=7893959896&format=1200x280&url=https%3A%2F%2Frisu.io%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697853694157&bpp=4&bdt=1646&idt=4&shv=r20231017&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dab653c9cad438319-22148df001e50064%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MbfyTP3_vfE8jWNxoMZFs9WZbKtDg&gpic=UID%3D00000c6ada9db8bf%3AT%3D1697853693%3ART%3D1697853693%3AS%3DALNI_MYTEV4WmIWBsKIT1tsDTVFlVh0qfg&prev_fmts=0x0%2C1200x280%2C1116x280%2C1200x280&nras=5&correlator=8681809998057&frm=20&pv=1&ga_vid=864304769.1697853694&ga_sid=1697853694&ga_hid=432406190&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4025&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44785294%2C44798934%2C44804683%2C44805112%2C44805534%2C44805681%2C44805918%2C44805934%2C31078301%2C31079013&oid=2&pvsid=1718283948687407&tmod=216454445&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=wtnpu11Qle&p=https%3A//risu.io&dtd=47
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00e0b7b664cde5b63d6510b5e158c121e55d20d5a71742cc1414d08a2914f7fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
expires
Sat, 21 Oct 2023 02:01:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
publishertag.js
static.criteo.net/js/ld/ Frame B7DC
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:34 GMT
publishertag.js
static.criteo.net/js/ld/ Frame CB98
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C640
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231017&jk=1718283948687407&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

collect
analytics.google.com/g/
0
239 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je3ai0&_p=432406190&_gaz=1&ul=en-us&sr=1600x1200&cid=864304769.1697853694&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2F&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1697853694&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=864304769.1697853694&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZH634PL121&cid=864304769.1697853694&gtm=45je3ai0&aip=1&z=1848424993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.js
static.criteo.net/js/ld/ Frame 1666
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:34 GMT
publishertag.js
static.criteo.net/js/ld/ Frame D9CF
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:34 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame 2D27
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
71543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 06:09:11 GMT
etag
4569948109300706969
expires
Fri, 03 Nov 2023 06:09:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/ Frame EC39
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_fy2021.js?bust=31079013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
71543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4480
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 06:09:11 GMT
etag
4569948109300706969
expires
Fri, 03 Nov 2023 06:09:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame DCDC
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 19:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
281504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 19:49:50 GMT
syncframe
gum.criteo.com/ Frame 7EAF
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
server
Kestrel
server-processing-duration-in-ticks
640047
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame CB98
0
186 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&cb=84809955231
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ Frame B7DC
0
185 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&cb=66991900878
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3D21
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjn6IP6ATAB&v=APEucNUZznVPM6zlEz0oLFhb0iPnQs8QI4xL_gmPeSqu5_RhmFsq5R5xY_ebofQgnWkNDdQikr6kbRA9EJ8cC9xWrQYRKTXTtQ
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 3986
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 08:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
62874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 08:33:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 3986
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 08:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
62874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 08:33:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3986
41 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:16:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
179093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 00:16:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 3986
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 02:22:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 3986
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 02:22:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3986
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3986
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ay542Cb0_CMQuNl7BmouTjiesm90ebXGuw1a4SCeUng5zmeDfWd_2k2jZ6JIsVU9Btxv7BEwk_QyycrScz_QAOxuftCT6n62pkC9yUcfg8rJv2H3g
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9363314594761985602
s0.2mdn.net/simgad/ Frame 3986
46 KB
46 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/9363314594761985602
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::95 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa8bf3bfab9a431aa56eacbc72e4519f81d93a1c1c1da11da433db1c8d26a868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:09:11 GMT
x-content-type-options
nosniff
age
103943
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46795
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:32:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 21:09:11 GMT
css
fonts.googleapis.com/ Frame EC39
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 21 Oct 2023 01:47:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 21 Oct 2023 02:01:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame EC39
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 02:22:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame EC39
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 02:22:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame EC39
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 02:22:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame EC39
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 02:22:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
85161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Nov 2023 02:22:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC39
187 KB
59 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:34 GMT
ccbada329de78be299cbea1a52c9a584.js
www.gstatic.com/mysidia/ Frame EC39
35 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 01:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14787
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 21:09:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 18 Jan 2024 01:21:30 GMT
cdb
bidder.criteo.com/ Frame 1666
0
185 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&cb=69652340345
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ Frame D9CF
0
185 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&cb=46687535284
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
rum
dsum-sec.casalemedia.com/ Frame 3D21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1&C=1
43 B
340 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjn6IP6ATAB&v=APEucNUZznVPM6zlEz0oLFhb0iPnQs8QI4xL_gmPeSqu5_RhmFsq5R5xY_ebofQgnWkNDdQikr6kbRA9EJ8cC9xWrQYRKTXTtQ
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uInh4mJyXIIl3YZz4cMQSN3thtgMl6mttH5Q2WzDREAoGuvkcL0yOr5i%2B4PJfNd2IcrDuqKk4Lyxhka%2F%2FW%2BgFqNe4jz0vcFVL7j5rDDmIIqfkPe0gQVVeQkPKCU%2BSnS1mykTuoDGi17ZCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8195e9d7ff1344a5-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soTs8a58IUlgb9iH%2FyRYmrtkLAU4Xe0gJANZzbSizYQ3X6Cpd1Z0AkBK3gSvdvXOKY62oKN4E1ScnLGmkRaT8huJVXmTN5NlKvuRy29Zqw9wyLNsCrKeQj792Ub4IDkqqi8PhzIufaI0%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1&C=1
cache-control
no-cache
cf-ray
8195e9d7cefd44a5-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 3D21
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTMw-iUAZ7PqmC7FUcL5pAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1
43 B
769 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjn6IP6ATAB&v=APEucNUZznVPM6zlEz0oLFhb0iPnQs8QI4xL_gmPeSqu5_RhmFsq5R5xY_ebofQgnWkNDdQikr6kbRA9EJ8cC9xWrQYRKTXTtQ
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQm6NAvMeuQDURRfwQE65qkbxTxHQXsAtPzGIXxhI3zdIN%2Bq07yE5ULoH96k6v3IbM0U67vbMwvhynOAQL4N9qFX7kaiqO0So0AL61JgaWaKcKy%2B%2BT5ElGELTlWWdgJBmdlZMkHduFdJzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8195e9d83e453e3b-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOFnBUStPpRtRif6wW1gU4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 3D21
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEG46Bx03NT4M5_I4UoFCDb4&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG46Bx03NT4M5_I4UoFCDb4%26google_cver%3D1
43 B
896 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG46Bx03NT4M5_I4UoFCDb4%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjn6IP6ATAB&v=APEucNUZznVPM6zlEz0oLFhb0iPnQs8QI4xL_gmPeSqu5_RhmFsq5R5xY_ebofQgnWkNDdQikr6kbRA9EJ8cC9xWrQYRKTXTtQ
Protocol
H2
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
an-x-request-uuid
58f5d288-9d3a-4ebf-ac5e-3568b1c5da59
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
103.254.153.225; 103.254.153.225; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
an-x-request-uuid
b52a1f5d-3882-47c8-bc10-ba49f005ffc6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEG46Bx03NT4M5_I4UoFCDb4%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
103.254.153.225; 103.254.153.225; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D21
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3MTIwOTA3NjUyMDUzNTgwOA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3MTIwOTA3NjUyMDUzNTgwOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhCcs92ZBBjn6IP6ATAB&v=APEucNUZznVPM6zlEz0oLFhb0iPnQs8QI4xL_gmPeSqu5_RhmFsq5R5xY_ebofQgnWkNDdQikr6kbRA9EJ8cC9xWrQYRKTXTtQ
Protocol
H3
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
an-x-request-uuid
64295d93-e0ef-491b-b2de-7e3cddcf336b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM3MTIwOTA3NjUyMDUzNTgwOA%3D%3D
x-proxy-origin
103.254.153.225; 103.254.153.225; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
reload
www.recaptcha.net/recaptcha/api2/ Frame A9E5
33 KB
19 KB
XHR
General
Full URL
https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__zh_cn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
032664faed4c3ce63eb0c5a235263a71049f0418cd85734e09bd444de9437511
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 21 Oct 2023 02:01:34 GMT
events
bidder.criteo.com/csm/ Frame CB98
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame CB98
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
pixel.gif
static.criteo.net/images/ Frame CB98
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
pixel.gif
static.criteo.net/images/ Frame B7DC
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
pixel.gif
static.criteo.net/images/ Frame B7DC
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
events
bidder.criteo.com/csm/ Frame B7DC
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 7EAF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=0&topUrl=risu.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=gflXE3x4NXhZTy94K2wwMXRZRkFydGs2Z1BCdHhKZ0I1VVJJQitXd3M4MzBhdm5DQmFXT1lkWjBMS21UV2lzM1AxUkdXVDVCSE1ydTB4ZUk5dUF0dUo2R0prSklwOGlJYmxTelVxQ1QwWkc4UDV2elM5M3VkVW5hUURNam...
439 B
670 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=gflXE3x4NXhZTy94K2wwMXRZRkFydGs2Z1BCdHhKZ0I1VVJJQitXd3M4MzBhdm5DQmFXT1lkWjBMS21UV2lzM1AxUkdXVDVCSE1ydTB4ZUk5dUF0dUo2R0prSklwOGlJYmxTelVxQ1QwWkc4UDV2elM5M3VkVW5hUURNam1sNW01RXhVZGVEdDQzQWxCZG15UldFUDJwK3RZL3FKNUZYTFhoT243c0V5MUpVZmJSV2k2VVFVNnBDdXJra2o1Vk1zc016anBTeEEyejd5cnZmWlNtZWpqZ1NuRXZhZTdkMDUwS1p1UEhJWHE0RVNVaFcxR0lzcEZDZUVjOCt1NWJsa0ViWDc5NEt3T1ovTkhhbWtMdDdtS1VHYXFGQT09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
281305d6144ba4b8a64ada6df0f17bbeb76aa07341d7fb4bc402e016b3c45389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
826305
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=gflXE3x4NXhZTy94K2wwMXRZRkFydGs2Z1BCdHhKZ0I1VVJJQitXd3M4MzBhdm5DQmFXT1lkWjBMS21UV2lzM1AxUkdXVDVCSE1ydTB4ZUk5dUF0dUo2R0prSklwOGlJYmxTelVxQ1QwWkc4UDV2elM5M3VkVW5hUURNam1sNW01RXhVZGVEdDQzQWxCZG15UldFUDJwK3RZL3FKNUZYTFhoT243c0V5MUpVZmJSV2k2VVFVNnBDdXJra2o1Vk1zc016anBTeEEyejd5cnZmWlNtZWpqZ1NuRXZhZTdkMDUwS1p1UEhJWHE0RVNVaFcxR0lzcEZDZUVjOCt1NWJsa0ViWDc5NEt3T1ovTkhhbWtMdDdtS1VHYXFGQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
502649
content-length
0
expires
0
pixel.gif
static.criteo.net/images/ Frame 1666
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
pixel.gif
static.criteo.net/images/ Frame 1666
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
events
bidder.criteo.com/csm/ Frame 1666
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame D9CF
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
pixel.gif
static.criteo.net/images/ Frame D9CF
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:34 GMT
events
bidder.criteo.com/csm/ Frame D9CF
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A15B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
296367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 15:42:07 GMT
expires
Wed, 16 Oct 2024 15:42:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
arjs.php
ad2.apx.appier.net/www/delivery/ Frame B7DC
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TCp04UZXADq7Wgoh_zAzZQ&id=ida4mlvgiastit93r
3 KB
1 KB
Script
General
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TCp04UZXADq7Wgoh_zAzZQ&id=ida4mlvgiastit93r
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c9778d02beb5a75f967a8cbe1736ea751766404a40d4f83737926dcc308c1a50

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sat, 21 Oct 2023 02:01:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=TCp04UZXADq7Wgoh_zAzZQ&id=ida4mlvgiastit93r
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
arjs.php
ad2.apx.appier.net/www/delivery/ Frame CB98
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=jCdJKv1ZC96MWm_-_zAzZQ&id=ida4mlvgiastit93r
3 KB
1 KB
Script
General
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=jCdJKv1ZC96MWm_-_zAzZQ&id=ida4mlvgiastit93r
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c1c6c285adfe14696401d46eeec2d2020d347373b2713314e271c240ca5df9b0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sat, 21 Oct 2023 02:01:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=jCdJKv1ZC96MWm_-_zAzZQ&id=ida4mlvgiastit93r
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
arjs.php
ad2.apx.appier.net/www/delivery/ Frame 1666
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=oh8E3rzwAr2Nc5zr_zAzZQ&id=ida4mlvgiastit93r
3 KB
1 KB
Script
General
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=oh8E3rzwAr2Nc5zr_zAzZQ&id=ida4mlvgiastit93r
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
000de837fd9a33eba9168a7d17cbca621c16a0ab75b692f59eb5187c8aefc33d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sat, 21 Oct 2023 02:01:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=oh8E3rzwAr2Nc5zr_zAzZQ&id=ida4mlvgiastit93r
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
arjs.php
ad2.apx.appier.net/www/delivery/ Frame D9CF
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=W5X0QYC0BYOBCOkE_zAzZQ&id=ida4mlvgiastit93r
3 KB
1 KB
Script
General
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=W5X0QYC0BYOBCOkE_zAzZQ&id=ida4mlvgiastit93r
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
08b27da820b4aa1d3ebc3e2d13f70b9dc6d88416bb985ed3b82d0c26481b78a1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sat, 21 Oct 2023 02:01:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=W5X0QYC0BYOBCOkE_zAzZQ&id=ida4mlvgiastit93r
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
reload
www.recaptcha.net/recaptcha/api2/ Frame A9E5
33 KB
19 KB
XHR
General
Full URL
https://www.recaptcha.net/recaptcha/api2/reload?k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__zh_cn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cda5c4251c1709a4f70c33224a3005fe04fa638716963e6366b509ab9a29ce2d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6Lc7IOQUAAAAAAKsnJb5Tc3o5biD72gyuR_vlC3f&co=aHR0cHM6Ly9yaXN1LmlvOjQ0Mw..&hl=zh-CN&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=clgloh5wtt9y
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 21 Oct 2023 02:01:35 GMT
syncframe
gum.criteo.com/ Frame 127D
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
server
Kestrel
server-processing-duration-in-ticks
2965735
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame AD56
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
server
Kestrel
server-processing-duration-in-ticks
725954
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
syncframe
gum.criteo.com/ Frame 5F54
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
server
Kestrel
server-processing-duration-in-ticks
1012573
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
pagead2.googlesyndication.com/bg/ Frame A15B
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/fg1jvL24cYOsK8VxUglH5dJJKR_J-UqzKL0jjVNvNUA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 19:36:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
282280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14583
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 19:36:55 GMT
generate_204
tpc.googlesyndication.com/ Frame DCDC
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?6Dv81A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sid
mug.criteo.com/ Frame AD56
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=5Cf9zV9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxZSVE4cCUyQkZCQ1phVU44SUZqOEFHNkdyelhFbnJhTlA4SkVa...
  • https://mug.criteo.com/sid?cpp=vhe0rHwvNUxHU1lzdXpsSHVra3gwSk5DVXZNRXFYYU16OHlrd1lRNVlxQzIwWWlxS2RvdVNnTE9VazI3SGpqS1Vrck1td0E4aDJ5N2R5VU9DeXhGRzBCYjY2bW0rTnlVL1VmaEhiUit0ZnVHR0RzRzZPaFo0RHRvWEh5bk...
425 B
653 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=vhe0rHwvNUxHU1lzdXpsSHVra3gwSk5DVXZNRXFYYU16OHlrd1lRNVlxQzIwWWlxS2RvdVNnTE9VazI3SGpqS1Vrck1td0E4aDJ5N2R5VU9DeXhGRzBCYjY2bW0rTnlVL1VmaEhiUit0ZnVHR0RzRzZPaFo0RHRvWEh5bkF2dlc5SEc3eS9WRk9KN2lMb1prcW9IL29CeVZYam53ekFoOFQrOW91TGFFREthY2JnWmNyYzVaWE5QYlFZOGZ1bHpuYmZkTjlHVjA4dmZHbEh0UEVpdnVIMlpuUFQzZ1ZnVWRhbHVlejUvWnZGbFkzS21RclpLSlhrdGZkbVJOQ0RyRVRrb1hwUDRIWllPL0dNRUhIMHN3T2s0WXM4Zz09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
fb7fe34ea426d890311ff1535e2490fee959cbbaf34278f1e1895fbe24a6309e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1442233
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=vhe0rHwvNUxHU1lzdXpsSHVra3gwSk5DVXZNRXFYYU16OHlrd1lRNVlxQzIwWWlxS2RvdVNnTE9VazI3SGpqS1Vrck1td0E4aDJ5N2R5VU9DeXhGRzBCYjY2bW0rTnlVL1VmaEhiUit0ZnVHR0RzRzZPaFo0RHRvWEh5bkF2dlc5SEc3eS9WRk9KN2lMb1prcW9IL29CeVZYam53ekFoOFQrOW91TGFFREthY2JnWmNyYzVaWE5QYlFZOGZ1bHpuYmZkTjlHVjA4dmZHbEh0UEVpdnVIMlpuUFQzZ1ZnVWRhbHVlejUvWnZGbFkzS21RclpLSlhrdGZkbVJOQ0RyRVRrb1hwUDRIWllPL0dNRUhIMHN3T2s0WXM4Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
243294
content-length
0
expires
0
sid
mug.criteo.com/ Frame 127D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=5Cf9zV9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxZSVE4cCUyQkZCQ1phVU44SUZqOEFHNkdyelhFbnJhTlA4SkVa...
  • https://mug.criteo.com/sid?cpp=-Dv5qnxFMURiUVdxaHc3QTBRMWVMY1prUGpPRXdCTERMWit1K3h4czlGWHJLdWFPQkUzc1crcG1HQnFTNlhUYUpHTVhRQjVyekRSZ1VjUzU0aEpLMFBKemZGaTVodGxyZkNmVW5EcVQrbndDVHJqNUZnSWVNRDVmazRmbz...
433 B
667 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=-Dv5qnxFMURiUVdxaHc3QTBRMWVMY1prUGpPRXdCTERMWit1K3h4czlGWHJLdWFPQkUzc1crcG1HQnFTNlhUYUpHTVhRQjVyekRSZ1VjUzU0aEpLMFBKemZGaTVodGxyZkNmVW5EcVQrbndDVHJqNUZnSWVNRDVmazRmbzNoRnBZRjFoZ0s5cXhmZUFaVy9GMGh1WDFTeXgwVzUzaE5zMzVGVzZNbXozYzhac2NTYnpXenB1d1lYZVVzQUFCQTBvVXVVOVZNck9nb3pmMENxZDJuTDV4Y05leW9jYU42ZVBiaTVUSUdkKzBEVlVPVmpBamUzS1ZvMURmdlRpZVFzeXNXOFdFV09JamtBZ1hnazY2dmlqTzNjZFkvUT09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
1fe061f405c44fa5a1e8599ff26a2a6249452afa94075cc4932be97dbd0217da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1170019
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-Dv5qnxFMURiUVdxaHc3QTBRMWVMY1prUGpPRXdCTERMWit1K3h4czlGWHJLdWFPQkUzc1crcG1HQnFTNlhUYUpHTVhRQjVyekRSZ1VjUzU0aEpLMFBKemZGaTVodGxyZkNmVW5EcVQrbndDVHJqNUZnSWVNRDVmazRmbzNoRnBZRjFoZ0s5cXhmZUFaVy9GMGh1WDFTeXgwVzUzaE5zMzVGVzZNbXozYzhac2NTYnpXenB1d1lYZVVzQUFCQTBvVXVVOVZNck9nb3pmMENxZDJuTDV4Y05leW9jYU42ZVBiaTVUSUdkKzBEVlVPVmpBamUzS1ZvMURmdlRpZVFzeXNXOFdFV09JamtBZ1hnazY2dmlqTzNjZFkvUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
229479
content-length
0
expires
0
sid
mug.criteo.com/ Frame 5F54
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=5Cf9zV9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxZSVE4cCUyQkZCQ1phVU44SUZqOEFHNkdyelhFbnJhTlA4SkVa...
  • https://mug.criteo.com/sid?cpp=P3RP4nxGUm1PZEx2dzdtOGpOWFBtYTNQN2VCZ3BIR2tkSTd0MTllVm83cjVUMTYrNm1jc3NPRHFta0MrUm1yTmwxbXQ4SGczWHNCaUhyVjZISmhHVkV6V1MwWEtRNUdZNzZUMHYzMG1pL3haT0VObTl6TUpCeUczNDd4TW...
422 B
649 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=P3RP4nxGUm1PZEx2dzdtOGpOWFBtYTNQN2VCZ3BIR2tkSTd0MTllVm83cjVUMTYrNm1jc3NPRHFta0MrUm1yTmwxbXQ4SGczWHNCaUhyVjZISmhHVkV6V1MwWEtRNUdZNzZUMHYzMG1pL3haT0VObTl6TUpCeUczNDd4TWtIWm5hQmNRMnlHZ2FjcGVjeC92RGhyZXBhZmVrUUtLM21TQVdGU2lKNDlZSWVIZXNkaDZjbmN4bHB4Q3J3bVo3RlB4NkZzN3hEempMenNwU0FZanI5Q0xiMTFLcU9oYUMrTGtad0MxQUtyakpmamVkZ2hIeHh1OVV4YWVoY2J1dm9XZGtycFVxZXljRy9oMFRQa1FQMVJFSXlyK2RKdz09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e35dc7252ac9e8e0308dae9b8ffea8e34fd803d8e4cd4ed8d74b39bdd77238e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1589282
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=P3RP4nxGUm1PZEx2dzdtOGpOWFBtYTNQN2VCZ3BIR2tkSTd0MTllVm83cjVUMTYrNm1jc3NPRHFta0MrUm1yTmwxbXQ4SGczWHNCaUhyVjZISmhHVkV6V1MwWEtRNUdZNzZUMHYzMG1pL3haT0VObTl6TUpCeUczNDd4TWtIWm5hQmNRMnlHZ2FjcGVjeC92RGhyZXBhZmVrUUtLM21TQVdGU2lKNDlZSWVIZXNkaDZjbmN4bHB4Q3J3bVo3RlB4NkZzN3hEempMenNwU0FZanI5Q0xiMTFLcU9oYUMrTGtad0MxQUtyakpmamVkZ2hIeHh1OVV4YWVoY2J1dm9XZGtycFVxZXljRy9oMFRQa1FQMVJFSXlyK2RKdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
268032
content-length
0
expires
0
fpc
pmp-beacon.apx.appier.net/v1/ Frame D9CF
12 B
73 B
XHR
General
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.145.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.145.36.34.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.6.2 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.6.2
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame B69E
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8597
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:13:13 GMT
server
cloudflare
etag
"64ec3af9-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRx%2FMDuToq1mF42SZZeFmzVZGE9uKRU50mgPp%2F0jTw%2FdwoJu%2BpPo61ojHY5BLcithdHyvhb%2FYW9Rx5dtE0soekJsCYnvEa2DWn4VSL4Sai65zraCCDQcPuC9gzpAOje0zt4ABTmcjWj1pu7y7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8195e9db5c613f58-SIN

