urlscan.io logo urlscan.io
SecurityTrails logo

riftv.net Open in urlscan Pro
172.67.135.157  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://delegation-sante.com/r.php?v=dD1jJmQ9MTUwNjgmbD03Mjc5JmM9NDQ2NTA3
Effective URL: https://riftv.net/16919.html
Submission: On September 21 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 8 countries across 25 domains to perform 195 HTTP transactions. The main IP is 172.67.135.157, located in United States and belongs to CLOUDFLARENET, US. The main domain is riftv.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 2nd 2021. Valid for: a year.
This is the only time riftv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.161.131.47 16276 (OVH)
1 1 104.21.30.38 13335 (CLOUDFLAR...)
28 172.67.135.157 13335 (CLOUDFLAR...)
10 192.0.77.37 2635 (AUTOMATTIC)
4 142.250.186.138 15169 (GOOGLE)
1 104.16.95.65 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 104.18.226.52 13335 (CLOUDFLAR...)
36 142.250.185.130 15169 (GOOGLE)
2 216.58.212.136 15169 (GOOGLE)
4 142.250.186.67 15169 (GOOGLE)
6 29 142.250.185.66 15169 (GOOGLE)
3 142.250.184.238 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
3 172.217.16.130 15169 (GOOGLE)
3 142.250.74.194 15169 (GOOGLE)
1 74.125.71.154 15169 (GOOGLE)
2 216.58.212.132 15169 (GOOGLE)
19 142.250.185.161 15169 (GOOGLE)
4 142.250.186.74 15169 (GOOGLE)
6 142.250.179.227 15169 (GOOGLE)
2 74.125.133.157 15169 (GOOGLE)
1 95.217.105.225 24940 (HETZNER-AS)
5 142.250.181.226 15169 (GOOGLE)
2 216.58.212.134 15169 (GOOGLE)
4 9 2.18.234.21 16625 (AKAMAI-AS)
3 3 185.33.221.14 29990 (ASN-APPNEX)
1 68.232.34.237 15133 (EDGECAST)
14 142.250.185.142 15169 (GOOGLE)
3 65.21.233.17 24940 (HETZNER-AS)
3 142.250.185.194 15169 (GOOGLE)
1 1 142.250.185.110 15169 (GOOGLE)
5 7 74.125.153.200 15169 (GOOGLE)
1 91.228.74.133 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
2 2 35.186.253.211 15169 (GOOGLE)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 52.68.53.67 16509 (AMAZON-02)
195 32
1    51.161.131.47 (Australia)

ASN16276 (OVH, FR)
PTR: vps-cb20002d.vps.ovh.ca
delegation-sante.com
1    104.21.30.38 (None, )

ASN13335 (CLOUDFLARENET, US)
itsssl.com
28    172.67.135.157 (United States)

ASN13335 (CLOUDFLARENET, US)
riftv.net
10    192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
4    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
1    104.16.95.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    104.18.226.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
36    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
2    216.58.212.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f8.1e100.net
www.googletagmanager.com
4    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
29    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
3    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
partner.googleadservices.com
3    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
adservice.google.com
3    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
www.googletagservices.com
1    74.125.71.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f154.1e100.net
stats.g.doubleclick.net
2    216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net
www.google.com
19    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
tpc.googlesyndication.com
4    142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net
imasdk.googleapis.com
6    142.250.179.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f3.1e100.net
csi.gstatic.com
2    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
bid.g.doubleclick.net
1    95.217.105.225 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.105.217.95.clients.your-server.de
ads.revjet.com
5    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads4.g.doubleclick.net
2    216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net
s0.2mdn.net
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    68.232.34.237 (United States)