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
gcm
gocm.c.appier.net/ Frame B69E
42 B
349 B
Image
General
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.38.30 , Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1451-30.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
fpc
pmp-beacon.apx.appier.net/v1/ Frame CB98
12 B
233 B
XHR
General
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.145.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.145.36.34.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.6.2 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.6.2
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame 1A8E
42 B
349 B
Image
General
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.38.30 , Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1451-30.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame 1A8E
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8597
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:13:13 GMT
server
cloudflare
etag
"64ec3af9-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuuFcLod8lqAyCey%2BcwKy3%2BNZv%2BaoFzlH5Zj%2FBSnAhrugj68VRAzuY9FqN1j5k9lFFZxYisu7lgEo9uXUXMrFsrbIb9tZw%2Bx72ZV34AGoWuZ6oCwXnQaNrUTvG156XbW6KUNKgGPykGp0GcYjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8195e9db5c623f58-SIN

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
fpc
pmp-beacon.apx.appier.net/v1/ Frame B7DC
12 B
73 B
XHR
General
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.145.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.145.36.34.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.6.2 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.6.2
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame 86D2
42 B
349 B
Image
General
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.38.30 , Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1451-30.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame 86D2
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8597
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:13:13 GMT
server
cloudflare
etag
"64ec3af9-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTXB04yYWgHJKdRsCX5L6Y6MNTzegnAAUjFN7lI%2FcxoUO7tfeSCDVc%2FDKDjBgz0Q%2BMl2NKcN%2FHUbH5JSopZ%2BOFC7E5F7JwrNiubBksRHm%2FRDRP00%2BRiL1AxhPViVHe5i%2BMVEhH8cCBlkTyxN3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8195e9db5c633f58-SIN

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
fpc
pmp-beacon.apx.appier.net/v1/ Frame 1666
12 B
73 B
XHR
General
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.145.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
36.145.36.34.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.6.2 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.6.2
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
gcm
gocm.c.appier.net/ Frame 1B96
42 B
349 B
Image
General
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.162.38.30 , Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1451-30.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame 1B96
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8597
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:13:13 GMT
server
cloudflare
etag
"64ec3af9-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1M6gBuayetZebAm7SRy6tdARcmzLflx21iaH9%2FjxC0y3B4sosFwRU38X4mlIFCsGaJcv6p0145blmnavDnjG%2Bb0ZBDZmZos0FavtHtupwixLyvTkOkC3D2AfP0ULFhTjxMRAAUY5gNUhyU4lyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8195e9db8c8e3f58-SIN

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B69E
975 B
763 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10693
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyL%2Fjiz13dsEZV5tM7nH4B%2BZTTzSLmVsHIv8YmUZhZNN%2FIge0gtT9oo5GUrX%2FpwUAqr5YgfIWQ8Z6nFJlPDGPwEb3hmOnB1zpTSrUF6AGIyxi05jARUxswfKrV48rpJidao15SSlnjmIRLPeUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8195e9db8c923f58-SIN
idRequest
sync.aralego.com/ Frame B69E
46 B
485 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
71eeff32cdeadeee22e5599db046b66b7cd833e8a8b8620c7e35a78c8ef77d55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
connection
close
content-length
46
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 86D2
975 B
762 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10693
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BU2wP6gKIvsUijDl4wW0iQRqE1At8MbGUzbQmd2nZ4oIXRAocmpeQOxhwduBWZ75psYHzTj9pvTwMjVEE%2Bi7fWEfQwzAddh1vnKbhNCOLID3cAIvrXlWsxqKEc4YQUZ6YMUtYaPtVBnQM%2FyAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8195e9db9ca63f58-SIN
idRequest
sync.aralego.com/ Frame 86D2
46 B
485 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
71eeff32cdeadeee22e5599db046b66b7cd833e8a8b8620c7e35a78c8ef77d55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ Frame B69E
3 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6734008038806698&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
9bd966573c2efd0cb76132c77fdc44a2150220a09986decd5eb6c763639964d2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Transfer-Encoding
chunked
X-SspId
e897d263-9532-3449-983f-39c50ee911ce
Connection
close
X-Width
728
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
ad_request
ads.aralego.com/ Frame 86D2
3 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.26711661238133644&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
59c093aa066e566d324049b17487eda5f96d57cc9c7964cae72f1a418ebadbd7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Transfer-Encoding
chunked
X-SspId
e897d263-9532-3449-983f-39c50ee911ce
Connection
close
X-Width
728
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 1A8E
975 B
756 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10693
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSsqme9eAk2j18gyIbSL5yM64Zqoz3Vd970zF3aIfBeFBiojLwJlFa5yEA6c0U6q04pUk1GbeoKJVHTjQH6UJJZtwVQZfyRZtbEsETOzDbzB77f5AyQIFFnysUEEpvEaSE1kmTDnR5pnH2morw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8195e9dbccc73f58-SIN
idRequest
sync.aralego.com/ Frame 1A8E
46 B
485 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
71eeff32cdeadeee22e5599db046b66b7cd833e8a8b8620c7e35a78c8ef77d55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
connection
close
content-length
46
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame EC8A
714 B
752 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
age
14105
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8195e9dbdcda3f58-SIN
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 02:01:35 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZpjdJyv%2FAFz9AwZEsLkSr3LwH2N6848yhBENWA%2Fm6aTPwuuBgKirk%2FT43%2Bvz9g8UuaJKKCeROM2Zi4wTeGU6ZASgAzSZiy%2BRp%2Bnt1OYfpz5VQTCUruZIg4Zl4pnT63gK6dSDxfmQiPLB0vSOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B663
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 02:01:35 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Oct 2023 02:01:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ Frame B69E
35 B
273 B
Image
General
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
connection
close
content-length
35
content-type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 8F8B
714 B
747 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
age
14105
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8195e9dbece63f58-SIN
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 02:01:35 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETJDINwgHkKLxPONWm9guS8LU2M65PBUerxo0FN42p%2FcbBzO4IWr5L7qMMbDV83W3MYsfe5y3XNYnde%2BnsChSos%2FaSBDBaQfB4HXkBNTPUE4U5Lgh7tvnXk9s5vDam7iHrVPKobzogtFGQVRNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
odr.mookie1.com/t/v2/ Frame 86D2
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e897d263-9532-3449-983f-39c50ee911ce?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-LfIWo.ZE2oU9RLUgjhuhb3LUnrAYTU6J4vHJUFM-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=259f9059-0f1f-4b0f-bf39-092c79f39291
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8a13a4da-08f5-42aa-b118-b5396868fcb7&ssp=ucfunnel&gdpr=0&gdpr_consent=
42 B
213 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8a13a4da-08f5-42aa-b118-b5396868fcb7&ssp=ucfunnel&gdpr=0&gdpr_consent=
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
67.79.111.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=8a13a4da-08f5-42aa-b118-b5396868fcb7&ssp=ucfunnel&gdpr=0&gdpr_consent=
Date
Sat, 21 Oct 2023 02:01:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 02:01:35 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Oct 2023 02:01:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
ad_request
ads.aralego.com/ Frame 1A8E
3 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.68506664552311&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
78e8974431d79f1ff1840987f98c6ffbd4abde64f4ae4bc792c53fb3406ac8e5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Transfer-Encoding
chunked
X-SspId
e897d263-9532-3449-983f-39c50ee911ce
Connection
close
X-Width
728
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 55A6
714 B
748 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
age
14105
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8195e9dbfcf73f58-SIN
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 02:01:35 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBYWlTX%2BYpGpPuO74DxtmmlDvscfnjpWgQc1fzoatweqpxSNjbieEpFFzEeml%2FrGjjg%2Fa9Sei8jcrLeu3QgYSY%2FbnubUmt6g54YGUbsPbvTUyIaCiR%2B5i83jFUx4qMDzI1BRVobEN5HWOv1euQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 1A8E
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e897d263-9532-3449-983f-39c50ee911ce?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-DYUyPv5E2oXuBXCRYoYpcPI7Rc26ibOn4alDs7I-~A&redirect=
35 B
155 B
Image
General
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-DYUyPv5E2oXuBXCRYoYpcPI7Rc26ibOn4alDs7I-~A&redirect=
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-DYUyPv5E2oXuBXCRYoYpcPI7Rc26ibOn4alDs7I-~A&redirect=
content-length
0
usync.html
eus.rubiconproject.com/ Frame 02CE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 02:01:35 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Oct 2023 02:01:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 1B96
975 B
765 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10693
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66GSser%2FmOZLLapfMWBCi6%2BrdoFuTsFkMbrK5MuEVWg9St%2BrlTQmP%2BzHHSBtgc%2Fj5RPqEIGgh0rtacLj3Kb2TRsOFWb0a7prinGKRweaAy1qx5B%2BYydcME7HVq%2BXnM2yk0GOrOz3obinG2R8yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8195e9dbfcf53f58-SIN
idRequest
sync.aralego.com/ Frame 1B96
46 B
485 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?ucfUid=e897d263-9532-3449-983f-39c50ee911ce&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
71eeff32cdeadeee22e5599db046b66b7cd833e8a8b8620c7e35a78c8ef77d55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
connection
close
content-length
46
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EC8A
89 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15d5ad6d1ec95a2031b81f073e54f15e1634ed290ff9f10867bd9a44fe60a1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29140
x-xss-protection
0
server
cafe
etag
712 / 19651 / m202310170101 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8F8B
89 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1100e86c34e21a505c8890bbc7f7bc48190ad3ca749298a2209efd42b2248832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29138
x-xss-protection
0
server
cafe
etag
532 / 19651 / m202310170101 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:35 GMT
ad_request
ads.aralego.com/ Frame 1B96
3 KB
2 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2F&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.34334185816059604&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=e897d263-9532-3449-983f-39c50ee911ce&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
c44308b793cabed584d1ed5a4ea2ee882a5b5def546a06600af73a39437e5510

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
X-Height
90
X-AdStyle
banner
Transfer-Encoding
chunked
X-SspId
e897d263-9532-3449-983f-39c50ee911ce
Connection
close
X-Width
728
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 55A6
89 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa0812551336766489da57267dcc7af59834267dcb485c9d212e86a9ae6bb6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29140
x-xss-protection
0
server
cafe
etag
683 / 19651 / m202310170101 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:35 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E142
714 B
747 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials
true
age
14105
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8195e9dc5d413f58-SIN
content-encoding
br
content-type
text/html
date
Sat, 21 Oct 2023 02:01:35 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnDwVoSLbPbMfP9vowhXbmi3jtYFCWSWZo2508ce%2FPrZUOKlc5IYMG6IL1%2BVIrAm2oZd4lApGzepnMSHmWISfQVRR0DUZcNGwIZUGYbrmG1MOGKaTtCIaJaCVth%2FKZfKfuxgQwgE3w9pd8FsyA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idSync
sync.aralego.com/ Frame 1B96
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/e897d263-9532-3449-983f-39c50ee911ce?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-DYUyPv5E2oXuBXCRYoYpcPI7Rc26ibOn4alDs7I-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=259f9059-0f1f-4b0f-bf39-092c79f39291
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=e897d263-9532-3449-983f-39c50ee911ce&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8a13a4da-08f5-42aa-b118-b5396868fcb7
35 B
155 B
Image
General
Full URL
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8a13a4da-08f5-42aa-b118-b5396868fcb7
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
23.108.98.2 Atlanta, United States, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Location
//sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=8a13a4da-08f5-42aa-b118-b5396868fcb7
Date
Sat, 21 Oct 2023 02:01:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 21 Oct 2023 02:01:35 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 21 Oct 2023 02:01:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 02CE
41 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fced446e91e09f757b3e5305b360eceddb8cb61f07ac4853be39691c57bbc1cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 20:44:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67429
Connection
keep-alive
Content-Length
11097
Expires
Sat, 21 Oct 2023 20:45:24 GMT
usync.js
eus.rubiconproject.com/ Frame 1142
41 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fced446e91e09f757b3e5305b360eceddb8cb61f07ac4853be39691c57bbc1cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 20:44:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67429
Connection
keep-alive
Content-Length
11097
Expires
Sat, 21 Oct 2023 20:45:24 GMT
usync.js
eus.rubiconproject.com/ Frame B663
41 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fced446e91e09f757b3e5305b360eceddb8cb61f07ac4853be39691c57bbc1cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 20:44:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67429
Connection
keep-alive
Content-Length
11097
Expires
Sat, 21 Oct 2023 20:45:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E142
89 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
436521dac509c0b5bda1ed7e59676f299a3084610b49ac7817a9f09fe38a3bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29140
x-xss-protection
0
server
cafe
etag
726 / 19651 / m202310170101 / config-hash: 4808689989001815818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 21 Oct 2023 02:01:35 GMT
usync.js
eus.rubiconproject.com/ Frame 6E0B
41 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.51.97.92 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-97-92.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fced446e91e09f757b3e5305b360eceddb8cb61f07ac4853be39691c57bbc1cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Oct 2023 20:44:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=67429
Connection
keep-alive
Content-Length
11097
Expires
Sat, 21 Oct 2023 20:45:24 GMT
publishertag.js
static.criteo.net/js/ld/ Frame 3578
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:35 GMT
publishertag.js
static.criteo.net/js/ld/ Frame 7895
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A15B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNmLw_TAzZf_gIsnUqQGdl4mYCQAAAAA4AeAEAg&bg=!e3ileDfNAAY5nEQaGZw7ADQBe5WfOAMc7CuUbIt1zoSOqPiIfd0vyKMPJIRF2mIGJzcMa7SoZJXO7pSnjws8h894tPBxAgAAAQ9SAAAABGgBB5kC9U5adkDLxC4gVcgCPNJuJg08VyziZjM9ujMulKHtowSlIKJislc2VZ2wumJh-MJzQJzsnMlYJRvOt6s31qb1d-vb1i2XHetJCp1lerV-nqFInrwQOsYUnWg6zgZ1xtqxSV3NenTbsHlNLphjovjdYhllpx48BpkXML11Gy5gyCcWRMKerMPRaJo6zAYoxcXfcOqafW0jNfaxEbf6dy2GfFNaYDBTdbnu528GmSpRAI02UpAAMKSs7t3sRDkIllDSMXgkrgd4bzQYGyS_msqiGWMgnq135tgNRVNGiNmsK4IkR8Wu9oop4wjyEdvT89gMR9LlXLrkW3thbSAimmTwFWnNVjPSW7DtVxHKqT3bPu-Dr0GLb4WK7P73JD91QFqL9v_Nc2hlogOZPRKUfOPKSZLyGNo8FjnqmQ3H5WRKMXRKdCGXUohzrJ5aYiEgYfs7ft2cY7vAzGC_qVdCjW9GXacDgxky0ZAZ-I2MsWq_H1ZAryWfdvnMmW-9aVnnJWdQBJNoXLclfB8Bf-MHQ2bV1Ij3JlCE395WnQV7SJAme4wHHVeEui4R4I32-9S2GwwTCPftZEmVZblfy181IdCCJACKncgfKoIQVdpuB5Kc4M6as0AYyKdF1XippthCOsACXBb9GgvRyuRTYCUGrNacgDJ2ilPVxHkNf0jF_cti9qJZ17k5co4uIwh0xOTwM-SJ6vmHTxz3hFJdnxI9u6iJntqLmt2M8Lkd0WGNqJpybRGrxOnV9AHNVuw58FG5xlJHOnwq-L-fnImN0gtSGZ4CJeClYrcgGZfixNQtCb72M9cl2Ians454qOb_pnY3_sJqQqHoFb1OVsICCWevm6jtxcBhO8SYCMOk1tdMKJiqcj4TZarKhc8WTluH-fq_qynR-kmPDzx5iJ_S7AtNXLY2poEssWx8n4yAnTAnJpf3N_ULmt8D7Yvw3o6j8EETuyEk-dy9cwEwDUPe6_vfEWJkQQZrwMgDT-Jqt57tBWQHg_bCflSHAe4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 02CE
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
khaos.json
token.rubiconproject.com/ Frame 1142
7 B
778 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
khaos.json
token.rubiconproject.com/ Frame 6E0B
7 B
777 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
publishertag.js
static.criteo.net/js/ld/ Frame DA48
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:35 GMT
khaos.json
token.rubiconproject.com/ Frame B663
7 B
778 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ Frame EC8A
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
784
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 20 Oct 2024 01:48:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ Frame 8F8B
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
784
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 20 Oct 2024 01:48:31 GMT
syncframe
gum.criteo.com/ Frame 92B1
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
server
Kestrel
server-processing-duration-in-ticks
2251478
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 3578
0
185 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cb=85066007393
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ Frame 55A6
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
784
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 20 Oct 2024 01:48:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/ Frame E142
421 KB
132 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:48:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
784
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135205
x-xss-protection
0
server
cafe
etag
9147680799068891735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 20 Oct 2024 01:48:31 GMT
syncframe
gum.criteo.com/ Frame 59CD
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
server
Kestrel
server-processing-duration-in-ticks
1089788
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 7895
0
185 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cb=60933989263
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
publishertag.js
static.criteo.net/js/ld/ Frame 74EF
128 KB
41 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-20073"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 22 Oct 2023 02:01:35 GMT
events
bidder.criteo.com/csm/ Frame 3578
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 3578
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
pixel.gif
static.criteo.net/images/ Frame 3578
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
sid
mug.criteo.com/ Frame 92B1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdV...
  • https://mug.criteo.com/sid?cpp=6lLr_Hx6dDVMK04rRUU5ZWIrNEVTOC9sVktpZFp1NGc3cDdvbEkrQk40OWpJWUMra2ozQVNNTFRqdmg3YlV2Z3hmR2M4WVRiOFovdmp2OW5udUZhcWF3enpUZysrbDZNSlZxN01Xa205RDRBb0FSYTZkQVNIdWpvZzJ0Nj...
425 B
656 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=6lLr_Hx6dDVMK04rRUU5ZWIrNEVTOC9sVktpZFp1NGc3cDdvbEkrQk40OWpJWUMra2ozQVNNTFRqdmg3YlV2Z3hmR2M4WVRiOFovdmp2OW5udUZhcWF3enpUZysrbDZNSlZxN01Xa205RDRBb0FSYTZkQVNIdWpvZzJ0NjZlZGovcERVMHp0ZThhTVc0VjRlc1RiR0NEaGtXVUZ0dXRzTjZzNWdRb3kvRGUwMnR3Sm5YZ1d6dFJLZnNzMGJRNzFtQWVsNmhmYzZuWHo0MFArZEFoOHdjTGRFbDdSMGtQbFdMaW9UR0c0dlk1SjRkVWFKQ3d4c01wTEgwL1BSL1o2Y0xPMzU1ZWV1dnhpNWhZVGhKV1NsSU5MbWp4QT09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
1e6cd2460cf7235efab7528a9b219b563ab631ea60f174b718c76b2b5ca90c13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1864972
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=6lLr_Hx6dDVMK04rRUU5ZWIrNEVTOC9sVktpZFp1NGc3cDdvbEkrQk40OWpJWUMra2ozQVNNTFRqdmg3YlV2Z3hmR2M4WVRiOFovdmp2OW5udUZhcWF3enpUZysrbDZNSlZxN01Xa205RDRBb0FSYTZkQVNIdWpvZzJ0NjZlZGovcERVMHp0ZThhTVc0VjRlc1RiR0NEaGtXVUZ0dXRzTjZzNWdRb3kvRGUwMnR3Sm5YZ1d6dFJLZnNzMGJRNzFtQWVsNmhmYzZuWHo0MFArZEFoOHdjTGRFbDdSMGtQbFdMaW9UR0c0dlk1SjRkVWFKQ3d4c01wTEgwL1BSL1o2Y0xPMzU1ZWV1dnhpNWhZVGhKV1NsSU5MbWp4QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
350488
content-length
0
expires
0
sid
mug.criteo.com/ Frame 59CD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdV...
  • https://mug.criteo.com/sid?cpp=Rf_19HxKVmJJYXRxRWYwU0JIVFpkeXZFMUxhdjNJZ3UrcmRQRXpXQ1pLY2Rxak1QUDNOaDVNbDRGRGpndzlXOTRRRUF0UGtPNzZyYmNLbm5VNkJmN3l5N3hCVlRuYmRsY1kxeCtzTkUxeldjZUVYZC93QlF5S2dDc3Bnal...
428 B
653 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=Rf_19HxKVmJJYXRxRWYwU0JIVFpkeXZFMUxhdjNJZ3UrcmRQRXpXQ1pLY2Rxak1QUDNOaDVNbDRGRGpndzlXOTRRRUF0UGtPNzZyYmNLbm5VNkJmN3l5N3hCVlRuYmRsY1kxeCtzTkUxeldjZUVYZC93QlF5S2dDc3BnalU3RnZ3OU5uQUk2aWpaRCtjdUliTVkrc0c0TzV3WVBQQy9jOHo3MEZXSk9mNEhQVEZvRXRaNzVDK3c3Q20zMDU4Z0t1dHBpSkIxK0ZWdzJJVCtCN3VoVkdWV1QwTEIybC9TVzArOTIyOEdQRTBEN1JWK2FyQjViK0Uva0Y1akR5MjFubDQ4a09sMU5HSUFtYmFXWUNxTllKSzMvVkJZdz09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
03739e1be59a229a2d4757b24ae276579c23005cf94969fca0f93aa6f0959765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1441280
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Rf_19HxKVmJJYXRxRWYwU0JIVFpkeXZFMUxhdjNJZ3UrcmRQRXpXQ1pLY2Rxak1QUDNOaDVNbDRGRGpndzlXOTRRRUF0UGtPNzZyYmNLbm5VNkJmN3l5N3hCVlRuYmRsY1kxeCtzTkUxeldjZUVYZC93QlF5S2dDc3BnalU3RnZ3OU5uQUk2aWpaRCtjdUliTVkrc0c0TzV3WVBQQy9jOHo3MEZXSk9mNEhQVEZvRXRaNzVDK3c3Q20zMDU4Z0t1dHBpSkIxK0ZWdzJJVCtCN3VoVkdWV1QwTEIybC9TVzArOTIyOEdQRTBEN1JWK2FyQjViK0Uva0Y1akR5MjFubDQ4a09sMU5HSUFtYmFXWUNxTllKSzMvVkJZdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
467363
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame 8F66
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:34 GMT
server
Kestrel
server-processing-duration-in-ticks
921184
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame DA48
0
185 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cb=35480855120
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ Frame EC8A
492 B
264 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2269702217833886&correlator=3522671937711562&eid=31078820%2C31077693&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1697853695654&lmt=1644357553&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=csqsnsqnj8bs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=115093804.1697853696&ga_sid=1697853696&ga_hid=549991182&ga_fc=false&dlt=1697853695387&idt=246&adks=64515409&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
330b43041f384f57b38ffec3b28a40bd8a9ecd5f597767d526903165bfca2bc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42288b8fa538cea18b23ef3066c419ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 43F8
6 KB
3 KB
Document
General
Full URL
https://42288b8fa538cea18b23ef3066c419ff.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sun, 20 Oct 2024 02:01:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8F8B
492 B
265 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=69273534309266&correlator=827442182944150&eid=31078820%2C44769662&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1697853695678&lmt=1644357553&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=18axrejyp2iu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=97792823.1697853696&ga_sid=1697853696&ga_hid=1522691507&ga_fc=false&dlt=1697853695390&idt=279&adks=64515409&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23bc87a9ac79464b095e66f8e221ff5808c7321fe72b8a8dc0f27cdf1ddddc90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e330217ec61857017b5eac8d29abd0f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04E9
6 KB
3 KB
Document
General
Full URL
https://e330217ec61857017b5eac8d29abd0f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sun, 20 Oct 2024 02:01:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 55A6
492 B
263 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3723834311499127&correlator=714545459626248&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1697853695695&lmt=1644357553&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1736h8l4f2my&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=558169448.1697853696&ga_sid=1697853696&ga_hid=1768664458&ga_fc=false&dlt=1697853695393&idt=292&adks=64515409&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f08aa2eab290c5df887484765552d56aed19a3abb6236d943b5972d26cf0002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2baa1f706c3b659225e2755858a40724.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC87
6 KB
3 KB
Document
General
Full URL
https://2baa1f706c3b659225e2755858a40724.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sun, 20 Oct 2024 02:01:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E142
492 B
261 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2135833408959858&correlator=3486303875676337&eid=31078979&output=ldjh&gdfp_req=1&vrg=202310170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1697853695710&lmt=1644357553&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=s630fu3el5hb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Frisu.io%2F&top=https%3A%2F%2Frisu.io%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=32784234.1697853696&ga_sid=1697853696&ga_hid=834617850&ga_fc=false&dlt=1697853695439&idt=262&adks=64515409&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0adf73ab74194b42cf6b9f0c6f19712e6eb181e12bd098f62e121bf3f8acb98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4cbb8452ef827087d81924830a391e50.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 75BC
6 KB
3 KB
Document
General
Full URL
https://4cbb8452ef827087d81924830a391e50.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sun, 20 Oct 2024 02:01:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fsa-sdk.min.js
ad.sitemaji.com/fsa/ Frame 3578
112 KB
12 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8335d9c0cf583c0d134baf6d52ba7ee88f0726c812c5a297de05e80360b2a9fc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:35:49 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 19 Oct 2023 00:28:01 GMT
server
nginx/1.12.1 (Ubuntu)
age
41146
etag
W/"65307811-1c052"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12159
expires
Sat, 21 Oct 2023 14:35:49 GMT
pixel.gif
static.criteo.net/images/ Frame DA48
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
pixel.gif
static.criteo.net/images/ Frame DA48
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
events
bidder.criteo.com/csm/ Frame DA48
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fsa-sdk.min.js
ad.sitemaji.com/fsa/ Frame DA48
112 KB
12 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8335d9c0cf583c0d134baf6d52ba7ee88f0726c812c5a297de05e80360b2a9fc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:35:49 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 19 Oct 2023 00:28:01 GMT
server
nginx/1.12.1 (Ubuntu)
age
41146
etag
W/"65307811-1c052"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12159
expires
Sat, 21 Oct 2023 14:35:49 GMT
syncframe
gum.criteo.com/ Frame 1377
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=risu.io
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
server
Kestrel
server-processing-duration-in-ticks
24114452
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 74EF
0
185 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=143&profileId=184&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdVZlRqVDl2dktBSkRQamdsM094RTNjVTBJMnhpenlDV1FSdTZwT1AxcHpwUTglMkIxYXhEYTdLd29kZDdmR3JLbjQwa1dQZmxXdzdVbFNhZHJCd1d0Qm10ZXQ3T24zajdBJTNEJTNE&cb=56033192965
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sid
mug.criteo.com/ Frame 8F66
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdV...
  • https://mug.criteo.com/sid?cpp=rkSgdnxFak85OVd0K2I2Ky84QU83c09IWGk1cUVEVzdyWUdjSllpWlJDeTVocEFFK1FIRjR3VDRQZkVnb2RzMnl6SmJKbUZydHd1MjRHUmYySmphd0V3dFllQk1FNXpMZ1JkSXRnREdWbWJ6Y0thUXBmNUhUOEVxRlhJYV...
415 B
644 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=rkSgdnxFak85OVd0K2I2Ky84QU83c09IWGk1cUVEVzdyWUdjSllpWlJDeTVocEFFK1FIRjR3VDRQZkVnb2RzMnl6SmJKbUZydHd1MjRHUmYySmphd0V3dFllQk1FNXpMZ1JkSXRnREdWbWJ6Y0thUXBmNUhUOEVxRlhJYVFvdEVlMkRtUnpnQmNhcjMvYzUyN0p2LzlvQ002TGM0Sk5rNmZTNUhrWVI4S2tMaEFJNDUzeHJZbUREN3BCeFhIS1ZpdFZwRzUyVU5jdk1objRKT3hNbnk1YVRnME9NbkcxbE5WRkdXUUdxUE05QklKZ25hN1BNQmEvTXQ4NFJscEtSRU8zOEtJUXZvNTA3V3dWellnZ2hHZVIwT1RYUT09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
35d9b636ba532af5277a6bae3b3c457009e5bfe5ea7c78458b904480f3ce15a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1065937
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=rkSgdnxFak85OVd0K2I2Ky84QU83c09IWGk1cUVEVzdyWUdjSllpWlJDeTVocEFFK1FIRjR3VDRQZkVnb2RzMnl6SmJKbUZydHd1MjRHUmYySmphd0V3dFllQk1FNXpMZ1JkSXRnREdWbWJ6Y0thUXBmNUhUOEVxRlhJYVFvdEVlMkRtUnpnQmNhcjMvYzUyN0p2LzlvQ002TGM0Sk5rNmZTNUhrWVI4S2tMaEFJNDUzeHJZbUREN3BCeFhIS1ZpdFZwRzUyVU5jdk1objRKT3hNbnk1YVRnME9NbkcxbE5WRkdXUUdxUE05QklKZ25hN1BNQmEvTXQ4NFJscEtSRU8zOEtJUXZvNTA3V3dWellnZ2hHZVIwT1RYUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
324317
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame EC8A
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31dd5638142472d8cd8c40a34039f053bca95e812d814a0bca751e5a1d18c3a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12085
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8F8B
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07e9db6cdf30b344f481bb94e145da7b5ab132884f042ab461164e1e7d37f392
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12200
x-xss-protection
0
pixel.gif
static.criteo.net/images/ Frame 74EF
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
pixel.gif
static.criteo.net/images/ Frame 74EF
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
events
bidder.criteo.com/csm/ Frame 74EF
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
sodar
pagead2.googlesyndication.com/getconfig/ Frame 55A6
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d87a2a49244d14c429cf1b5dd040c82ff548f26e23ec89bb4cd77ff53c73571a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12322
x-xss-protection
0
fsa-sdk.min.js
ad.sitemaji.com/fsa/ Frame 74EF
112 KB
12 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8335d9c0cf583c0d134baf6d52ba7ee88f0726c812c5a297de05e80360b2a9fc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:35:49 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 19 Oct 2023 00:28:01 GMT
server
nginx/1.12.1 (Ubuntu)
age
41146
etag
W/"65307811-1c052"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12159
expires
Sat, 21 Oct 2023 14:35:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E142
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38c38b5f6e84c218e5f16a7b8a11b1637821196b3e7292f0826c8b7cdf4e4541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12103
x-xss-protection
0
/
ssl.sitemaji.com/geo/ Frame 3578
17 B
159 B
Script
General
Full URL
https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
a8ca0716dd8548255b781bcb963e91a4b292908c34287f79d5e2f9244e668088

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
max-age=86400, public
server
nginx
content-length
17
expires
Sun, 22 Oct 2023 02:01:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EC8A
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 02:01:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8F8B
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 02:01:35 GMT
/
ssl.sitemaji.com/geo/ Frame DA48
17 B
160 B
Script
General
Full URL
https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
a8ca0716dd8548255b781bcb963e91a4b292908c34287f79d5e2f9244e668088

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
max-age=86400, public
server
nginx
content-length
17
expires
Sun, 22 Oct 2023 02:01:35 GMT
sid
mug.criteo.com/ Frame 1377
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=risu.io&sn=ChromeSyncframe&so=3&topUrl=risu.io&bundle=cBrFsF9BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxhYTJhSEowdzdRZW9CQWVKa0trZkRBeXA2JTJGVWtBdU9wMjdV...
  • https://mug.criteo.com/sid?cpp=JGAKWXxnbExQbGdzYWU1Zko0OTd1QTVRWGdaMnRjNGRiRTdGanVmd214SVBJcmhIazF1MDVKZzRLaXJISWVzVFJWMDhMRGxsYldlcnE0bTRlTjlMa1pKWHlmV2tCR3NFMnd4ZG03RTkwODRTVjhveTZVdG1nbUMrYW1jbU...
436 B
653 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=JGAKWXxnbExQbGdzYWU1Zko0OTd1QTVRWGdaMnRjNGRiRTdGanVmd214SVBJcmhIazF1MDVKZzRLaXJISWVzVFJWMDhMRGxsYldlcnE0bTRlTjlMa1pKWHlmV2tCR3NFMnd4ZG03RTkwODRTVjhveTZVdG1nbUMrYW1jbUh1ZFhzM2RPcVl6OW53OWVjWVpkWjRFcDNKODlNVWEyNi96cjhKK293c2VSd1M2cUFJREpoT3NPM2FnM3k4Z0FCa3RqdmR2ME15RG5jU0pkNDltUjhrUlgxVHFZZzA2dHJRMTlQVlZBVWNETmU2aVZqMzdlcHNrSGlaTVI3dk80d1NGNXliWnc5SmtROTJCdURqeldLTVN4ZXkrNGkrUT09fA&cppv=2
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b5d08c8204a9b8d22759df816442439fd1ff2565736c4a9c13d7a94cc7248b62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
818821
expires
0