ASN15133 (EDGECAST, US)
cdn2.revjet.com
14    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
fundingchoicesmessages.google.com
3    65.21.233.17 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.17.233.21.65.clients.your-server.de
pix.revjet.com
3    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
ade.googlesyndication.com
1    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
gcdn.2mdn.net
7    74.125.153.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s58-in-f8.1e100.net
r3---sn-4g5edn6r.c.2mdn.net
1    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.68.53.67 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-53-67.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
Apex Domain
Subdomains		 Transfer
58 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
589 KB
37 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
139 KB
28 riftv.net
riftv.net
235 KB
19 google.com
adservice.google.com
www.google.com
fundingchoicesmessages.google.com
118 KB
12 wp.com
c0.wp.com
stats.wp.com
pixel.wp.com
75 KB
10 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r3---sn-4g5edn6r.c.2mdn.net
85 KB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
74 KB
9 casalemedia.com
dsum-sec.casalemedia.com
5 KB
8 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
257 KB
5 revjet.com
ads.revjet.com
cdn2.revjet.com
pix.revjet.com
7 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 googletagservices.com
www.googletagservices.com
105 KB
3 google-analytics.com
www.google-analytics.com
20 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 openx.net
rtb.openx.net
761 B
2 rlcdn.com
id.rlcdn.com
886 B
2 googletagmanager.com
www.googletagmanager.com
90 KB
2 onesignal.com
cdn.onesignal.com
71 KB
1 adingo.jp
cc.adingo.jp
44 B
1 rubiconproject.com
pixel.rubiconproject.com
460 B
1 quantserve.com
cms.quantserve.com
463 B
1 googleadservices.com
partner.googleadservices.com
655 B
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 itsssl.com
itsssl.com
758 B
1 delegation-sante.com
delegation-sante.com
347 B
195 25
Domain Requested by
36 pagead2.googlesyndication.com riftv.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
28 riftv.net riftv.net
static.cloudflareinsights.com
19 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
riftv.net
imasdk.googleapis.com
15 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
14 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
10 c0.wp.com riftv.net
9 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
7 r3---sn-4g5edn6r.c.2mdn.net 5 redirects
6 csi.gstatic.com imasdk.googleapis.com
5 googleads4.g.doubleclick.net riftv.net
4 imasdk.googleapis.com googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com riftv.net
googleads.g.doubleclick.net
3 ade.googlesyndication.com
3 pix.revjet.com
3 ib.adnxs.com 3 redirects
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 id.rlcdn.com 2 redirects
2 s0.2mdn.net googleads.g.doubleclick.net
riftv.net
2 bid.g.doubleclick.net imasdk.googleapis.com
2 www.google.com tpc.googlesyndication.com
2 www.googletagmanager.com riftv.net
www.googletagmanager.com
2 cdn.onesignal.com riftv.net
cdn.onesignal.com
1 cc.adingo.jp googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 cdn2.revjet.com
1 ads.revjet.com imasdk.googleapis.com
1 pixel.wp.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.wp.com riftv.net
1 static.cloudflareinsights.com riftv.net
1 itsssl.com 1 redirects
1 delegation-sante.com 1 redirects
195 41

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-02 -
2022-09-01		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.revjet.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-12 -
2022-04-10		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
s4.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-05-06 -
2022-06-08		 2 years crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-08-17 -
2021-10-26		 2 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh

This page contains 21 frames:

Primary Page: https://riftv.net/16919.html
Frame ID: 616B63E0FC8BA6FF8D7EDB867F4D6136
Requests: 84 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html
Frame ID: A551E232C55B43AC1862B538C2363B45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Frame ID: BFEB2B516A8F021F5DC8A7B7B6943952
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=522&slotname=4595207511&adk=3709760374&adf=2830473785&pi=t.ma~as.4595207511&w=1045&cr_col=4&cr_row=2&fwrn=2&lmt=1632186353&rafmt=9&psa=0&format=1045x522&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352940&bpp=2&bdt=317&idt=196&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=278&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rS4tPD2BPt&p=https%3A//riftv.net&dtd=200
Frame ID: C855B47A43E9FECE7F896758DEF86E6C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=2908623078&adk=1153787187&adf=823027770&pi=t.ma~as.2908623078&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352942&bpp=1&bdt=318&idt=205&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zGTPUWsyxJ&p=https%3A//riftv.net&dtd=209
Frame ID: 4185DC4C55641AEF41031091267DDA0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
Frame ID: E0E8E710A7F63004BB7E39C7AB2A64CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Frame ID: BA5F617045706F9E9A2E4569CC9D1C98
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1632186353&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Friftv.net%2F16919.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352967&bpp=2&bdt=344&idt=293&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ba138d63e17d46-22003e313bc90067%3AT%3D1632186353%3ART%3D1632186353%3AS%3DALNI_Ma5cdB-3YLQ5jrvtPQ62bmi4XdwnQ&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080%2C120x1080&nras=1&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=301
Frame ID: 2886483153C03DA80ED680C8476254C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DCC8882AFB806EAF89945EF5E83FC188
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E8A3AB36AA96E0A76A8959F4C7414495
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNXsFBNxq5f8gz6UGUc8S3sbU7UyrawCr-9d4j8gVIoiMxqkDKQuUcGl8va90wN5ZfEABBbhd2jPkyCX5sQ7D7r0-z-rUg
Frame ID: A6D3D9B5549EA0FD1907DF616CBB4DCA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js
Frame ID: B7DCAC600D4B81AAE9AA999B0280B2F0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNW0GziiROztZVCo431y0KzCHFZPdFLUHTZh-ZzAi4frgEmNmjOS0skc0qyWGxcFcTaXflmZ9zGp9c_-1V_F8QS3FuA_cw
Frame ID: E97468A6F0A04FD17C74FF6AC78489E6
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/9811832887585832660
Frame ID: 4B8812AC33EAFD898103E4A7CFA18929
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CD01D4A6019E74147B1A65E2F5B4C8A8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F65446F2D1049CBB30BA962D154C23AE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A150DA966032701564CCA26D4E24D676
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Frame ID: B0040C86C92FCBB43B57FCCC3C4311B5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js
Frame ID: A4CC9B83165155A02D4BBBC3C000C4F1
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B13569F62E524DC949A7801EB0B7333D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 38E0C63B0BC63B71B10C54E71A688916
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found – RIFTV

Page URL History Show full URLs

  1. http://delegation-sante.com/r.php?v=dD1jJmQ9MTUwNjgmbD03Mjc5JmM9NDQ2NTA3 HTTP 302
    https://itsssl.com/nuOg5?sub1=1&sub2=15068&sub3=40&sub4=7279&sub5=446507 HTTP 301
    https://riftv.net/16919.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • right\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

195
Requests

99 %
HTTPS

0 %
IPv6

25
Domains

41
Subdomains

32
IPs

8
Countries

1865 kB
Transfer

8665 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://delegation-sante.com/r.php?v=dD1jJmQ9MTUwNjgmbD03Mjc5JmM9NDQ2NTA3 HTTP 302
    https://itsssl.com/nuOg5?sub1=1&sub2=15068&sub3=40&sub4=7279&sub5=446507 HTTP 301
    https://riftv.net/16919.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Request Chain 113
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUkv8be21Xa9bWAa5SNoRwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Request Chain 115
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUkv8be21Xa9bWAa5SNoRwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Request Chain 124
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
Request Chain 135
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBDiz-kCGIew7qIBIAEwAQ&v=APEucNW9pDnv3veSg0HEWXMgflY8pZu-KTGZkourfxeUvqfGW-FgGxWpWX1v6RPXDE9CydE6-sRMjNtogw97wNiDsQIWnlScKw HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUkv8be21Xa9bWAa5SNoRwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Request Chain 164
  • https://gcdn.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1E2367EB98323D1C23715BE3EDE57CA42E221B10.3B1F49BFA0977D52DCCC03DCD8AF338BAEFAF247/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/141B0BE8DF79E0C7F48A4E93F9221C548F31DBAB.1880878F0A3FCC5F1CD34AEE57235404D0CD8D9C/key/cms1/cms_redirect/yes/mh/La/mip/216.131.114.235/mm/42/mn/sn-4g5edn6r/ms/onc/mt/1632186032/mv/m/mvi/3/pl/24/file/file.mp4 HTTP 302
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/16CB012846D88CFF5D776D974ACB8182EB839498.3F61DA5CCCF85BF191E18CAC79480D10C1DA839B/key/cms1/mh/La/pl/24/redirect_counter/1/rm/sn-4g5ekz7s/req_id/a935962db124a3ee/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186283/mv/m/mvi/3?file=file.mp4 HTTP 302
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0AAA2546EF9685A646A586B1423B39CED461014C.3D25188E8839B63552653625ED0057F88C90EAE4/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/2/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186041/mv/m/mvi/3?file=file.mp4 HTTP 302
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/77B45911D92FD41FCB2E834622FB4737D6388E56.6537B104DAD077C97033135C469B0CDEFE7C5A0D/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/3/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186041/mv/m/mvi/3?file=file.mp4 HTTP 302
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/12F147B66AF305B9027004D848E04D727F7C4FC2.161ABDF267FB31367EE6F9522130122F58E880CB/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/4/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186041/mv/m/mvi/3?file=file.mp4 HTTP 302
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6662EDB33D64A1DDA0FA05DC05AF94E9D6D5E1EF.62D74EC2EFEAC5E16C18583E075EBD0C88702667/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/5/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186283/mv/m/mvi/3?file=file.mp4
Request Chain 167
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPK2afoRfSvLQC8XFqDEWUrSpLVzUKvIAHV_uYUkZIKDEvpQz0Ll3uGl5jhye8rj4SF5Q9it9msJOqyV3crbVUpK-iPE1eI&google_gid=CAESEFCQlcbqavG-WyPBZHCT8jE&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPPfpIoGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLMmFmb1JmU3ZMUUM4WEZxREVXVXJTcExWelVLdklBSFZfdVlVa1pJS0RFdnBRejBMbDN1R2w1amh5ZThyajRTRjVROWl0OW1zSk9xeVYzY3JiVlVwSy1pUEUxZUk HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTVVEdmNvRUtiVi0yZzJrSDZWT05HblY2NzBNNlBUVkx2UjlFMTEzektEOA==&google_push
Request Chain 168
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDJVbqEVrO6MrRtrD_QAVNw&google_cver=1&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDJVbqEVrO6MrRtrD_QAVNw&google_cver=1&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ&google_hm=uiDQJZ9ezm8pgC3LCD0BJg==
Request Chain 169
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKcXwtX9gHevzLD2DJ7vdak&google_cver=1&google_push=AYg5qPKU3rp1Hq3C4PcE1-LASBvxue5Awi1VWcwX_YSxfKLvWywT9kDAEzCW-NJwgYN__DlV9p4cxI6yoDR4O-L103SGb86SJeg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKcXwtX9gHevzLD2DJ7vdak&google_cver=1&google_push=AYg5qPKU3rp1Hq3C4PcE1-LASBvxue5Awi1VWcwX_YSxfKLvWywT9kDAEzCW-NJwgYN__DlV9p4cxI6yoDR4O-L103SGb86SJeg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YNLclW39QluHVZHwPigMqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKU3rp1Hq3C4PcE1-LASBvxue5Awi1VWcwX_YSxfKLvWywT9kDAEzCW-NJwgYN__DlV9p4cxI6yoDR4O-L103SGb86SJeg
Request Chain 170
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIGXjJ5WKw6mYEDCDGLFym0&google_cver=1&google_push=AYg5qPIwTAT_PR7eTpxP4Yjc3Ba4z7wSpFFtdcsxye91kGBMe3eTI1GUKLLtpC2vZhoGiRUOZaV6PmhFp24EaQhcGQB5CRGDByc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RURE0zUzMtMjAtTExLQw==&google_push=AYg5qPIwTAT_PR7eTpxP4Yjc3Ba4z7wSpFFtdcsxye91kGBMe3eTI1GUKLLtpC2vZhoGiRUOZaV6PmhFp24EaQhcGQB5CRGDByc
Request Chain 171
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag&google_cver=1&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag