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=JGAKWXxnbExQbGdzYWU1Zko0OTd1QTVRWGdaMnRjNGRiRTdGanVmd214SVBJcmhIazF1MDVKZzRLaXJISWVzVFJWMDhMRGxsYldlcnE0bTRlTjlMa1pKWHlmV2tCR3NFMnd4ZG03RTkwODRTVjhveTZVdG1nbUMrYW1jbUh1ZFhzM2RPcVl6OW53OWVjWVpkWjRFcDNKODlNVWEyNi96cjhKK293c2VSd1M2cUFJREpoT3NPM2FnM3k4Z0FCa3RqdmR2ME15RG5jU0pkNDltUjhrUlgxVHFZZzA2dHJRMTlQVlZBVWNETmU2aVZqMzdlcHNrSGlaTVI3dk80d1NGNXliWnc5SmtROTJCdURqeldLTVN4ZXkrNGkrUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
358833
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231017&jk=1718283948687407&bg=!AAOlA0zNAAbDUgby41I7ADQBe5WfONZvyqqZRd98Eib8yz_kTeGH39Nf5I8I-bfNKciU1pLigxjU_luasG6BNXpS7ZA1AgAAAfpSAAAAA2gBB5kCqn1gkVyxC4fy6OjSiJup6NSGgkt_DS1BLqQ9Q6vR6Z4i5jOQXAqtD0iBFlyzrfUyWx392oyTxZSTRvuQm6I1osG6klaxVjwvebwgx7eX3Z55ASdftL573n0oY2dxkfQXcyHnGcKUV2msLCwea_WnCd9WBcsne5Qlqe34faoUX4ePy9XF3cP8IF9hPs9Ke2kAe-R0yf0nYspMuOXRFsZZo0AvCRLEk8fwkX7oEfhbYhMoEMwBA2zQ7OKjdeaeiHDd8qZhCEhKUNKdqDiiSzw1bl1eLvyH00D4IVgygLz0Lx1un-bZIYX0KPKk0utkdOCOCKyqhZFlC4fuaHVbQ7gTYpxHLP73N9DVWaa9hWF2v3a-xQEzAC5UdEGNXYB7Nbjj42PvPnoJR13EYE0-6CiSkLs2K5alwi7LepoB6xnUgNI9A8rTlvXTdqrKdW9-4J-2AO3lmZyiDQOXcniUqxu3IprojVjZ57oKxOVRSivVtPEAGKshRIO8KejB-t2Betj9mxwMXuE_-xEIQXREdgpkZyQE5pasaB8-qsCzJYv7r1nGV4nHkNOO3Nx9ZZWyfHSCUZN0L9cfJI2ok6JvXIxXY9cMA5bK0g1PBUvt7DeuB9CtnIEmzR8Fg2WD5s5BOIYQ1KKjqiUEDRfO8XfFglMLYovSwNqsvo63OjubsZylLoMPis3Yc4vYnngRWhZ9-iPPJPMgFV8t6BMvaa17vEgt2Xe-HjgYoAsQrJGRopDnmzIVCZuxzbpJjp4TlrLHhHbfT8Ky-MvPseNkw16i9-nkvejrUkQbkJhVCf6hn6xjeRAjW6Tw05cqXyOeXwUCJ4iteeo9MuSmrLLEop-knY3hIMUPodiPQJnFJfUDeztaSkltd45zzaEhY-pB9zt4jL9HnhqIsnvBHVmrUxw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

sodar2.js
tpc.googlesyndication.com/sodar/ Frame 55A6
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 02:01:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E142
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 02:01:35 GMT
/
ssl.sitemaji.com/geo/ Frame 74EF
17 B
159 B
Script
General
Full URL
https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
a8ca0716dd8548255b781bcb963e91a4b292908c34287f79d5e2f9244e668088

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
max-age=86400, public
server
nginx
content-length
17
expires
Sun, 22 Oct 2023 02:01:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F42C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
85154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 02:22:21 GMT
expires
Sat, 19 Oct 2024 02:22:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7CE3
829 B
560 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7db404029f7b8f430deb9c927bb912a00cf55f5966bec628c6aa480a09db91c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-blZuIoBAz6Of9jIUerUDIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-blZuIoBAz6Of9jIUerUDIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sat, 21 Oct 2023 02:01:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E89
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
85154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 02:22:21 GMT
expires
Sat, 19 Oct 2024 02:22:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EE65
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a1dfa7197c41931248974751713784646551a164a817cbea194570dbe185ed3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-l_3RrEZXa1ORpjwzG9xkJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-l_3RrEZXa1ORpjwzG9xkJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sat, 21 Oct 2023 02:01:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel.gif
static.criteo.net/images/ Frame 7895
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
pixel.gif
static.criteo.net/images/ Frame 7895
43 B
365 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 15 Oct 2024 02:01:35 GMT
events
bidder.criteo.com/csm/ Frame 7895
0
185 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://risu.io/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 21 Oct 2023 02:01:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F3FF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
85154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 02:22:21 GMT
expires
Sat, 19 Oct 2024 02:22:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8857
829 B
562 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d6759bb88bb9a0c9713c44ed40ccf17a6c5da053947ad30664c7a98445a34ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UjC_7OH0PMgc_e-MqxZBWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UjC_7OH0PMgc_e-MqxZBWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sat, 21 Oct 2023 02:01:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD5C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
85154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Oct 2023 02:22:21 GMT
expires
Sat, 19 Oct 2024 02:22:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9593
829 B
560 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
47c505563b6440f55167ae7d443a3fe3e12fb73c512334cfcbd4f2cf680b05e9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w0NTrFy6GEAYsSszLqorAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-w0NTrFy6GEAYsSszLqorAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 21 Oct 2023 02:01:35 GMT
expires
Sat, 21 Oct 2023 02:01:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1x1.png
cdn.aralego.net/img/ Frame 02CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LNZE947Y-3-64EO
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LNZE947Y-3-64EO
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=ZTg5N2QyNjMtOTUzMi0zNDQ5LTk4M2YtMzljNTBlZTkxMWNl&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
581 B
Image
General
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3459
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
68
cf-bgj
imgq:85,h2pri
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kfJw8H7tVBDmoCfUvNm0mpaMsuIZOCbv64h1WhdQvX8Ujaulnn14wNOoTbDlwC6w2RDuYNFgAF%2BQSa89yB%2FfTif1dEG7IDW%2FBr38%2BDrx2g9PGtH5cIG5l%2F16Qtrqg%2FDB0s4FuAOcWlgs46EuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8195e9e0483d3f58-SIN

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cdn.aralego.net/img/1x1.png
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fsa-sdk.min.js
ad.sitemaji.com/fsa/ Frame 7895
112 KB
12 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8335d9c0cf583c0d134baf6d52ba7ee88f0726c812c5a297de05e80360b2a9fc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:35:49 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 19 Oct 2023 00:28:01 GMT
server
nginx/1.12.1 (Ubuntu)
age
41146
etag
W/"65307811-1c052"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12159
expires
Sat, 21 Oct 2023 14:35:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EE65
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=69273534309266&rc=
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 7CE3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=2269702217833886&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame F42C
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 19:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
281505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 19:49:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8857
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=3723834311499127&rc=
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame 5E89
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 19:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
281505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 19:49:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9593
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310170101&jk=2135833408959858&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame F3FF
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 19:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
281505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 19:49:50 GMT
kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
pagead2.googlesyndication.com/bg/ Frame DD5C
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/kdR3Uc-Lch-XuU6BJZRbuWDa0aJJ9it8wzNxgvcOl3M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 19:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
281505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14703
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Oct 2024 19:49:50 GMT
/
ssl.sitemaji.com/geo/ Frame 7895
17 B
159 B
Script
General
Full URL
https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
a8ca0716dd8548255b781bcb963e91a4b292908c34287f79d5e2f9244e668088

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/plain; charset=utf-8
date
Sat, 21 Oct 2023 02:01:36 GMT
cache-control
max-age=86400, public
server
nginx
content-length
17
expires
Sun, 22 Oct 2023 02:01:36 GMT
tap.php
pixel.rubiconproject.com/ Frame 02CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/GwCYr7uYAF1tItEI1BnJ0w?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v5UOxq9E2oKZeD3XugYbfYdE0CL0O43YIb5MYg--~A
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v5UOxq9E2oKZeD3XugYbfYdE0CL0O43YIb5MYg--~A
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v5UOxq9E2oKZeD3XugYbfYdE0CL0O43YIb5MYg--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 02CE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sS8dNjOUQRyv45WO7h5oMg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sS8dNjOUQRyv45WO7h5oMg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sS8dNjOUQRyv45WO7h5oMg
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 02:01:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
52N3WKZ370JNQR006KY6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sS8dNjOUQRyv45WO7h5oMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 02CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB1Dz0F3REr2Ja7B54_Q82E&google_cver=1
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB1Dz0F3REr2Ja7B54_Q82E&google_cver=1
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB1Dz0F3REr2Ja7B54_Q82E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 02CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNZE947Y-3-64EO
0
515 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNZE947Y-3-64EO
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: C04FC56ED44A4598B9EEF701F9CBE8B4 Ref B: SIN30EDGE0111 Ref C: 2023-10-21T02:01:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIMF5xnkspebLuKM8cYA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LNZE947Y-3-64EO
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 02CE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=259f9059-0f1f-4b0f-bf39-092c79f39291&gdpr=0&gdpr_consent=&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=259f9059-0f1f-4b0f-bf39-092c79f39291&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=259f9059-0f1f-4b0f-bf39-092c79f39291&gdpr=0&gdpr_consent=&expires=30
date
Sat, 21 Oct 2023 02:01:36 GMT
server
Kestrel
content-length
289
pixel
cm.g.doubleclick.net/ Frame 02CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE5aRTk0N1ktMy02NEVP
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFG2LREzGzYUiPnLuWVjO9g&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5aRTk0N1ktMy02NEVP&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5aRTk0N1ktMy02NEVP&google_push=
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5aRTk0N1ktMy02NEVP&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 02CE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GtMO9t_5SAe-haE25fOa0w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GtMO9t_5SAe-haE25fOa0w
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GtMO9t_5SAe-haE25fOa0w
Protocol
HTTP/1.1
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 02:01:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EVW5ZXCQ3S9YMGH2M0KG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GtMO9t_5SAe-haE25fOa0w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 02CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODMyOTFmMWZiODkzZGIzZGE0OWUwZjExMTRiYzkzZDc4NjViNGViMg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODMyOTFmMWZiODkzZGIzZGE0OWUwZjExMTRiYzkzZDc4NjViNGViMg
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H3
Server
142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODMyOTFmMWZiODkzZGIzZGE0OWUwZjExMTRiYzkzZDc4NjViNGViMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 02CE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAKkh07KZmIAABfcynUzWQ&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAKkh07KZmIAABfcynUzWQ&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAKkh07KZmIAABfcynUzWQ&expires=30
Date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 02CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LNZE947Y-3-64EO&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LNZE947Y-3-64EO&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qNmRLc2NwRTJ1SFpwR0VZeERiVUZvVkpsVW5MZnA2U35B&ovsid=LNZE947Y-3-64EO&dpid=58160
53 B
645 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qNmRLc2NwRTJ1SFpwR0VZeERiVUZvVkpsVW5MZnA2U35B&ovsid=LNZE947Y-3-64EO&dpid=58160
Protocol
H2
Server
184.28.235.160 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-28-235-160.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 21 Oct 2023 02:01:36 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 21 Oct 2023 02:01:36 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1qNmRLc2NwRTJ1SFpwR0VZeERiVUZvVkpsVW5MZnA2U35B&ovsid=LNZE947Y-3-64EO&dpid=58160
date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/ Frame 02CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNZE947Y-3-64EO
68 B
280 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNZE947Y-3-64EO
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
18.139.177.100 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-177-100.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 02CE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LNZE947Y-3-64EO
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNZE947Y-3-64EO
95 B
427 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNZE947Y-3-64EO
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LNZE947Y-3-64EO
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 02CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LNZE947Y-3-64EO
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNZE947Y-3-64EO
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNZE947Y-3-64EO&ckls=true&ci=Ke0QtZRxsI&nc=false&trid=-1117914077
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNZE947Y-3-64EO&ckls=true&ci=Ke0QtZRxsI&nc=false&trid=-1117914077
Protocol
H2
Server
13.33.33.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-90.sin2.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Lj9_2ZfpFTLHo2sYXbXiZpcFo0hzUYG0EyHOp1SGDXcbXwhyBw9DkQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LNZE947Y-3-64EO&ckls=true&ci=Ke0QtZRxsI&nc=false&trid=-1117914077
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
DTa-dxpKLXbkZ8LQ2y_QDso_w9LXH3YkYxNcMsynPraFgNJhAthc0w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame 02CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LNZE947Y-3-64EO&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
0
Image
General
Full URL
https://capi.connatix.com/us/pixel?puid=LNZE947Y-3-64EO&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://capi.connatix.com/us/pixel?puid=LNZE947Y-3-64EO&pId=11&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
setuid
ib.adnxs.com/prebid/ Frame 02CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
103.43.90.53 , Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
an-x-request-uuid
b1455f4b-4a31-4bdc-995c-533c176801f6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
103.254.153.225; 103.254.153.225; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame 02CE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LNZE947Y-3-64EO
0
449 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LNZE947Y-3-64EO
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
4
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 1142
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LNZE947Y-3-64EO&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LNZE947Y-3-64EO&ex=d-rubiconproject.com&status=ok
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 02:01:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FGNN8DTKM0CR950RR7VB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LNZE947Y-3-64EO&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eccf4b02-882f-4f1d-a54f-78d5516a935d&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eccf4b02-882f-4f1d-a54f-78d5516a935d&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=eccf4b02-882f-4f1d-a54f-78d5516a935d&expires=30
Date
Sat, 21 Oct 2023 02:01:36 GMT
Connection
keep-alive
X-CI-RTID
af998c3b-a00f-40c0-9af8-b9e1a3ec94fe
Content-Length
144
Content-Type
text/html; charset=utf-8
merge
ce.lijit.com/ Frame 1142
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LNZE947Y-3-64EO
  • https://ce.lijit.com/merge?pid=80&3pid=LNZE947Y-3-64EO&dnr=1
43 B
663 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LNZE947Y-3-64EO&dnr=1
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 02:01:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 02:01:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LNZE947Y-3-64EO&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=66827314-7eff-471f-9cfe-c5b3d37931df
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=66827314-7eff-471f-9cfe-c5b3d37931df
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=66827314-7eff-471f-9cfe-c5b3d37931df
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1515012
content-length
0
expires
Sat, 21 Oct 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=WJ2us4rCWkp7qpN-hDCOm2f-meE
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=WJ2us4rCWkp7qpN-hDCOm2f-meE
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=WJ2us4rCWkp7qpN-hDCOm2f-meE
Date
Sat, 21 Oct 2023 02:01:36 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 1142
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNZE947Y-3-64EO
0
284 B
Image
General
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNZE947Y-3-64EO
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=0ad961c1-ab53-4600-be6f-3345b7a1edc5
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=0ad961c1-ab53-4600-be6f-3345b7a1edc5
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Sat, 21 Oct 2023 02:01:21 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=0ad961c1-ab53-4600-be6f-3345b7a1edc5
cache-control
private,no-cache
content-length
223
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7805708194966705746
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7805708194966705746
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=7805708194966705746
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7371209076520535808&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7371209076520535808&expires=30
Requested by
Host: risu.io
URL: https://risu.io/
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
an-x-request-uuid
c051bfdf-7358-4ee4-bd5c-94aafe0aedd5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=7371209076520535808&expires=30
x-proxy-origin
103.254.153.225; 103.254.153.225; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4245704473223045341&expires=60&gdpr=&gdpr_consent=
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4245704473223045341&expires=60&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=4245704473223045341&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Sat, 21 Oct 2023 02:01:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1697853696275
  • https://ad.turn.com/r/cs?pid=45&rndcb=1901965491
  • https://sync.1rx.io/usersync/turn/4245704473223045341?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-ead259be-33f7-4f...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
date
Sat, 21 Oct 2023 02:01:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXead259be33f74f6bb2d788eab6213477004
content-type
text/html
esync
token.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 1142
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LNZE947Y-3-64EO
0
326 B
Image
General
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LNZE947Y-3-64EO
Protocol
H2
Server
54.77.100.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-100-160.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
match
events-ssc.33across.com/ Frame 1142
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LNZE947Y-3-64EO
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNZE947Y-3-64EO&ts=1697853696&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
216 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNZE947Y-3-64EO&ts=1697853696&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:37 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LNZE947Y-3-64EO&ts=1697853696&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
60909
i6.liadm.com/s/ Frame 1142
Redirect Chain
  • https://token.rubiconproject.com/token?pid=49096
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO
  • https://i.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO&_li_chk=true&previous_uuid=e58335cadb33435887fba933acc0de24
  • https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:dc41:f108:a8d8:7b16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:38 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/60909?bidder_id=227664&bidder_uuid=LNZE947Y-3-64EO
Date
Sat, 21 Oct 2023 02:01:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
tap.php
pixel.rubiconproject.com/ Frame 1142
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly
  • https://sync.1rx.io/usersync/rubicon/LNZE947Y-3-64EO
  • https://sync.targeting.unrulymedia.com/csync/RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-ead259be-33f7-4f...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004&expires=30
date
Sat, 21 Oct 2023 02:01:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXead259be33f74f6bb2d788eab6213477004
content-type
text/html
redirect
exchange.mediavine.com/usersync/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LNZE947Y-3-64EO
0
186 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LNZE947Y-3-64EO
Protocol
H2
Server
3.75.11.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-11-145.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
setuid
s2s.t13.io/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-triple13
  • https://s2s.t13.io/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
86 B
449 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Protocol
H2
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s2s.t13.io/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
143
match.deepintent.com/usersync/ Frame B663
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-length
0
server
b
tap.php
pixel.rubiconproject.com/ Frame B663
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=1
  • https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9e349af4-4719-4855-9f11-efe6b51de621-65333100-5347&expires=360&gdpr=0&gdpr_consent=
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9e349af4-4719-4855-9f11-efe6b51de621-65333100-5347&expires=360&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://pixel.rubiconproject.com/tap.php?v=7430&nid=2238&put=9e349af4-4719-4855-9f11-efe6b51de621-65333100-5347&expires=360&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie-sync
sync.outbrain.com/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNZE947Y-3-64EO&obUid=&initiator=
0
287 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNZE947Y-3-64EO&obUid=&initiator=
Protocol
HTTP/1.1
Server
66.225.223.159 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sat, 21 Oct 2023 02:01:36 GMT
Cache-Control
no-cache
X-TraceId
28bf9d13660facf5c44eba08cead6474
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LNZE947Y-3-64EO&obUid=&initiator=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
cs
cs.yellowblue.io/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage
  • https://cs.yellowblue.io/cs?aid=11590&id=LNZE947Y-3-64EO
0
326 B
Image
General
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LNZE947Y-3-64EO
Protocol
H2
Server
34.254.46.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-46-142.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNZE947Y-3-64EO&name=RUBICON
49 B
385 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNZE947Y-3-64EO&name=RUBICON
Protocol
H2
Server
52.24.170.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-170-180.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
7
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LNZE947Y-3-64EO&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d335433bbbe0efeac67146df47932f6f
Expires
0
tap.php
pixel.rubiconproject.com/ Frame B663
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=ZTMxAAAZU7r25QA_
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZTMxAAAZU7r25QA_&_test=ZTMxAAAZU7r25QA_
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZTMxAAAZU7r25QA_&_test=ZTMxAAAZU7r25QA_
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-qpg1254-QPG
pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1697853696.368670,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=ZTMxAAAZU7r25QA_&_test=ZTMxAAAZU7r25QA_
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
bridge
cm.adgrx.com/ Frame B663
0
230 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.118.249 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
Cowboy
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
aws-apsoutheast1b-delivery-2
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tap.php
pixel.rubiconproject.com/ Frame B663
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F67A3D2D455748F78CD63CEA6BA518B4&expires=365
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F67A3D2D455748F78CD63CEA6BA518B4&expires=365
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=F67A3D2D455748F78CD63CEA6BA518B4&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 20 Oct 2023 02:01:36 GMT
rubicon
tr.blismedia.com/v1/api/sync/ Frame B663
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tap.php
pixel.rubiconproject.com/ Frame B663
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
  • https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=kuYdbNaobxnFJzakovWS1Q
  • https://rubicon-match.dotomi.com/match/bounce/current?DotomiTest=6dc69a0837de1faa&is_secure=true&networkId=12783&version=1&nuid=kuYdbNaobxnFJzakovWS1Q
  • https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMUFlDjuOGRANCjF9fAAAAAAA&expiration=1697940096&nuid=kuYdbNaobxnFJzakovWS1Q&is_secure=true
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMUFlDjuOGRANCjF9fAAAAAAA&expiration=1697940096&nuid=kuYdbNaobxnFJzakovWS1Q&is_secure=true
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://pixel.rubiconproject.com/tap.php?v=5364|1|90&nid=2046&put=AAAMUFlDjuOGRANCjF9fAAAAAAA&expiration=1697940096&nuid=kuYdbNaobxnFJzakovWS1Q&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
tap.php
pixel.rubiconproject.com/ Frame B663
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=k4Ua8fF5e3qA&ev=1&pid=560687
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=k4Ua8fF5e3qA&ev=1&pid=560687
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
zh-SG
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=k4Ua8fF5e3qA&ev=1&pid=560687
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5556fd6f8-csxtd
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LNZE947Y-3-64EO
43 B
664 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LNZE947Y-3-64EO
Protocol
HTTP/1.1
Server
23.106.127.164 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb-csync.smartadserver.com/redir/?partnerid=104&partneruserid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
Rubicon
crb.kargo.com/api/v1/dsync/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11864
  • https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LNZE947Y-3-64EO
43 B
359 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LNZE947Y-3-64EO
Protocol
H2
Server
13.251.79.216 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-79-216.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://crb.kargo.com/api/v1/dsync/Rubicon?exid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
sync
ads.yieldmo.com/ Frame B663
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LNZE947Y-3-64EO
43 B
599 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LNZE947Y-3-64EO
Protocol
H2
Server
52.74.188.84 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-188-84.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
partner
pixel.servebom.com/ Frame 6E0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=11868
  • https://pixel.servebom.com/partner?svc=us&id=19&uid=LNZE947Y-3-64EO
70 B
595 B
Image
General
Full URL
https://pixel.servebom.com/partner?svc=us&id=19&uid=LNZE947Y-3-64EO
Protocol
H2
Server
2600:9000:20c7:ba00:b:b084:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
Jvs8QjUqsXANWs6qYTwpu6mK82_wjq6v
date
Sat, 21 Oct 2023 02:01:37 GMT
via
1.1 893b2f924f02b6d97b78b13c14301c76.cloudfront.net (CloudFront)
last-modified
Mon, 11 Sep 2023 14:15:16 GMT
server
AmazonS3
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
etag
"f829b914fc47cfc9c0747c119c27cf1b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
no-cache, s-maxage=300
accept-ranges
bytes
content-length
70
x-amz-cf-id
MV7uQkPhgk4AI6Og8hOV4a6FHzu2WAJmKXPa3rZup3du0BWrC7WhSw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://pixel.servebom.com/partner?svc=us&id=19&uid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
sync
usr.undertone.com/userPixel/ Frame 6E0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNZE947Y-3-64EO
0
294 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNZE947Y-3-64EO
Protocol
H2
Server
52.84.251.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-87.sin5.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
content-length
0
x-amz-cf-id
U6S89LR6cgy2g9-rno0AD_IG6Gq_rG4Yz-Sh1JhA2zF4FXifGiZmvQ==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Expires
0
i.match
s.tribalfusion.com/z/ Frame 6E0B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
43 B
400 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8195e9e2ba644496-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
964
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8195e9e1296e4496-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=7
  • https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7292226097720653981&expires=730
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7292226097720653981&expires=730
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=101732&nid=3822&put=7292226097720653981&expires=730
Date
Sat, 21 Oct 2023 02:01:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
setuid
prebid-s2s.media.net/ Frame 6E0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-medianet
  • https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
86 B
509 B
Image
General
Full URL
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Protocol
H2
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
envoy
content-type
image/png
access-control-allow-origin
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
clear
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-s2s.media.net/setuid?bidder=rubicon&uid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 6E0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LNZE947Y-3-64EO
0
251 B
Image
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LNZE947Y-3-64EO
Protocol
H2
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=2
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=842895733344&expires=30&us_privacy=1---
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=842895733344&expires=30&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=842895733344&expires=30&us_privacy=1---
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rubicon/
  • https://b1sync.zemanta.com/usersync/rubicon/?s=2
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=HCnQ6pLUZnSnc9DaRZmo
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=HCnQ6pLUZnSnc9DaRZmo
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Sat, 21 Oct 2023 02:01:37 GMT
Content-Type
text/html; charset=utf-8
Location
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=HCnQ6pLUZnSnc9DaRZmo
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
129
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
csync.loopme.me/ Frame 6E0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=loopme
  • https://csync.loopme.me/?partner_id=1441&vt=&uid=LNZE947Y-3-64EO
0
156 B
Image
General
Full URL
https://csync.loopme.me/?partner_id=1441&vt=&uid=LNZE947Y-3-64EO
Protocol
H2
Server
35.214.255.49 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
49.255.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
server
_