195 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 16919.html
riftv.net/
Redirect Chain
  • http://delegation-sante.com/r.php?v=dD1jJmQ9MTUwNjgmbD03Mjc5JmM9NDQ2NTA3
  • https://itsssl.com/nuOg5?sub1=1&sub2=15068&sub3=40&sub4=7279&sub5=446507
  • https://riftv.net/16919.html
100 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.23
Resource Hash
6321f8887dfb13403972e9fd32f67eb9f5eaa8aadc0a17f91205f4b8f4721634

Request headers

:method
GET
:authority
riftv.net
:scheme
https
:path
/16919.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.23
cf-edge-cache
cache,platform=wordpress
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://riftv.net/wp-json/>; rel="https://api.w.org/"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMnaQdZH9vLafeTHgxvMF2s4m7JmUYqp8wEhdQYrtd%2FUL2mYwzO7hvuteOa58OVkgAf36hRCPQuu1qT02DMwM93d%2BywGBn8oV8cxtwZiVOzag541FAv08DZhMD4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
691f6323e877431b-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Tue, 21 Sep 2021 01:05:48 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
vary
Accept-Encoding
set-cookie
PHPSESSID=qk16le4k6o46c05d73obuu2do4; path=/ short_nuOg5=1; expires=Tue, 21-Sep-2021 01:35:48 GMT; Max-Age=1800; path=/; httponly
location
https://riftv.net/16919.html
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Blzm3NzU%2BbJzJS8ERfH0SjETj%2F%2FJJZuMfNdt3GLFPLJBZaDKIZMMbvSSvOd%2FY6VY9UtrmAH8Wj4%2B95ENMypxQNylW3v5Uuxtm4LoW%2BvYUvs39EuIvAajnbt61kgf"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
691f631b6a6a16e6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.min.css
c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
blocks.style.build.css
riftv.net/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 		0
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
931
cf-polished
origSize=184
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
last-modified
Sat, 18 Sep 2021 02:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67eYGRfq2OgZPmoS5A9qtZOM%2FDzF7rw78G%2FEHsn7xamiIBKiSxABPp44bJy81RHoOoq0QUsClYNjhonY%2Fp47l1TZgt9MhPHnPmrliZgJiKHfmFjJb5FqRvU4ypQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
691f63400dbf431b-FRA
cf-bgj
minify
styles.css
riftv.net/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=2640
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 02:30:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbSbggrtA3Gir4SdFxfM9rlnpYQH3fWsCo7V%2B0uxD4SjcudxDYMCo29V85MfZzh7wiZVscmaUUnKBAebkXt35JyfZ5o1nanWejDL5jVDpWknbwjsfpZXuXfIjqs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
691f63400dc0431b-FRA
cf-bgj
minify
style.css
riftv.net/wp-content/plugins/taqyeem-buttons/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/taqyeem-buttons/assets/style.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5203d82659edda0e0a20ad736dd4d8bf5b84953be6cb7485805bc917116e678

Request headers

:path
/wp-content/plugins/taqyeem-buttons/assets/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=4142
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 02:30:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYGbwm387BXZIRAWDRctzcr5WGlHNKK4EggWg9gAaEnnmHcmHKv2O0TOTiRCz%2FNMPtlX63WnZioLJVCALQ4E%2Fw40ajQ%2BfTlsjDgoRRTqYB%2FSx2%2BdUDi7cO7E3ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
691f63400dc1431b-FRA
cf-bgj
minify
style.css
riftv.net/wp-content/plugins/taqyeem/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/taqyeem/style.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ed71cba1999e5fff7768eb192e7e91166780a642084c4ba2a758bfecfd84c7

Request headers

:path
/wp-content/plugins/taqyeem/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=6907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 02:30:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sxoQnYwMJyvIOx%2BxG8W%2FMHNQ8LT2izx2CFZ3O17NvZRPITv1vt4ALUL4Nk6wT%2F80I4jN%2BGq3l4iUjU23Tqgxt%2BIkDKGMxOIs9hK63wqkLkwFRt1OyOikP0eghk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
691f63400dc2431b-FRA
cf-bgj
minify
style.css
riftv.net/wp-content/themes/sahifa/ 		160 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/themes/sahifa/style.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406674b8b4de2041cf136fda82b9a1c3698facb1dc385acd861a779b1023a964

Request headers

:path
/wp-content/themes/sahifa/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=201117
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lba8yMSq06T5nvX8gl3OrZLnIP6L%2BhL%2BOXVre3sL3aT%2BFCiukLXmu9w4y9QtTEA8tfh4THFkYYneNzQq%2BulNURrHie0KYbvl3hlVpnhI44Aoi4B7vx38LLZcArk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
691f63400dc3431b-FRA
cf-bgj
minify
skin.css
riftv.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245

Request headers

:path
/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=7289
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y20mu52w3BbAEFEp8bo6ojsx4%2FNN8I7Lv9UufqETWPM6TurgbcJZrz5wNT2WE69rHm71rXrB%2F9EtJ9NCA9vgKAzmNjeV72jBRWSNR8thY264%2BkOMoHN2Nudx4Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
691f63400dc4431b-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		754 B
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Origin
https://riftv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:41:10 GMT
server
ESF
date
Tue, 21 Sep 2021 01:05:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 01:05:52 GMT
jetpack.css
c0.wp.com/p/jetpack/10.1/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.1/css/jetpack.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Tue, 07 Sep 2021 15:38:53 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
soccer-info-front.css
riftv.net/wp-content/plugins/soccer-info/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/soccer-info/css/soccer-info-front.css
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9657b0a8fad94d69d0317ab203423ac22731eb3b4116482acd110ab96f976563

Request headers

:path
/wp-content/plugins/soccer-info/css/soccer-info-front.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=12307
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 02:30:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzZOihV2Ujc772XPsD8TGNt9Mq%2Ff9j%2Fb5GGxAhzn%2FVjxaniwcI9Ou6t%2FWsBb%2FqwFlyo2o50dewJB7g%2B%2BSzPNlhYsGedqzF4uyjv0HeRf46FOj3tI2PEE0Z7Va5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
691f63400dc5431b-FRA
cf-bgj
minify
app_logo-e1631934700392.png
riftv.net/wp-content/uploads/2021/09/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://riftv.net/wp-content/uploads/2021/09/app_logo-e1631934700392.png
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06371d8776d82528f3da81be8a87ee02b9a4a98b2d8fe0f15e125074159b7a2b