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://csync.loopme.me/?partner_id=1441&vt=&uid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0
  • https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=CKC85Q2kv-YTp77jXfGi4gujt-UTo7vhDfTwutl1
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=CKC85Q2kv-YTp77jXfGi4gujt-UTo7vhDfTwutl1
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&gdpr=0&put=CKC85Q2kv-YTp77jXfGi4gujt-UTo7vhDfTwutl1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
user.sync
match.sync.ad.cpe.dotomi.com/w/ Frame 6E0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=epsilon
  • https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LNZE947Y-3-64EO
43 B
333 B
Image
General
Full URL
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LNZE947Y-3-64EO
Protocol
H2
Server
2a02:fa8:c411:12::1140 Amsterdam, Netherlands, ASN399104 (CNVR-APAC, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 21 Oct 2023 02:01:36 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
content-type
image/gif
cache-control
no-cache
content-length
43
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sync.ad.cpe.dotomi.com/w/user.sync?ptrid=14&userid=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c80248407eff6cf595ce43a76c04e23f
Expires
0
usersync
e.serverbid.com/ Frame 6E0B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=24856
  • https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LNZE947Y-3-64EO
35 B
406 B
Image
General
Full URL
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LNZE947Y-3-64EO
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://eus.rubiconproject.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://e.serverbid.com/usersync?cn=5529&ttt=1&dpui=LNZE947Y-3-64EO
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://rbp.mxptint.net/sn.ashx
  • https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E32F_10AE02F5E_5A97029A&expires=60
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E32F_10AE02F5E_5A97029A&expires=60
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=14321&nid=2313&put=R4E32F_10AE02F5E_5A97029A&expires=60
Date
Sat, 21 Oct 2023 02:01:36 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-380858496; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
227
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=87
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=138904388235532570&gdpr=0&gdpr_consent=
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=138904388235532570&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=138904388235532570&gdpr=0&gdpr_consent=
date
Sat, 21 Oct 2023 02:01:36 GMT
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://match.adsby.bidtheatre.com/rubiconmatch
  • https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1f5962dc-f1f1-4156-918f-ea42a5d67e80
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1f5962dc-f1f1-4156-918f-ea42a5d67e80
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=1f5962dc-f1f1-4156-918f-ea42a5d67e80
Date
Sat, 21 Oct 2023 02:01:37 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
tap.php
pixel.rubiconproject.com/ Frame 6E0B
Redirect Chain
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=abb38773-ed31-454c-b417-839b6b67fb15&expires=30
42 B
690 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=abb38773-ed31-454c-b417-839b6b67fb15&expires=30
Protocol
HTTP/1.1
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d264e84c9dc1a645a3048554992c5d82
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=abb38773-ed31-454c-b417-839b6b67fb15&expires=30
date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 2e4ea5ed710a1104b183ead6b210a514.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
x-amz-cf-id
lwWwsMCfn8RM5s-avhONj-hR1ARVnJABfIW3D2tIAZCe1eNI-3Apng==
x-cache
Miss from cloudfront
campaign.php
fsa-api.feebee.com.tw/maji/v2/ Frame DA48
5 KB
4 KB
Fetch
General
Full URL
https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=sg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
004d70eed3012369a0440923a365c5d6268e18bcdc03ef76318c1cf63c499ebc

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
Origin, Methods, Content-Type, Authorization
campaign.php
fsa-api.feebee.com.tw/maji/v2/ Frame 74EF
5 KB
4 KB
Fetch
General
Full URL
https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=sg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
7b7de8677684f79a40bfb8c6477661fdd0fadc25733a6108dec92289ab40dd04

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
Origin, Methods, Content-Type, Authorization
campaign.php
fsa-api.feebee.com.tw/maji/v2/ Frame 3578
5 KB
4 KB
Fetch
General
Full URL
https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=sg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
9e348f078938e862058a1be8b04438c01a68ff47f7803df3df9170566eaf90d3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
Origin, Methods, Content-Type, Authorization
campaign.php
fsa-api.feebee.com.tw/maji/v2/ Frame 7895
5 KB
3 KB
Fetch
General
Full URL
https://fsa-api.feebee.com.tw/maji/v2/campaign.php?source_site=passback&device=pc&n=3&position=promo2&fhash=cGFzc2JhY2s%3D&size=728x90&slot=728x90&cate=&q=&host=risu.io&is_tw=0&country=sg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
b6a9f28caefcd86c3cc75c4d84eb67b61d3a4a906bd74054b28d5925aa60fed3

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
https://risu.io
access-control-allow-credentials
true
x-robots-tag
noindex
access-control-allow-headers
Origin, Methods, Content-Type, Authorization
generate_204
tpc.googlesyndication.com/ Frame F42C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?YOqDEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5E89
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?W4sW7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame F3FF
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?z9F2_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 6FBE
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
376937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqgvYiumd%2By5hiaAjAunCe9E73BagMg0IMlIwkSDKuVnWboaSwQVXMakHkdsgPXGv7sszOeatiMCqp13l0vOYs%2FJqUX8LKm6F9MW5hz%2FEN716cJhOZ8aXFbTCPUyEMSAMBZoLjmcDP5lzI3P1ngWhRGb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8195e9e21ff96ba4-SIN
expires
Thu, 10 Oct 2024 02:01:36 GMT
fsa-core.min.js
ad.sitemaji.com/fsa/ Frame 6FBE
7 KB
3 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 00:13:02 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 01 Aug 2023 04:21:31 GMT
server
nginx/1.12.1 (Ubuntu)
age
6514
etag
W/"64c8884b-1be1"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2629
expires
Sun, 22 Oct 2023 00:13:02 GMT
aHR0cHM6Ly93d3cudml2YXR2LmNvbS50dy9jb21tb24vaW1hZ2VzL3Byb2R1Y3QvMjkxODg4MjAyMC8xLmpwZw.jpg
img.feebee.tw/i/bAT4CcV6PNvtH9kxiQ1GfOMsO_996e5MrzWn3EjLR_E/372/ Frame 6FBE
32 KB
32 KB
Image
General
Full URL
https://img.feebee.tw/i/bAT4CcV6PNvtH9kxiQ1GfOMsO_996e5MrzWn3EjLR_E/372/aHR0cHM6Ly93d3cudml2YXR2LmNvbS50dy9jb21tb24vaW1hZ2VzL3Byb2R1Y3QvMjkxODg4MjAyMC8xLmpwZw.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
48d2c1833c477188a8ca61dca8e06bb2ebcef4b9eb43812bfeb0fa696e67ab64

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32933
x-request-id
8RgIKKqN1J4G1E_QW3FOA
aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMjExMDgxNTA4NDAxMDUxNzY3MzQzX0w4NS5qcGc.jpg
img.feebee.tw/i/LOaOmqVZRLztpZglTgiQDimrOZY2TQ6DezvFKDq1nS8/372/ Frame 6FBE
8 KB
8 KB
Image
General
Full URL
https://img.feebee.tw/i/LOaOmqVZRLztpZglTgiQDimrOZY2TQ6DezvFKDq1nS8/372/aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMjExMDgxNTA4NDAxMDUxNzY3MzQzX0w4NS5qcGc.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
80b72586f2a6ed708f4aa641d32b369cf9a9fcff56c7969ce8f41bb9c0ff2067

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="202211081508401051767343_L85.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8333
x-request-id
jC0nBmvEhz7zl9qGWX-YJ
aHR0cHM6Ly9pbWFnZS5kb2tvZGVtby53b3JsZC9jYXRhbG9nLXNrdXMvNjE2ODQvYzgzMGUyNDFhZjczY2Y2N2MxNWZiZDU5NTdlMjY1MWIuanBn.jpg
img.feebee.tw/i/5pPH1JLBdhtbfUxbSFv0nC7bjrpYqhHdPibuNkBV3jc/372/ Frame 6FBE
19 KB
19 KB
Image
General
Full URL
https://img.feebee.tw/i/5pPH1JLBdhtbfUxbSFv0nC7bjrpYqhHdPibuNkBV3jc/372/aHR0cHM6Ly9pbWFnZS5kb2tvZGVtby53b3JsZC9jYXRhbG9nLXNrdXMvNjE2ODQvYzgzMGUyNDFhZjczY2Y2N2MxNWZiZDU5NTdlMjY1MWIuanBn.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
09abe1312acc6af1457a28facc4165d73cee896a6f5fa093dfd440b8bade0535

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:37 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="c830e241af73cf67c15fbd5957e2651b.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19805
x-request-id
JOG6G2iwCBHEkxpqZMogB
xuZZ4aTnmIfzakeVYzYAvqD6FWYQ2F7q4hwkDOic-AsSVl9gtQ2OabPu8F88TAnzRyDYpHYBfbaLh7mRmKjfREyqSUMEqqb0IUCXUFxnPIxQV1ck-mJfeflXYxjxqEj2J4KdxpGv9lB70Wqz1vAXPJ7StuBwnkjeCrs5Tfk3MWt9laVzyiOUv9EOu1zL7FZO1d-ZR...
fsa-api.feebee.tw/maji/v2/view/ Frame 74EF
842 B
922 B
Image
General
Full URL
https://fsa-api.feebee.tw/maji/v2/view/xuZZ4aTnmIfzakeVYzYAvqD6FWYQ2F7q4hwkDOic-AsSVl9gtQ2OabPu8F88TAnzRyDYpHYBfbaLh7mRmKjfREyqSUMEqqb0IUCXUFxnPIxQV1ck-mJfeflXYxjxqEj2J4KdxpGv9lB70Wqz1vAXPJ7StuBwnkjeCrs5Tfk3MWt9laVzyiOUv9EOu1zL7FZO1d-ZRzudYAUyTwgevWUnanrBWpv2I8wB4j_PZBqUL7fYgxFgjSpBJjL5dR6i9Y8z3TO09cGDZlmtudhRmCxuOrWF-8C_B0DgqgtQJtzuay5m_7o0rIRWdmtF6-stx0Gc8RZ.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
server
nginx
x-robots-tag
noindex
content-length
842
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame DD5C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?rQj0yA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c0f::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 9B8B
70 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
376937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJnk9Fd2Tch2l8Uo92loWpzmqhGkvuJJJOCbdhBKjUq08G6ixIS%2BSLvcIIvSn7SZgGIcHPv7FBN9%2FZNZ1wUmdzEBk1lVmsEPkKvXO%2FeBShxIOZH%2ByfwaDWR0Iey264BaximDEF16HDthaP%2FsySRwAHHD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8195e9e238156ba4-SIN
expires
Thu, 10 Oct 2024 02:01:36 GMT
fsa-core.min.js
ad.sitemaji.com/fsa/ Frame 9B8B
7 KB
3 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 00:13:02 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 01 Aug 2023 04:21:31 GMT
server
nginx/1.12.1 (Ubuntu)
age
6514
etag
W/"64c8884b-1be1"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2629
expires
Sun, 22 Oct 2023 00:13:02 GMT
aHR0cHM6Ly9pbWFnZS5kb2tvZGVtby53b3JsZC9jYXRhbG9nLXNrdXMvMzI4NzgvYjg3ZDBlMjM1YTUwNzM4YjIyYzAwMDZmMjFkZTRmYWEuanBn.jpg
img.feebee.tw/i/CAHSn0G8r-ZA7DXuKnQoW62Qoou9EwKpn4U3hkKJpBQ/372/ Frame 9B8B
25 KB
25 KB
Image
General
Full URL
https://img.feebee.tw/i/CAHSn0G8r-ZA7DXuKnQoW62Qoou9EwKpn4U3hkKJpBQ/372/aHR0cHM6Ly9pbWFnZS5kb2tvZGVtby53b3JsZC9jYXRhbG9nLXNrdXMvMzI4NzgvYjg3ZDBlMjM1YTUwNzM4YjIyYzAwMDZmMjFkZTRmYWEuanBn.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
90c07e25867389313ba358ca45fab47b6ecc8ee9cfc5ff3942acef691663a182

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="b87d0e235a50738b22c0006f21de4faa.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25311
x-request-id
w9k5MhsxJO6wWaF8ZbNjl
aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMjExMjExNTUxMzUxMDMxMTY5OTc1X0w4NS5qcGc.jpg
img.feebee.tw/i/-CTriVzWCy4H1Oa8sfrvJmmn1oK2Ow5e7Pr48ozez24/372/ Frame 9B8B
29 KB
29 KB
Image
General
Full URL
https://img.feebee.tw/i/-CTriVzWCy4H1Oa8sfrvJmmn1oK2Ow5e7Pr48ozez24/372/aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMjExMjExNTUxMzUxMDMxMTY5OTc1X0w4NS5qcGc.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
7d187a3167ec33f6326d35088c596ee7cfc005641f6062fd4228793e009d3884

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="202211211551351031169975_L85.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29849
x-request-id
hddfVhDmctC88SliZiI6W
aHR0cHM6Ly93d3cudml2YXR2LmNvbS50dy9jb21tb24vaW1hZ2VzL3Byb2R1Y3QvMzA5MzQ2MjAyMi8xLmpwZw.jpg
img.feebee.tw/i/kVhwmrTqaB3PaNGbvcN8eALow0FatlE97znWvBP1wwo/372/ Frame 9B8B
10 KB
10 KB
Image
General
Full URL
https://img.feebee.tw/i/kVhwmrTqaB3PaNGbvcN8eALow0FatlE97znWvBP1wwo/372/aHR0cHM6Ly93d3cudml2YXR2LmNvbS50dy9jb21tb24vaW1hZ2VzL3Byb2R1Y3QvMzA5MzQ2MjAyMi8xLmpwZw.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
1228580c12536ff98a37ab3382a0e2cfb0c55fc903110ca3964c81d64ff4e591