Request headers

:path
/wp-content/uploads/2021/09/app_logo-e1631934700392.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
last-modified
Sat, 18 Sep 2021 03:11:40 GMT
server
cloudflare
age
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Iq61LkR6lBOHQuobkn1KWhvXFK%2FuyEZCAeAGDpLwI4d1C5HZqdOX%2FO68kQDax8SV1bLsR5BGrm8JooJGsHEvRs0GB8%2BbXMgE%2FOW92muNaTPlehmYR2sncUDCDI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691f63400dc6431b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8524
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
rocket-loader.min.js
riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 09:29:40 GMT
server
cloudflare
etag
W/"61446004-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoIzTS1lAGy6On%2FrLK811wGmYH0PCapcrh%2FIyj6xBd58qAH40NtEXaGQvK5LLLR%2FInRZwv3%2BUAWLOfTpgFesKIIEl9vJYcEqKAxLvHy7Sh85pyH3ZpO2xjSsbSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691f63401dcc431b-FRA
vary
Accept-Encoding
expires
Thu, 23 Sep 2021 01:05:52 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 15:43:35 GMT
server
cloudflare
etag
W/2021.8.2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
691f63402cde6910-FRA
e-202138.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202138.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 12 Sep 2022 00:30:46 GMT
float-left-right.js
riftv.net/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/float-left-right.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd6ef384f95c63760a90ab5e6d0ddc45ecee28a134fd869dd7d6ff629a7b274

Request headers

:path
/wp-content/plugins/devvn-float-left-right-ads/left-right-ads/float-left-right.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3168
cf-polished
origSize=1951
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 02:30:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVa9dmTwE7TuO84BjYvR%2BnHfBgProm5RHsFdJUXWkyG9W72NceZxKrTvyOR4cpgChRV6ShYXPTosXGltnIpJehQ%2FJ3cVbVEGOFUzy7ME7cbMohbLvHt37pcRChQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
691f63403fb968fd-FRA
cf-bgj
minify
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2532
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
691f63406c374dd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 24 Sep 2021 01:05:52 GMT
search.js
riftv.net/wp-content/themes/sahifa/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/themes/sahifa/js/search.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7

Request headers

:path
/wp-content/themes/sahifa/js/search.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=15010
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opmed89BNaHS%2FfYcz1hqJPyZLNxQ5k8xOpzALjdpuW%2FTDeSCXkN8f64bYOKaARLytDKFLhV21%2BeWIZqruZqLq30YiszYeZhpK6msZapYolUbb9Fa%2FL%2BOUPPmYlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
691f63403fc468fd-FRA
cf-bgj
minify
ads.js
riftv.net/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		68 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955c98325a7e06af12c0e9a93a342ce5abe84b545e181ca0bdf110a1b5331139

Request headers

:path
/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=78
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 02:30:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BP8vlKjN7jB7NCWwPttlpJA76ESrtnkDvrzk3cM4loXFAisoU3DcoqsrAyhoN08ji%2F1Xl1YD%2FZMvi70ljmjA3XFMDJ6RrIYcDkEf2V2f4sUVESTkk%2Blgttn5BeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
691f63404fcb68fd-FRA
cf-bgj
minify
wp-embed.min.js
c0.wp.com/c/5.8.1/wp-includes/js/ 		1 KB
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/wp-embed.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
lazy-images.js
riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe

Request headers

:path
/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 18 Sep 2021 02:30:05 GMT
server
cloudflare
age
3217
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL23WmcyBGwiO9vKQC853HiQ0GUCZh%2BNt%2FUHFhDoL8rkvT38nzA9XxS1GDF5AQnfvEkznbyGi%2FTJCPq6yEBKLKLWv7hBrLpJsE4HH0zyZP8RDe2IntDvGsr5qcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691f63404fcf68fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
intersection-observer.js
riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5

Request headers

:path
/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 18 Sep 2021 02:30:05 GMT
server
cloudflare
age
3217
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX3g%2B99LlR67HVERaovJMJYYMC53K%2BqdHGYqAI2%2FtRaxUV9979ZLzi2TpHP6ukeR4ch61wj1RoKIZJyAWzr1voJZH6t4z%2FDazJaUYsSYXxOYDhAgeCmsx4KO7X4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691f63404fd168fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
ilightbox.packed.js
riftv.net/wp-content/themes/sahifa/js/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec9ba8ea2e9004c97a81a78dd2d340952c5fcfc3942a44e429bf5b9e57133b13

Request headers

:path
/wp-content/themes/sahifa/js/ilightbox.packed.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=77020
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJHp1ppCep8A0tnZqFcRybR4vPiIQ%2B7MVHt35aktzY%2FIJde7ft86XcAykF2CsDBZbvH5JYN%2BZi0gEjOj2cJIES3kIJ42Khb3j%2FFIFf9PoT8D4iI0NRZO5TJN%2FEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
691f63404fd268fd-FRA
cf-bgj
minify
tie-scripts.js
riftv.net/wp-content/themes/sahifa/js/ 		74 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/themes/sahifa/js/tie-scripts.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b7f068c42f2f7db3a8f5a6a41d2731c251413b79478112dee394e725ec43ed

Request headers

:path
/wp-content/themes/sahifa/js/tie-scripts.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=78678
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsFLuAPZcbCS951A%2BrQHP887Lfgl6%2F60qtC278LRFxnoYFAZIdFVOKvNdkp5yM%2FLAdMUpuVNCyEH9%2BjzYyh2uTnj3lMSyZ%2BN3qVytvIEMoYgLigMNYybJeLtazs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
691f63404fd368fd-FRA
cf-bgj
minify
index.js
riftv.net/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/index.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 18 Sep 2021 02:30:20 GMT
server
cloudflare
age
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikmk998nP5IVoBJ%2FrSDxxNZMsyQTVICzBIZZCVufDMoNYknhNx5YRCbRKRUXvw1e1rbM5KR98TuY3rV5gbkpjkDzb8u2XLE14xn9dITwOVw4MY5XfYQB8sgyxNE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691f63404fd568fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
wp-polyfill.min.js
c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/wp-polyfill.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Mon, 14 Jun 2021 23:18:11 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
regenerator-runtime.min.js
c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/dist/vendor/regenerator-runtime.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Wed, 23 Jun 2021 00:06:13 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
photon.min.js
c0.wp.com/p/jetpack/10.1/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.1/_inc/build/photon/photon.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
submit.js
riftv.net/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c811b4ac9b3f23ec0c8eadae3be374682a860d290aac9cde2a8a8911b7412c

Request headers

:path
/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/submit.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 18 Sep 2021 02:32:57 GMT
server
cloudflare
age
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sbSEPtxKfu33viwycwyGQZySPqaNxq8pz%2BPV%2F5uLB3VRkhhZa3bvw6Y3SbDaXy4H4dzHShEpRy0MFdELrV6qT9zpAQW3lxN3Cn9YzN3mkxOV%2FmCjNTccudyjxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691f63404fd668fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4786732530380180
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4da9a73c699a8dd54f6da51d6f8ae8dbd5352900df1ac7fc51ed4a99450cd9ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Origin
https://riftv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49113
x-xss-protection
0
server
cafe
etag
16951115657666143100
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 01:05:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
cb5bc673a8b21b35caa73f4e692e73b72405b9733fa15821efd235720fcda0ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49133
x-xss-protection
0
server
cafe
etag
10526510731543585738
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 01:05:52 GMT
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186817945-1
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b4d843c4f416a55a32ca1b36f3e5005bd8fbfc2a9dc235d675ec2b8758d3c2fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40287
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Sep 2021 01:05:52 GMT
ads.js
riftv.net/wp-content/plugins/wp-quads-pro/assets/js/ 		33 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/wp-quads-pro/assets/js/ads.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
797fba42d38e7a8dc369b91337c52e831d8e725a5ec3dec546fec209c2c71639

Request headers

:path
/wp-content/plugins/wp-quads-pro/assets/js/ads.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=35
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
33
last-modified
Sat, 18 Sep 2021 02:29:59 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6Ja%2Bls45VGluWD6ntf9UJFjWuvPyR%2BqnLWtOmBD56YjWe2pWZWmTq8FpO9qP1jg6FqRR8fZwMK3b5MXLx%2Bc9GlFzsm2fB8zM0srgtEMQe6Nyxb5SiCAFDyTNzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
691f63404fd868fd-FRA
cf-bgj
minify
tie.js
riftv.net/wp-content/plugins/taqyeem/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/plugins/taqyeem/js/tie.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7ff45b69815432f69ab60b817a525cdf51526341ccd5594f048b5bd6cbd6ca

Request headers

:path
/wp-content/plugins/taqyeem/js/tie.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
930
cf-polished
origSize=2536
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 02:30:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3p56mSf3ropzPtgOTL4IFZP2Zo%2BLeF5UaWXBfbec8S5l7eIB%2FNIzJ%2FO%2BcaT1nbU%2F7bfFVGNYwHKQIbUOekGYtkX4Qywc4m94RCD6cpPDMkJBcLUFDAmBPCeLcLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
691f63404fd968fd-FRA
cf-bgj
minify
jquery-migrate.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
jquery.min.js
c0.wp.com/c/5.8.1/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.1/wp-includes/js/jquery/jquery.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 21 Sep 2022 01:05:52 GMT
body-bg1.png
riftv.net/wp-content/themes/sahifa/images/patterns/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://riftv.net/wp-content/themes/sahifa/images/patterns/body-bg1.png
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21bba2a5f9f66f4ea29660babd03fa1fb7db245f0deecfe16c185a844b8524c