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 00:06:14 GMT
via
1.1 google
server
imgproxy
age
6922
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9891
x-request-id
ZP3z8wYWodHjesJdBMem5
xuZV78yF5lkBTekBK2wgbOtqKtQ1d-sUIOFnNoI16abmx4I9HH7J0O8V65PBkDgAsxcZmCov69o52nUo4CEqBp6Xi7dF8AJtf-WBG6UrKLgwrLIX_YR1JEmqWonFd30WcRMpyPSuPxRvVtBQU5CsTwrbDnaeSQcRv-fI-EbXEBsr4ZANSzjPoEs5RNLnOTDfapnpo...
fsa-api.feebee.tw/maji/v2/view/ Frame 3578
842 B
922 B
Image
General
Full URL
https://fsa-api.feebee.tw/maji/v2/view/xuZV78yF5lkBTekBK2wgbOtqKtQ1d-sUIOFnNoI16abmx4I9HH7J0O8V65PBkDgAsxcZmCov69o52nUo4CEqBp6Xi7dF8AJtf-WBG6UrKLgwrLIX_YR1JEmqWonFd30WcRMpyPSuPxRvVtBQU5CsTwrbDnaeSQcRv-fI-EbXEBsr4ZANSzjPoEs5RNLnOTDfapnposqOTpRIFUVouznrzW0XsH3ddauwMxur6RK3h7g3w8ih27Gnr27YD8y6NdQtBQymkGFD6aJPt6vpdliqYOkgN7XJri5GRFTlTqdBTb27t8xlXxTTIV0ZM_YTdnvQ4vIvDt84WzkLwacvLvuUtYeQg.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
server
nginx
x-robots-tag
noindex
content-length
842
content-type
image/gif
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 7692
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10982424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FtEmFBL4V7Rf9J73AWdoW6Ejmg%2FDOGjA2lZuILiOCS26vf%2Fnj%2FpvLUn%2Fwq7OFudXotJkUzuY6IqKU0368ybV2i%2FdhwypMWz%2Bw6FDwliR430cozElSA6OGgCKwBdoT7w5EuZf9qqeLzC6jyRExNq0lww"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8195e9e24bae408f-SIN
expires
Thu, 10 Oct 2024 02:01:36 GMT
fsa-core.min.js
ad.sitemaji.com/fsa/ Frame 7692
7 KB
3 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 00:13:02 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 01 Aug 2023 04:21:31 GMT
server
nginx/1.12.1 (Ubuntu)
age
6514
etag
W/"64c8884b-1be1"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2629
expires
Sun, 22 Oct 2023 00:13:02 GMT
aHR0cHM6Ly9pbWFnZS5kb2tvZGVtby53b3JsZC9jYXRhbG9nLXNrdXMvOTY4ODYvZTc3ZDgwNmQ1OWNiODg3MWNhYjQzY2RhMzYwYTVmNTQuanBn.jpg
img.feebee.tw/i/47czbzl-0RYyRWXY8W45wY4-ZUQ55z-O7TpBoz2YQCw/372/ Frame 7692
16 KB
16 KB
Image
General
Full URL
https://img.feebee.tw/i/47czbzl-0RYyRWXY8W45wY4-ZUQ55z-O7TpBoz2YQCw/372/aHR0cHM6Ly9pbWFnZS5kb2tvZGVtby53b3JsZC9jYXRhbG9nLXNrdXMvOTY4ODYvZTc3ZDgwNmQ1OWNiODg3MWNhYjQzY2RhMzYwYTVmNTQuanBn.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
c15a8279596f545086da560f1123f86ad18f91c92717c84f33d83e3fd5390b9f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="e77d806d59cb8871cab43cda360a5f54.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16207
x-request-id
-jXOqVxEjOBO-kllTfgAP
aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMzAyMTcxNDI5MTYxMjgxMTE0NzdfTDg1LmpwZw.jpg
img.feebee.tw/i/klcF3vXWywvSDq4KjwxS6jPAvFy3sbjfpVnmq_GhVFk/372/ Frame 7692
5 KB
5 KB
Image
General
Full URL
https://img.feebee.tw/i/klcF3vXWywvSDq4KjwxS6jPAvFy3sbjfpVnmq_GhVFk/372/aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMzAyMTcxNDI5MTYxMjgxMTE0NzdfTDg1LmpwZw.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
0a6b2c0c8600008a977d58b681b44ea77e448441173da9dc2e9e3a904acd2594

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="20230217142916128111477_L85.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5364
x-request-id
adodQZxrYYbwDaQ53uJMw
aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xOTE2My9uYXJyb3cvNTQyNjVfNzJfMjAyMzA2MjAxNjUxNTVfNGQucG5n.jpg
img.feebee.tw/i/KiC4XoYhlvkN9mDaKablzSq70W5j8EE7epEYw6cQMfw/372/ Frame 7692
16 KB
16 KB
Image
General
Full URL
https://img.feebee.tw/i/KiC4XoYhlvkN9mDaKablzSq70W5j8EE7epEYw6cQMfw/372/aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xOTE2My9uYXJyb3cvNTQyNjVfNzJfMjAyMzA2MjAxNjUxNTVfNGQucG5n.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
170894fb3570608f2b8d9be436f07a769484b97c67bbc8fe2ebfbf9fb031dbc1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="54265_72_20230620165155_4d.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16412
x-request-id
s44qKn7T3TC_XYimvwnWY
xuZVF6q2SwO-8qiyiTb6QQhr7wnpNhs45SnG5zRJms58IipkM5Gv5ZEV0SUgygQFMqhEVHKtPq2PImkAR9ULOi__Nz9jnKvIzlidvBDuZiQyX_TYeHoA8hg18xAONdN2xZSXD_8yoiLktyi2tmf8nWx7gDBYs-2Dvq1IWEo2AdCb48V774s284ygYdCsOtIfwH-k9...
fsa-api.feebee.tw/maji/v2/view/ Frame DA48
842 B
922 B
Image
General
Full URL
https://fsa-api.feebee.tw/maji/v2/view/xuZVF6q2SwO-8qiyiTb6QQhr7wnpNhs45SnG5zRJms58IipkM5Gv5ZEV0SUgygQFMqhEVHKtPq2PImkAR9ULOi__Nz9jnKvIzlidvBDuZiQyX_TYeHoA8hg18xAONdN2xZSXD_8yoiLktyi2tmf8nWx7gDBYs-2Dvq1IWEo2AdCb48V774s284ygYdCsOtIfwH-k9b0ATVtc9TulP4m06JT7pP6x810GYbfXxmptflc_XlmsEOMxzTJbOx6nlAdmpB7slWiYmZ7wOjr-8nG3ROv_-OFTwci2L7RUOrVXOhstHfi_w36bfpUBhwaT3IRSd2t4KgW-VbfWLkMwIGYw-GFxA.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
server
nginx
x-robots-tag
noindex
content-length
842
content-type
image/gif
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 60B7
70 KB
5 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10982424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4vBIjOg2hlGavS%2BkG1iWEpY0SOSOduMLgk9oOzRt6kTemzmh1TnNXu8bY%2FNUqIdP%2BBdIE6P%2BPuKFg4kRC0aBzP5TnDUL4zcvENxhUdhv4qpBSKFiDz1dprtriLGInBNnBh6fCHSjc1yp67eXyt0P7Ef"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8195e9e2fc34408f-SIN
expires
Thu, 10 Oct 2024 02:01:36 GMT
fsa-core.min.js
ad.sitemaji.com/fsa/ Frame 60B7
7 KB
3 KB
Script
General
Full URL
https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 00:13:02 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 01 Aug 2023 04:21:31 GMT
server
nginx/1.12.1 (Ubuntu)
age
6514
etag
W/"64c8884b-1be1"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2629
expires
Sun, 22 Oct 2023 00:13:02 GMT
aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMzA0MjMxMTUxNTA1MjU0NzUzMzZfTDg1LmpwZw.jpg
img.feebee.tw/i/fd-f1c0qicBggZy9wyzaTeJS6ro-FL1aOuEwcg-XFGM/372/ Frame 60B7
9 KB
9 KB
Image
General
Full URL
https://img.feebee.tw/i/fd-f1c0qicBggZy9wyzaTeJS6ro-FL1aOuEwcg-XFGM/372/aHR0cHM6Ly9ob3RhaWdvLmF6dXJlZWRnZS5uZXQvcHJvZGZpbGVzL0wvcHJvZHVjdHMvMjAyMzA0MjMxMTUxNTA1MjU0NzUzMzZfTDg1LmpwZw.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
aebd6386092dde1e740c0ca18942f653069630c00b96bd68029709fc1713f07b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="20230423115150525475336_L85.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9560
x-request-id
GoyvRI_mOAffqgqpT1yy5
aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xMTYyMS9uYXJyb3cvNTM0MTFfYWZfMjAyMzAyMTQxMzQxMThfZTkucG5n.jpg
img.feebee.tw/i/sszq7w9RQTCvHmmby63dKwVFpjTfCewa9ERy9wSiDH0/372/ Frame 60B7
4 KB
4 KB
Image
General
Full URL
https://img.feebee.tw/i/sszq7w9RQTCvHmmby63dKwVFpjTfCewa9ERy9wSiDH0/372/aHR0cDovL3d3dy5vbXlnb2QuY29tLnR3L3N1cGVybWFsbC91cGxvYWQvcHJvZHVjdC8xMTYyMS9uYXJyb3cvNTM0MTFfYWZfMjAyMzAyMTQxMzQxMThfZTkucG5n.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
60aa1a8470844820eeb8eed7494baf4bd4862ae79467ec32a068e7b3deee4bb7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="53411_af_20230214134118_e9.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4350
x-request-id
Nr3adcehMgp10E5hebPwN
aHR0cHM6Ly93d3cudml2YXR2LmNvbS50dy9jb21tb24vaW1hZ2VzL3Byb2R1Y3QvMzAxNDcyMjAyMS8xLmpwZw.jpg
img.feebee.tw/i/rObtSm0rkSBLAV4pHPVg5_VHDodXxFOd2NEyuCL_p4M/372/ Frame 60B7
31 KB
31 KB
Image
General
Full URL
https://img.feebee.tw/i/rObtSm0rkSBLAV4pHPVg5_VHDodXxFOd2NEyuCL_p4M/372/aHR0cHM6Ly93d3cudml2YXR2LmNvbS50dy9jb21tb24vaW1hZ2VzL3Byb2R1Y3QvMzAxNDcyMjAyMS8xLmpwZw.jpg
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.28.211.130.bc.googleusercontent.com
Software
imgproxy /
Resource Hash
ff46ce5aa750aa5a04045a1a615d435e7da0081f43495629c3a03a640225635f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
via
1.1 google
server
imgproxy
vary
Accept
content-type
image/jpeg
cache-control
public,max-age=7200
content-disposition
inline; filename="1.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31828
x-request-id
ZR2GYhwVX2ni3SASAgtUl
xuZt7wclQ9G1I_8XYUy2tovbKAW6igcLysz4yGqGcZJQicSKAD0YYrhNf1H7_em5qn7egBlmKlhx1RlztPhiZSiliJnZoQPxK4BBL8yfG3qXmXglcn99w-BaMEdeKGCpWmWNVHBTLkP2KY_yEfLRBzYthLP_eVzKxi78nb3p0N2z2g8mj0TaBBkPuxQCwyz4xygOl...
fsa-api.feebee.tw/maji/v2/view/ Frame 7895
842 B
922 B
Image
General
Full URL
https://fsa-api.feebee.tw/maji/v2/view/xuZt7wclQ9G1I_8XYUy2tovbKAW6igcLysz4yGqGcZJQicSKAD0YYrhNf1H7_em5qn7egBlmKlhx1RlztPhiZSiliJnZoQPxK4BBL8yfG3qXmXglcn99w-BaMEdeKGCpWmWNVHBTLkP2KY_yEfLRBzYthLP_eVzKxi78nb3p0N2z2g8mj0TaBBkPuxQCwyz4xygOlN_EanHhMhWpeHDRVLYg4FZgkJ-X6M122BGDgweYLdu72WFotnA85co8YtZXDdTSt03_HDa95hoNrG9rmN6xlqf8vTZFNk3uUk1ylAKtt6Z7DhpfkNQlPoN38HhGLWW.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:36 GMT
server
nginx
x-robots-tag
noindex
content-length
842
content-type
image/gif
ping
pagead2.googlesyndication.com/pagead/ Frame 55A6
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame EC8A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=2269702217833886&bg=!AwClAE_NAAbDUgby41I7ADQBe5WfOO7xMhDftg_E7BZOhJPn8ROIRhhzEw-m1jhVUX3Fo5iuidmfACNG5yI8trSvZe5fAgAAAX5SAAAABWgBB5kC5-DcadwEEflc18qbkVKF9EqQgaJhrqqk2E3pXQfrOgQZ0iy5D55V9d8s8YQ4BcpOh1fBJY8G6EZUofuvie8Zo5RCKSJcxdC9bwQbRhFh3qJGs3tULzSBmXuaM4NwI1GV16PR_ze1IrzWfVCsPXdSV0fIt0fw4yksSrWySBWChJse9-dThQrLwtttinClUt3fldssXHhcYPjco83P22oLggvA49Hq-qEzaNSwl_7f0in1-j0bcBoF_ASFwua53Lo0KZ2RPsBa-H1WZU41uGeL8TKHv0WlSl4WwvuGzWgpTCCjR2iE6XMZNIpJUPD0zi0yE6shMYBGGLJSZ9ht_i6m3tB7cq0Dx-tQyOLRFr-XbyZ0Id98xA6YFcAfE_m9_mB09R5OJPiQwpIXnhqQFh9lZL_YdchQOsN7ocgst9CVF6Z4qpI1jx-Ny9NOCi9lgjVh6WFhd4w40EYt0UIZ4V3P37wknCm5bcLzwE_mTkCtW488FXXqG98b49FjCYpZY8NH9xZoenLOWviMArjYj3iV8Vm5imZ7WO4Rs6b01nk1QheltpCMVHrbb-Oz1NQWMOVehzvvtzgJ0WVaJr6i016wjb6-Y-BXcWQAK0gTw3_lr9BWuV7I6hi38x-qseYSZA_Cmb4XM8pRVeRtQxAGudF2oC7VcttZv4wTnMkrawBp8GOFilf0R4UDih6C5WCLEbwt648cMcrVy1aNnq79k0IFjww4L9KmQIZS7ndY0sEpLKNgWqQ6L2H-oxm-QB2JtRuckM5dE5DIhQYM6OhG6iQDgHZ5PP3BZcAZahMlIVojMayy1WX4BEfomWs3SHhncTUaXomRjT1CbUrW5OQBLzHkKxUt2YTERGm-0dDNnNNS7fnDZv_rgSiL9AUKxLOq5Q3TkWIxrKJeTSmdMXXdmF_QHQ7mvAa6Mu8F6qGQoWNuBOg3wWrcTo05iXEKy8hNkj1_IvRjo3d3QD-f-s7WCCt0qabOhxvv9smN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 8F8B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=69273534309266&bg=!gYKlgs3NAAbDUgby41I7ADQBe5WfOHrJSR9eNmHomVzMpaF9wU2OyPJefWwszYDj0rFa21Kfgc3igv5Q3VUd9riVhMxoAgAAAbFSAAAABGgBB5kC4hhnCVNFIFWoeR2BVCpqKEtTS56V69KKPvpURNpEZyj4nAfWhjKHXgSuiezdTNqvd7QDfPgw6HG8uDj3X9qmESe8XiyyD0E6i17rOGNHrkHcKQmTrWoWnpbHGT28yhbdLg0gJAMnyMYNILs7Ct9bDCC1xkPrI2g82-Ioh2MXs2ecROl49WZTTw82aBnp4Nij68LgG4JVIvn1gdiN857GTVWcQ7PTqYnDjDHazQofg7Mymy6MQgKgKLL-a8VYmQUcyu4U3Hv6w7c8DLBpwxE5yP0Sv2nrxZYyf3WXQINdZcDtjBvZOtL-ZRembFTFuj0WzW4zzV9ftj9xQqlkjb5AJ0cfMAlxfxjctRVHgeq_dAItGWNEH8CxibeDJZAYf_xq76xXq10y-hC_QltaQEjhRLaumG8isJS6RP93r40iRB3HTSXnUr1XzZik6Bo5LlyIdqnIgn2MMmACpJO1MD8xEeLYUEhyQqZpCtIu3zRHXhWNfSUmlN-LdyDZd88ranbshKoRTtBdBLXQeonEYgGl6RpArLJ1wTlTrSA3QFd0QRUjcM-OPe3uJPnl7L2w9thHaN_hQEGD1vMmqvR1oYDLktTdgG28IdK3PWuhIdIZe8vUgmdZ1XzG_XggWmCsvCAM6L1bOtvEOBBRXaznnabvU3x5jX6XPv9wH4BqeTtKVile68j0CJuSe7RCRop-bOueSzK79bAq2KjZ3mfkJrFrU661MwR2YuCHccON7bXbiTUdWLOt52kTxZVmrYBtawdFklviVGovUkMHZHusis1PX_byIT1eiNuAPICzAQfl_B4p_JaBpLkqV4ApAFGDZXA5On-lTktYOAleAq7dw6nYlUvhOE8pTvUGk7oo7ewu4O0fsFWclM96Swuy9E4Ke2RjH7WI9IuonQvMr-AzaSM42T_AA07CiSQ97teKXQJAaqu9MNTeQ3bpjN5Uh5R44wf5wmr9MvBFJ_NdcSWQIMbBgQGOdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 55A6
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=3723834311499127&bg=!x8SlxIvNAAbDUgby41I7ADQBe5WfONCYXeca5asZGtTHoa_oOYLH1V31ixfSoyXTHGNEW46YQiNcOc3S5p3LdtNoEDrlAgAAAa5SAAAABmgBB5kC4dzU0COkPsEkgtCL-iRGBS6qZRg3rQjzblgSqtg2DVX3gS5MHmr8-6djZff1gZRmeuHYGBrmzz2uM04qv1vp7nRk_KyrqEdF2JCGbWrjCJzwuivlBxQf3u4ltpI-7qQA_d_r0UlyRlAmW1zJptyNL5tEtgp8yJgfP2RB9bGD9D3cmQRfzYJNW-gQWRbbDeZATR2aLCeH4dGeY9hNMdkmsJuVegsqkq6TiI6ZnvGLZJMhYb05uyE6GS6NyjjFfgiBdZSMagHYbj7tZOYHcGJHUqywYKS8C12j1jA9RwHnys_FB9FTPd0MYIaiR9CSVTjuTVm5ytSE4Z9QXdlCoLIimsWqAQQcdAPaTTJ48fgYpjQgD74lkxFttGQGjxwkq3rFz_zEcGbrjMomjXb6M7IX33ezQgiT-BrzMpR6CYinLdXC49e9wYvKtEf8hBdyER-FoQbm_iP0ptzuaE6ZHV8oYD-Y1WM5J9fmgB80rQ1Cbi9DXf910eoN-Wz-oiQ5AAhrUDCkTLBBHm-WmTgF9CU_x_xC_fboSLBHB1bJjYlUi2zle_aGtgE2rjc-UgvofU63RaJCBkQbp3JvKjEktW3VuYjm7QzOD62i2VR4tZq6RRgWQtRFUYbpN3Nu8TF5lE7P67FNDCQaYdyvfvcYyzi6SiCeRJCskHz04f5jThnisAnq_yjeVaKcmOt4rCPoqahytSNmoGgvbOKfunBgRQJ_Q51cuwNQgsAZq4fzzqmk-IXsWmShjm_1fvvT3e8iUFA3bDUpYZVNAYha0WVRlL7bIDwGWmCVawKpSu5rE8E2mN7ueiUBuuX4RLdI16f8bWdsTEYQy4FTi00KcPwvD7f4PSoaEigBhF65bMIAoLSwRnZNbkkK28Il8cmKLMYUOKgrAR9lnTFsAmjCrXksSPXN5rIU8IZqlDjHClZ0k8c14GfMP4k3NEeRJNS8eZP98L-4O0cwxN11eRO7pf8O6LtePBKj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame E142
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310170101&jk=2135833408959858&bg=!UlGlUR7NAAbDUgby41I7ADQBe5WfOMkl9k-h0qENQFFb_W6kdsFFUG-1IXiI-tta41VLxcO0dYM1Cs5JUhc8Qw8VjqlZAgAAAbBSAAAABWgBB5kC2_aF4vakxgQ6NkRyc4TiLTN6S36f6TjsLptgorPpsQSIvlE9z_AWIVGWTrj1372mlZlefvqCyp4an2KX__n9HF-54cL6PaAduHCk5tQO0evJpb7NhYT48MtMcl_O9mUmn4aMYwWRBdZDTCENjuGesGFJLIwY0ps7ve9ZVdVGSx9DE6cTgYaN7LZ1cq1kSDAYgHYIGdLMbtbpxmn7s6LofUgLBv3_-cUqJo2kZSCuiwD-kiXnDD00jA1pRQJswAM2Vthz5VyDU1y25OzP2v-7GM3zF0lwlI2w6DTKohhcrDJxoIodhmtZBFB1bY1EwS5XDMcNu7kSFX_aBE0D1dgtZ0DuvZjREKeX9WM9Rqg2gYWgBcEDRNPUjhnOTlHjwg1a5TtL9ga-Buw2ERTlD0HaCJOrpxFnwS5d2v7q_HJeWhdq_OZp7gq0tyBJCmr5gOie4Ed9s8PzCB_CYM9aVbT3s3GFC92cqGh2qillb_YzDBK3e1VydZTfiBt9YhGzL1nx1PkHrtp4zjKJQ8zkIysNWX86zZful31eEqYGJbg-OawoM7vzpnWDnvElFTuiot-NhlXMMClfDMrMk5zz-Z0tYuYBEI0ZZk9QyXaEOR5Fzg0ex6_XPDXXU7g7nKg4-BAWW9b9Tndy7zYGbCPhaYu5SyNQGVb6DYLF0IpT2acSS-tx3IcC70ZsKLq8_KODkbbPgVh-8hzTCOA7FD_-XbPPE4CVih0ZEQcg4iN-UvsKzF3QTndBnSUtG9QPKVOy32j3nMl2CGZQSYijtXcSpDYiMH3F6VtcgwZ2tQVlYPgbFXDYkDY7TzaMdxpkMajHdHXoEuwm6p0TpnV5dhdogiyQY428O_84zsUU_5nMtB3LSCpc3N29jv2Y_sHaurlHqTfMSTAmQls4deB8TFh-VjAe1OfuGIDK-F_CHbnK6JuKR1bj4RDgw-J2MLbN242ybdNmXAL0ZUMILIq7nmBI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

xuZu3UvDwb_vqBZKaUGkccZbZha6DFoO5hjXc-1PH2bVtS6ZIteObqBVCGAiOuN9pnQ1J8P1bex7ncC2WCvrQiPQzmpTSc3r9ygN4nXlh-JDLqNIq7JWsAihNvjISnxZOI7tVSYLO8QhB00QeJ63hMq_ZQUp9vQZF6VG0GGwlfoVtQICYRNRJIqlCZ0W_yiTkadTz...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 6FBE
842 B
922 B
Image
General
Full URL
https://fsa-api.feebee.tw/maji/v2/beacon/xuZu3UvDwb_vqBZKaUGkccZbZha6DFoO5hjXc-1PH2bVtS6ZIteObqBVCGAiOuN9pnQ1J8P1bex7ncC2WCvrQiPQzmpTSc3r9ygN4nXlh-JDLqNIq7JWsAihNvjISnxZOI7tVSYLO8QhB00QeJ63hMq_ZQUp9vQZF6VG0GGwlfoVtQICYRNRJIqlCZ0W_yiTkadTz_nXq_YFMH7eAt5np6e7PZcpWN2gxJ2GHxjpDOGMbuvBqEuoti7Oa9h0R9YdIbp0qYPaaD8NqaU2g9ieJJhqxDtnnVBGYxIy3p5j5vY5Td0modVlk7JzTfz3KL94jv3Sa1fRebeaLZaSiO1epiVZd_3he3GW-tW7qJy_WRcil_HlGoCptASRd64ryR5Ons8SMoXb7qg3E5nBT6bHsdXF6V7EXvm0O9ws1NihbAhs8a35KUZTsKWoxNSqkiZAmQXW01vr1evaQH4j10-byLrhQ.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:37 GMT
server
nginx
x-robots-tag
noindex
content-length
842
content-type
image/gif
xuZbVtI1LHIoofxCcnZpnBszWQgBga-38M8KeY5t7pihY5rgzzK9FGOc-4GwjsxAD6U5jlIbXkoyXB_Rlx5UZvp8c-Vf8gkus57dW0Gid-o2zSnAUJBWTI43eZ-yLmQaX9EeZpB77kGrjggMEcxDtMno0XpOAAfSqfrabVeaCqekg5VCdYneJjDT7wIkqWNeu_tby...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 6FBE
842 B
922 B
Image
General
Full URL
https://fsa-api.feebee.tw/maji/v2/beacon/xuZbVtI1LHIoofxCcnZpnBszWQgBga-38M8KeY5t7pihY5rgzzK9FGOc-4GwjsxAD6U5jlIbXkoyXB_Rlx5UZvp8c-Vf8gkus57dW0Gid-o2zSnAUJBWTI43eZ-yLmQaX9EeZpB77kGrjggMEcxDtMno0XpOAAfSqfrabVeaCqekg5VCdYneJjDT7wIkqWNeu_tbyT7GOXNbTeBO7HdBsxL_oLno2Ykin9BiK_D4xv-0CsX6fBc4lmGdTKnM0bYiD1HcwKLSJH2C2Z0CcFrrJNnnZUDpNn-vMWdj-gnedtij0K3WVH631JtaxW34Krt706gDJ1j_m4xoUZc7Ya0792YxWZyoar0ymh01SRsk4VLqQ0.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:37 GMT
server
nginx
x-robots-tag
noindex
content-length
842
content-type
image/gif
xuZyMbp7VVnkBqjOJUmJyndLIk9_UufAQD16rATZGs_lo5bf9GrloHwHQGNx6R17OieXzVXj4UMVADQq5P--GyRw55CS4J8jJCaWT8ru4DVbYzCvkSNept771z-Dv8dYkr1wy36TBnYUwcXYtfczx-GjIJEz7EQaYt2BQPpdu-g701XBiGKPNN916Eyv5cjhclsOO...
fsa-api.feebee.tw/maji/v2/beacon/ Frame 6FBE
842 B
922 B
Image
General
Full URL
https://fsa-api.feebee.tw/maji/v2/beacon/xuZyMbp7VVnkBqjOJUmJyndLIk9_UufAQD16rATZGs_lo5bf9GrloHwHQGNx6R17OieXzVXj4UMVADQq5P--GyRw55CS4J8jJCaWT8ru4DVbYzCvkSNept771z-Dv8dYkr1wy36TBnYUwcXYtfczx-GjIJEz7EQaYt2BQPpdu-g701XBiGKPNN916Eyv5cjhclsOOSfo5OKwTieL_2odhVVhrtH5lwVXDcDBnRg9I326VxvXNSufV-__24nZ7ZVP9fZlGf193ZFyDKE4rtnRVATcG8CFe5L4qNU8oVKBy8OU5hQhZE-sFvmnV-2G_5Y8ijal6kdIqLf7ybZqglX1JPpvm3Ra8KKYeccrglVpNrwNf10K8QbUWW967PptvUYG4Jq.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software
nginx /
Resource Hash
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 02:01:37 GMT
server
nginx
x-robots-tag
noindex
content-length
842
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| __cfQR object| __cfBeacon boolean| _rails_loaded object| I18n function| setImmediate function| clearImmediate object| dataLayer object| gon object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| executeRecaptchaForLinkCreate function| executeRecaptchaForLinkCreateAsync function| setInputWithRecaptchaResponseTokenForLinkCreate object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| __framePainter object| regeneratorRuntime object| Velocity boolean| __cfRLUnblockHandlers object| HSHeader string| google_user_agent_client_hint object| google_tag_manager object| recaptcha object| closure_lm_213849 string| GoogleAnalyticsObject function| ga function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _typeof object| SD undefined| div object| urlParams object| device object| GoogleGcLKhOms function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| ucf object| ucfad_async object| google_llp object| request string| paramsString object| googletag object| criteo_syncframe_state

113 Cookies

Domain/Path Name / Value
www.recaptcha.net/recaptcha Name: _GRECAPTCHA
Value: 09AHfSPUdzewRU4sn2MvBpm539Q43XE_e4zYZHTBoFCsFCS6mQjfrT7suuagxlOLLeq1fg2UeT-hS4LNFWxqczCEY
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxCxFg
i6.liadm.com/s Name: _li_ss
Value: CgA
risu.io/ Name: ahoy_visitor
Value: 27c8b22c-69a6-471a-89e0-added72d3ae8
risu.io/ Name: ahoy_visit
Value: 7b03e6f2-f0f1-468b-be8f-3059bbb564a0
risu.io/ Name: _risu_session
Value: 0Sc2Xb8LKBt4wkYadjW0PmLy4UaU%2BjIjEYBrns3xhB4DZ5NFDhB91k1ojauFcrl%2BF%2FkdohJpDxvE1H7qZ3%2BRG762hurZcnZ5xHHfjwmvcHhl4KZPfGoIod%2Be7ipaSTs6gJUi6Z1NXAu3fAX0pg%3D%3D--2GVmKUDGGpml%2FScf--CU8dcjPOES%2FYDTTSElhL4A%3D%3D
.risu.io/ Name: __cf_bm
Value: 0wBNmJSh9fjlqeS5yv2nbluyCyh2OxaSgDf.ujKK6OY-1697853692-0-AUON8FZpX4pu9MZDmnsyYmXpXpLWTGCjcm5QA95vp8k66ovyNiMV0oLnz8Y/S309zt6pY3y86ZQU2crroUlg5Ps=
risu.io/ Name: prefers-color-scheme
Value: light
.risu.io/ Name: cf_clearance
Value: IIfpDb97fmgw8m1CXk0ReQTI0P6yiuLjHllNUBxQcHg-1697853693-0-1-5d005f26.c95e4aa9.7811e988-0.2.1697853693
.risu.io/ Name: _ga_H814P3QJ03
Value: GS1.1.1697853693.1.0.1697853693.0.0.0
.risu.io/ Name: _ga
Value: GA1.2.864304769.1697853694
.risu.io/ Name: _gid
Value: GA1.2.1996665837.1697853694
.risu.io/ Name: _gat_UA-146086888-1
Value: 1
.aralego.com/ Name: sspid
Value: e897d263-9532-3449-983f-39c50ee911ce
.risu.io/ Name: _ga_ZH634PL121
Value: GS1.2.1697853694.1.0.1697853694.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmorqaA0fYTte4WN9IYFF94h91oAsc_wvKjpoEG7SGd2hGJ7tgkB8Tf1bloTc8
.criteo.com/ Name: uid
Value: 66827314-7eff-471f-9cfe-c5b3d37931df
.casalemedia.com/ Name: CMID
Value: ZTMw-iUAZ7PqmC7FUcL5pAAA
.casalemedia.com/ Name: CMPS
Value: 4993
.casalemedia.com/ Name: CMPRO
Value: 4993
.adnxs.com/ Name: uuid2
Value: 7371209076520535808
.risu.io/ Name: __gads
Value: ID=437976384953044a:T=1697853693:RT=1697853693:S=ALNI_MafpGFmBvnD-sDiQg4GvADYk-Pmug
.risu.io/ Name: __gpi
Value: UID=00000c6ad8e11c3c:T=1697853693:RT=1697853693:S=ALNI_MYH2aD_XLMOoxn9yG05xtYbIkmJ0w
.c.appier.net/ Name: _auid
Value: oh8E3rzwAr2Nc5zr_zAzZQ
.aralego.com/ Name: euconsent-v2
Value:
.yahoo.com/ Name: A3
Value: d=AQABBP8wM2UCEOdkCOWzo1iLERDNPopRYWsFEgEBAQGCNGU9ZQAAAAAA_eMAAA&S=AQAAAqhkNeylELt6KdPf7lrXa4M
.adsrvr.org/ Name: TDID
Value: 259f9059-0f1f-4b0f-bf39-092c79f39291
.bidswitch.net/ Name: c
Value: 1697853695
.bidswitch.net/ Name: tuuid_lu
Value: 1697853695
.bidswitch.net/ Name: tuuid
Value: 8a13a4da-08f5-42aa-b118-b5396868fcb7
.risu.io/ Name: cto_bundle
Value: Rtvef19BRWM1Ylk5SVJtWkV1QnBuQ3B2QmxVTThOTHJNOVYxTnhIJTJGWkxVRGdqOUdyTTYlMkIxOWNpZDBWMHpFcDh1cG9sdjBnSCUyRlZmZXJIJTJGZ2FFQTVZJTJGMkk1QzZFY3lybEtRQTVRc3NBMktlRlFmcE5ucWpjT1hPZCUyQnpHTGZUNjAyOEZJM3hLSFBsdGZRT2dhcXJsOTlNTGljcEElM0QlM0Q
.rubiconproject.com/ Name: khaos
Value: LNZE947Y-3-64EO
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCJLb7oX2-Kg8EAUYBSACKAIyCwjYldWsjPmoPBAFOAE.
.quantserve.com/ Name: d
Value: EMcBCwGeKsujAA
.quantserve.com/ Name: mc
Value: 65333100-215cd-45683-6473a
.sharethrough.com/ Name: stx_user_id
Value: df015fd7-8242-4e0e-b6bd-77e98fedfb29
prebid-s2s.media.net/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMTlpFOTQ3WS0zLTY0RU8iLCJleHBpcmVzIjoiMjAyMy0xMS0wNFQwMjowMTozNi4xNzAyMDY0MDlaIn19LCJiZGF5IjoiMjAyMy0xMC0yMVQwMjowMTozNi4xNjk2NzE4MDhaIiwiaG9zdF91aWRzIjp7fX0=
.adnxs.com/ Name: anj
Value: dTM7k!M40]Erk#WF']wIg2In8sFF)@!]taR:yDy6*@:os1=2!:F4PUbA-K@9Z`@R=cGZ(hix._Ti!VhgUV!8vMm3q/E@YG/D$25bT6$PZT5y[xsZdJv4gp)D5>f[DIZ4/bKUd(Je+.<Q!(]0g=eT1s
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxOWkU5NDdZLTMtNjRFTyIsImV4cGlyZXMiOiIyMDI0LTAxLTE5VDAyOjAxOjM2WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTIxVDAyOjAxOjM2WiJ9
.servebom.com/ Name: up_19
Value: LNZE947Y-3-64EO
.tapad.com/ Name: TapAd_TS
Value: 1697853696172
.tapad.com/ Name: TapAd_DID
Value: b7cedcc8-7708-461e-b158-c28bf701deb4
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2ele:19e0~2ele"
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMTlpFOTQ3WS0zLTY0RU8iLCJleHBpcmVzIjoiMjAyMy0xMS0wNFQwMjowMTozNi4xODk3MDk0NzRaIn19fQ==
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: d1a1ccf0-95cf-4370-8fd3-e5c4de811bab
.prebid.a-mo.net/ Name: sd_amuid2
Value: d1a1ccf0-95cf-4370-8fd3-e5c4de811bab
.blismedia.com/ Name: b
Value: 653331001E646C2AFC577E7CBLIS
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.primis.tech/ Name: csuuid
Value: 6533310043631
.linkedin.com/ Name: bcookie
Value: "v=2&538ddd4e-3b2e-436f-8327-3ea0f8263a11"
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2616:u=1:x=1:i=1697853696:t=1697940096:v=2:sig=AQFXxdiMFGK-hFEGVUzu1Grjf_7JVnOB"
.turn.com/ Name: uid
Value: 4245704473223045341
.hb.yahoo.net/ Name: visitor-id
Value: 3408552963878571000V10
.hb.yahoo.net/ Name: data-mag
Value: LNZE947Y-3-64EO~~63
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTMxAAAZU7r25QA_
.adform.net/ Name: C
Value: 1
.rlcdn.com/ Name: rlas3
Value: G4LCDrpOAwtd+mGajGYGc+pwbGpQSZpL5xSqi2fbofk=
.rlcdn.com/ Name: pxrc
Value: CIDizKkGEgYIkLwrEAA=
.adform.net/ Name: uid
Value: 7805708194966705746
.undertone.com/ Name: UID_EXT_47
Value: LNZE947Y-3-64EO
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004%22%2C%22nxtrdr%22%3Afalse%7D
.dotomi.com/ Name: DotomiTest
Value: 6dc69a0837de1faa
.bidr.io/ Name: bito
Value: AAKkh07KZmIAABfcynUzWQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.kargo.com/ Name: ktcid
Value: 7df56a5f-21b7-0329-53d7-65c027a87b4b
.yieldmo.com/ Name: yieldmo_id
Value: 3erR8rrWWOrnAmrSyKDR%7C1697846400000%7C0
.ads.yieldmo.com/ Name: ptrrc
Value: LNZE947Y-3-64EO
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: Ke0QtZRxsI
.simpli.fi/ Name: suid
Value: F67A3D2D455748F78CD63CEA6BA518B4
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ead259be-33f7-4f6b-b2d7-88eab6213477-004%22%7D
.sitescout.com/ Name: ssi
Value: 9e349af4-4719-4855-9f11-efe6b51de621#1697853696519
.dotomi.com/ Name: DotomiUser
Value: 720907273451537536$3$11186554$$1
.tribalfusion.com/ Name: ANON_ID
Value: ainsmAt3er66AxvPBQpBmRVaq02CYZcW88EZcpTYCaMMp9XqwMyywN1w5S3ttrD4Trf9XSuE1kDZchf
.adfarm1.adition.com/ Name: UserID1
Value: 7292226097720653981
.acuityplatform.com/ Name: auid
Value: 842895733344
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAMvqNdXNlck1hdGNoaW5nSWTEkWxhc3REcm9wVGltZU1pbGxpcyUBRVN+dlGMmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUVTfnZRjI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.csync.loopme.me/ Name: viewer_token
Value: 36cd7b4d-dd54-4191-acfa-476ff93f23e6
.lijit.com/ Name: ljt_reader
Value: HhUZEQZHVctt9ps9TL6tRzcW
.mxptint.net/ Name: mxpim
Value: R4E32F_10AE02F5E_5A97029A.1.000000000000000000000000000000000000000000000000000000000000000000000000000000000000000065333100
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 104:LNZE947Y-3-64EO
.omnitagjs.com/ Name: ayl_visitor
Value: 6c3de21d5c6687dafb346d3d9c51efe2
.smartadserver.com/ Name: pid
Value: 138904388235532570
.sitescout.com/ Name: _ssuma
Value: eyIxNSI6MTY5Nzg1MzY5NjY4MH0
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3-6n-T9eQgCXyr5dXY4nQm2IENwPERvCIzEroPLnxuonY8sJWr219F9OpQC4TM1
.intentiq.com/ Name: intentIQCDate
Value: 1697853696724
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUdEhaNTl5
.intentiq.com/ Name: IQPData
Value: 1744738785#1697853696721#0#1697853696721
.aniview.com/ Name: 1_C_5
Value: LNZE947Y-3-64EO
sync.aniview.com/ Name: 1_C_5
Value: LNZE947Y-3-64EO
.smadex.com/ Name: smxtrack
Value: abb38773-ed31-454c-b417-839b6b67fb15
.smadex.com/ Name: smxrbc
Value: 1
.lijit.com/ Name: _ljtrtb_80
Value: LNZE947Y-3-64EO
.serverbid.com/ Name: CONSUMABLEID
Value: 44ff8129e6ec46f3bf8129e6ec56f306
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ipredictive.com/ Name: cu
Value: eccf4b02-882f-4f1d-a54f-78d5516a935d|1697853696934
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-589daeb3-8ac2-5a4a-7baa-937e84308e9b.mcX0XPi1Rw3dKKVTnB2TmAowOgbZ1S8LqgcOfKGosww
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-589daeb3-8ac2-5a4a-7baa-937e84308e9b.mcX0XPi1Rw3dKKVTnB2TmAowOgbZ1S8LqgcOfKGosww
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AWJ2us4rCWkp7qpN-hDCOm2f-meE.DG16IfqOo4emjU4bI%2FOfoVBjIOujSdHb76eo%2FTwRe8M
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AWJ2us4rCWkp7qpN-hDCOm2f-meE.DG16IfqOo4emjU4bI%2FOfoVBjIOujSdHb76eo%2FTwRe8M
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJooUgRe3CFRjy9cd_gRuzhE2_9ylGSDFWRTfXD8TLjZEHwYBCCA4sypBjABOgTLdGrUQgRvrDJ_.6jFw42S2H2k6jli7qcYNMOmrXVyCJfSL8JSnA4RTTDA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIJooUgRe3CFRjy9cd_gRuzhE2_9ylGSDFWRTfXD8TLjZEHwYBCCA4sypBjABOgTLdGrUQgRvrDJ_.6jFw42S2H2k6jli7qcYNMOmrXVyCJfSL8JSnA4RTTDA
.zemanta.com/ Name: zuid
Value: HCnQ6pLUZnSnc9DaRZmo
.33across.com/ Name: 33x_ps
Value: u%3D212315679970897%3As1%3D1697853696951%3Ats%3D1697853696951
.adsby.bidtheatre.com/ Name: __kuid
Value: 1f5962dc-f1f1-4156-918f-ea42a5d67e80.467067697
.contextweb.com/ Name: V
Value: k4Ua8fF5e3qA
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d8eed969f9f73fba
.liadm.com/ Name: lidid
Value: e58335ca-db33-4358-87fb-a933acc0de24
.amazon-adsystem.com/ Name: ad-id
Value: A55i8EN9A0sjkD9MX2RP3zU
.rubiconproject.com/ Name: audit
Value: 1|wZY3PEceV7bp4wEXQlMcaTJU3RnXR7mhSrw2+y1Kejx80O40QVPQDcerX4C+g03aFkt47l6re8MiZ07GJqnMnujPGTiJ9gcm/Vtt7hKIOSQ=

2 Console Messages

Source Level URL
Text
network error URL: https://capi.connatix.com/us/pixel?puid=LNZE947Y-3-64EO&pId=11&gdpr=&gdpr_consent=&us_privacy=
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20231017/r20110914/zrt_lookup.html?hello=world&fsb=1#RS-1-&adk=1812271803&client=ca-pub-9208708170783140&fa=3&ifi=7&uci=a!7&btvi=6&xpc=lZtSOuZO2p&p=https%3A//risu.io
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2baa1f706c3b659225e2755858a40724.safeframe.googlesyndication.com
42288b8fa538cea18b23ef3066c419ff.safeframe.googlesyndication.com
4cbb8452ef827087d81924830a391e50.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
ads.aralego.com
ads.yieldmo.com
agent.aralego.com
analytics.google.com
assets.risu.io
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
capi.connatix.com
cdn.aralego.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms.quantserve.com
crb.kargo.com
cs.minutemedia-prebid.com
cs.yellowblue.io
csync.loopme.me
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.serverbid.com
e330217ec61857017b5eac8d29abd0f4.safeframe.googlesyndication.com
eus.rubiconproject.com
events-ssc.33across.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
fsa-api.feebee.com.tw
fsa-api.feebee.tw
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.rlcdn.com
img.feebee.tw
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.sync.ad.cpe.dotomi.com
mug.criteo.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.servebom.com
pixel.tapad.com
pmp-beacon.apx.appier.net
pr-bh.ybp.yahoo.com
prebid-s2s.media.net
prebid.a-mo.net
px.ads.linkedin.com
rbp.mxptint.net
risu.io
rtb-csync.smartadserver.com
rubicon-match.dotomi.com
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2s.t13.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl.sitemaji.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.aralego.com
sync.intentiq.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync1.intentiq.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
usr.undertone.com
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
103.254.153.160
103.43.90.53
104.18.26.193
13.224.250.81
13.228.126.19
13.251.79.216
13.33.33.90
130.211.28.216
131.153.206.102
139.162.38.30
142.251.12.156
15.197.193.217
151.101.130.49
154.59.122.79
159.89.246.130
169.197.150.7
172.64.146.152
18.139.177.100
182.161.73.136
182.161.73.146
184.28.235.160
184.51.97.92
185.84.60.20
192.132.33.69
2001:4860:4802:34::181
2001:df2:a300:bbbb::135
204.2.56.70
209.191.163.210
23.106.127.164
23.106.127.53
23.108.98.2
23.39.5.30
2404:6800:4003:c00::61
2404:6800:4003:c01::5e
2404:6800:4003:c01::95
2404:6800:4003:c02::5e
2404:6800:4003:c02::6a
2404:6800:4003:c03::9d
2404:6800:4003:c04::5f
2404:6800:4003:c04::9d
2404:6800:4003:c05::84
2404:6800:4003:c0f::84
2404:6800:4003:c0f::9d
2404:6800:4003:c11::5e
2404:6800:4003:c1a::5e
2404:6800:4003:c1a::9a
2404:6800:4003:c1c::8a
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::9
2406:da18:929:5a01:259e:d14c:cabb:3cf7
2600:1f18:ed:550e:dc41:f108:a8d8:7b16
2600:9000:200a:1a00:1a:5235:f980:93a1
2600:9000:20c7:ba00:b:b084:ebc0:93a1
2606:4700:20::ac43:47fe
2606:4700:3108::ac42:2902
2606:4700:3108::ac42:2afe
2606:4700::6810:3965
2606:4700::6811:180e
2606:4700::6812:19ad
2620:116:800e:21:46d:7e81:55ff:4c12
2620:1ec:21::14
2a02:fa8:c411:12::1080
2a02:fa8:c411:12::1140
3.75.11.145
34.107.140.113
34.107.148.139
34.111.113.62
34.111.79.67
34.117.239.71
34.149.50.64
34.192.58.244
34.254.46.142
34.36.145.36
34.96.105.8
34.98.102.251
35.186.215.140
35.190.36.98
35.190.60.146
35.213.12.39
35.214.255.49
35.247.47.28
52.24.170.180
52.46.155.104
52.54.122.44
52.74.118.249
52.74.188.84
52.84.251.87
52.95.126.138
54.164.154.71
54.65.219.118
54.77.100.160
60.199.208.47
64.202.112.127
64.227.64.62
66.225.223.159
67.202.105.21
69.173.158.64
74.118.186.107
74.214.196.131
85.114.159.118
96.46.186.182
98.98.134.243
000de837fd9a33eba9168a7d17cbca621c16a0ab75b692f59eb5187c8aefc33d
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
004d70eed3012369a0440923a365c5d6268e18bcdc03ef76318c1cf63c499ebc
00e0b7b664cde5b63d6510b5e158c121e55d20d5a71742cc1414d08a2914f7fd
02c331e3506125a89bec7f4f4dd7234e908b530ced5c821bdffad93bd71626d4
032664faed4c3ce63eb0c5a235263a71049f0418cd85734e09bd444de9437511
03739e1be59a229a2d4757b24ae276579c23005cf94969fca0f93aa6f0959765
0513087a3deee62183bf24ef54e8e582a1448811011b909cc42b53cb0eb59c82
07e9db6cdf30b344f481bb94e145da7b5ab132884f042ab461164e1e7d37f392
08b27da820b4aa1d3ebc3e2d13f70b9dc6d88416bb985ed3b82d0c26481b78a1
09abe1312acc6af1457a28facc4165d73cee896a6f5fa093dfd440b8bade0535
09f20106f914b462dbf2b0d906733416b2e12dc225dfbfcc671a3ca32780af90
0a6b2c0c8600008a977d58b681b44ea77e448441173da9dc2e9e3a904acd2594
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
1100e86c34e21a505c8890bbc7f7bc48190ad3ca749298a2209efd42b2248832
1228580c12536ff98a37ab3382a0e2cfb0c55fc903110ca3964c81d64ff4e591
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129201c81befd51415186f1f919ed0ccf1af0c9cb94070c06047eccf6d9772bc
13f498b70b68125c1b4d866861cc2e7d3cc8edb70bc4bde1e96f46d558861912
15d5ad6d1ec95a2031b81f073e54f15e1634ed290ff9f10867bd9a44fe60a1e8
170894fb3570608f2b8d9be436f07a769484b97c67bbc8fe2ebfbf9fb031dbc1
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d3794694883bad4b0d72ca526f762eab786eeaa3d7948febaf4a531c2ca046a
1dd42b9a451f55c2f58373fbdf4e33d18b694f66463a13283a1731e5ca2592ed
1e6cd2460cf7235efab7528a9b219b563ab631ea60f174b718c76b2b5ca90c13
1fe061f405c44fa5a1e8599ff26a2a6249452afa94075cc4932be97dbd0217da
23bc87a9ac79464b095e66f8e221ff5808c7321fe72b8a8dc0f27cdf1ddddc90
24f42563df20177865a3f861cf7e3fc5b4ac7119d4ead4c580be76c6ebec15df
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
281305d6144ba4b8a64ada6df0f17bbeb76aa07341d7fb4bc402e016b3c45389
2a1dfa7197c41931248974751713784646551a164a817cbea194570dbe185ed3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f4af0a679f4cc41a57a54371c1032f9e353a3cbcb47494c174b6b948609cc0c
2f89874f4560f47cae07e0598799ad9d39a8e432c4682cbb9fe6deb3799f5f7d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
31dd5638142472d8cd8c40a34039f053bca95e812d814a0bca751e5a1d18c3a0
31ec142211e7b706592b302b831d4381a10394af784fe43dedf14eddba1e27b6
32e1cbca6d05d80f43b06dbf7ae51088cedc201953dda0fcc38880138b1adc7e
330b43041f384f57b38ffec3b28a40bd8a9ecd5f597767d526903165bfca2bc5
355081070e11424d188d81fa89bf9cdec380a94e25ca5536d88dc66f9e890591
35d16f915b6dc9c6a619f60e6bb768c5226e12242caa7ce24e7946b6c0a57a39
35d9b636ba532af5277a6bae3b3c457009e5bfe5ea7c78458b904480f3ce15a1
3747e8568fc397d979e46ab089b66ed2e947559aaa48ea94216d91fd3840b164
381b541a94988f35ef5f1e763c89a4250e7c4100fe28860b2cdde9a1220ff346
38a790c421bed27aa59fed4c318cf84413fb3807e7c1333ef35fe421cff3bde1
38c38b5f6e84c218e5f16a7b8a11b1637821196b3e7292f0826c8b7cdf4e4541
3a9a503be5da2a11c69543180fdec6b33524bdb88fc4cfe363d3525a557a71ff
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bc3d8a513819c72daa05b4075726cfa15ebea4dd3e79e5a3249a903ff3b5534
3cc056f3accbdc5bd8528fa6e1ab56a67ad07ab2bbf478758eb945e9891c045b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e9ba1bfc7ef233c083781b83c6f0aad52addba5176a6a32a49dfb04ff2ebc2f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
436521dac509c0b5bda1ed7e59676f299a3084610b49ac7817a9f09fe38a3bf5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
47c505563b6440f55167ae7d443a3fe3e12fb73c512334cfcbd4f2cf680b05e9
48d2c1833c477188a8ca61dca8e06bb2ebcef4b9eb43812bfeb0fa696e67ab64
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6759bb88bb9a0c9713c44ed40ccf17a6c5da053947ad30664c7a98445a34ba
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
519a48a521780b05d69e26761599418cbad561a25526f63c60e78cba57be20df
5237a9e17be2f529af7fa2d495567588b2a011afdaba04f651d19e96a25d4de1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59c093aa066e566d324049b17487eda5f96d57cc9c7964cae72f1a418ebadbd7
5a15455fe3da947cc5c9c9da9c919defd4d709b3735ac080aca4eae399b35387
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cd77128058d857c5d32cb075673cc82741d018b1af448fc75ec6106ee5619aa
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60aa1a8470844820eeb8eed7494baf4bd4862ae79467ec32a068e7b3deee4bb7
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64274572fa9096a4bcaa338651bdaac5f7bf33c99abba0f1409f5a5223dd580a
6458c281d330479b7224a393414973157d40c4a7e5bc82c9ca85562f506bd573
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b7fa434f92a8b80aab02d9bf1a12e49ffcae424e4013a1c4f68b67e3d2bbcd0
6d8173ca9f2919e73dc0b81c1a8a710eb2fb4737abfaa1b6448590894a2823eb
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
71eeff32cdeadeee22e5599db046b66b7cd833e8a8b8620c7e35a78c8ef77d55
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7736b7f1936ef9d23be1c9cca32b66e57128a754b265ddfb04f1de0bac190fa5
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78e8974431d79f1ff1840987f98c6ffbd4abde64f4ae4bc792c53fb3406ac8e5
798a1d4922e76229f35c8efffe568f03942a91ddcf9fbe3bda9672fcf12d5ccc
7b7de8677684f79a40bfb8c6477661fdd0fadc25733a6108dec92289ab40dd04
7d187a3167ec33f6326d35088c596ee7cfc005641f6062fd4228793e009d3884
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
7db404029f7b8f430deb9c927bb912a00cf55f5966bec628c6aa480a09db91c0
7e0d63bcbdb87183ac2bc571520947e5d249291fc9f94ab328bd238d536f3540
7f08aa2eab290c5df887484765552d56aed19a3abb6236d943b5972d26cf0002
7f1999dd213ea15813d6e27249169c4d54cfec7150e81ed1e1aad85d7b20202f
80b72586f2a6ed708f4aa641d32b369cf9a9fcff56c7969ce8f41bb9c0ff2067
8335d9c0cf583c0d134baf6d52ba7ee88f0726c812c5a297de05e80360b2a9fc
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8916fc0ac1156325552ab72774b66ad02f314ef0c4787e3e3039ce07376fb4f4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa0812551336766489da57267dcc7af59834267dcb485c9d212e86a9ae6bb6c
8db3f39ef051d100d6fa7163f0f733a74b9886c0670ce5e6fff967962e83634b
8e53ca6776c4413027a35650530e0f25b85681de85281497158c3f594a78c914
8e5ff228884766879dfbb7a4628438a3334725b3acfeed5ec1daf5dbe99a630c
90c07e25867389313ba358ca45fab47b6ecc8ee9cfc5ff3942acef691663a182
91d47751cf8b721f97b94e8125945bb960dad1a249f62b7cc3337182f70e9773
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd966573c2efd0cb76132c77fdc44a2150220a09986decd5eb6c763639964d2
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e348f078938e862058a1be8b04438c01a68ff47f7803df3df9170566eaf90d3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a59a671546c79a789b9c2c21d08137d4c7732db7465aabb5c1a1a0b3c8ce447c
a8ca0716dd8548255b781bcb963e91a4b292908c34287f79d5e2f9244e668088
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
aebd6386092dde1e740c0ca18942f653069630c00b96bd68029709fc1713f07b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5d08c8204a9b8d22759df816442439fd1ff2565736c4a9c13d7a94cc7248b62
b6a9f28caefcd86c3cc75c4d84eb67b61d3a4a906bd74054b28d5925aa60fed3
b7a97088e4b1c088b15b5446a313257c0f8c07a2e91bc24c7b727c29bf72cf2c
b8fbe2d6dca2bff23a1ae2775ec4c1da4108c5d626f3af13d7e2f93c7c865d1b
bfca3f52a3b3b7a5a8e7d157c142529fd75e422eac12a094fb0f69b822fed4fe
c15a8279596f545086da560f1123f86ad18f91c92717c84f33d83e3fd5390b9f
c1c6c285adfe14696401d46eeec2d2020d347373b2713314e271c240ca5df9b0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c44308b793cabed584d1ed5a4ea2ee882a5b5def546a06600af73a39437e5510
c4994aea8579278246c345ac0a6ab10b1f0a89c4fb0298ea760d8605686f8837
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c904e3340cf21aeff72cbe67b6fac82ef9924f7550da06fd18cf78e109dd8d31
c9778d02beb5a75f967a8cbe1736ea751766404a40d4f83737926dcc308c1a50
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cda5c4251c1709a4f70c33224a3005fe04fa638716963e6366b509ab9a29ce2d
d0adf73ab74194b42cf6b9f0c6f19712e6eb181e12bd098f62e121bf3f8acb98
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d29e7e192c2ac13b2c9629253b79c0c2874b9ed1e7a6c37c9e7113355f4c7047
d87a2a49244d14c429cf1b5dd040c82ff548f26e23ec89bb4cd77ff53c73571a
de22606e02e9e23e618984cbc85fd8135a9a68ad7f194655b562b69caf27bb16
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e18b322349b1c2a076fde80e1a84dfffadc5ee22715263c07ad75ca5ec83b1f3
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6
e35dc7252ac9e8e0308dae9b8ffea8e34fd803d8e4cd4ed8d74b39bdd77238e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70012cb92f3c0c561629d46cdae6991059361c001320fe38a5aaf396eb2be84
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9b625567e20660f1d04118890281e9d198ac3c67742a9a4788bb01fedda2565
fa8bf3bfab9a431aa56eacbc72e4519f81d93a1c1c1da11da433db1c8d26a868
fb7fe34ea426d890311ff1535e2490fee959cbbaf34278f1e1895fbe24a6309e
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fced446e91e09f757b3e5305b360eceddb8cb61f07ac4853be39691c57bbc1cb
ff46ce5aa750aa5a04045a1a615d435e7da0081f43495629c3a03a640225635f