Request headers

:path
/wp-content/themes/sahifa/images/patterns/body-bg1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
age
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7R%2FzmyuZySGxxzHJGf5FOA%2Bl6DYgjqwG%2FfXmkW8ub24RayzsXBb%2BjM5PWObM6YeFEGOwZFKo7HriZA0quLbxlfQW%2FpQqpR%2FYwwWZF7vglAPi6p0IHkLwCHKDY0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691f6340981e68fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5548
home.png
riftv.net/wp-content/themes/sahifa/images/ 		1022 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://riftv.net/wp-content/themes/sahifa/images/home.png
Requested by
Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040

Request headers

:path
/wp-content/themes/sahifa/images/home.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
riftv.net
referer
https://riftv.net/wp-content/themes/sahifa/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
age
3923
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTNG5XaDh%2B9e2SrvOi65e1A9QS%2BPZ%2B9V%2FoGl2QjrxmrNggGeb4D1Ko9gkMNgi79m8%2FbuUMjQzAISJswUF9gXp5WKhiPfYyfW83JBiNjdnLPL6yMjRcXUVdjMUh4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691f6340982968fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1022
stripe.png
riftv.net/wp-content/themes/sahifa/images/ 		93 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://riftv.net/wp-content/themes/sahifa/images/stripe.png
Requested by
Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

:path
/wp-content/themes/sahifa/images/stripe.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
riftv.net
referer
https://riftv.net/wp-content/themes/sahifa/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/wp-content/themes/sahifa/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
age
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAuSxKBDn8GVJ6%2F6RtEoKedpMFMlgx%2FJKczC0qp8VywkaXhCvmwAH7uGM0DFDEPxxQdx26maExi%2Bm0CwzCyS75%2Bif%2BI%2F5ZV2%2Bj%2Bb8oVNccfbgGqo%2B%2BSUQhhOK4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691f6340a82e68fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
93
fontawesome-webfont.woff2
riftv.net/wp-content/themes/sahifa/fonts/fontawesome/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path
/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
pragma
no-cache
origin
https://riftv.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
riftv.net
referer
https://riftv.net/wp-content/themes/sahifa/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/wp-content/themes/sahifa/style.css
Origin
https://riftv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
age
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVOCTshDTvfIe%2FinavPffj9tcjwMjJ%2FKDiatcZV4PQenoBPkgDSu00CTYM4wrRlUzrp6cFtSF7EIcDiJDfguA2nsGdjMtJ2LaBL%2FXeCb5X%2BzQrgXfoI940GBy0w%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691f6340a83a68fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
71896
SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://riftv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 20:03:17 GMT
x-content-type-options
nosniff
age
18155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21232
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 01:56:42 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 20:03:17 GMT
BebasNeue-webfont.woff
riftv.net/wp-content/themes/sahifa/fonts/BebasNeue/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
Requested by
Host: riftv.net
URL: https://riftv.net/wp-content/themes/sahifa/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088

Request headers

:path
/wp-content/themes/sahifa/fonts/BebasNeue/BebasNeue-webfont.woff
pragma
no-cache
origin
https://riftv.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
riftv.net
referer
https://riftv.net/wp-content/themes/sahifa/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://riftv.net/wp-content/themes/sahifa/style.css
Origin
https://riftv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
cf-cache-status
HIT
last-modified
Thu, 17 May 2018 09:11:10 GMT
server
cloudflare
age
930
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHmtt300r0tiFIMqKzK6MFVlRLh003sO84Y4V53N5%2F4VHv9pkByGY3EiHODB%2FS%2FXipfAN7vXnDYj%2Bd2ExRKYd0IxKMflnzwPKJWCMLhMYhkU0%2FzZ4t5oj8G0cvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
691f6340a83e68fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19996
SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://riftv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 15:22:17 GMT
x-content-type-options
nosniff
age
35015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22340
x-xss-protection
0
last-modified
Thu, 20 Feb 2020 02:52:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 15:22:17 GMT
wp-emoji-release.min.js
riftv.net/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://riftv.net/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/16919.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Jun 2021 02:45:12 GMT
server
cloudflare
age
3217
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ9WtMbmLd3lb5C51H04BIXs59YKVqWNInMwRzoVi7ZqGaCLgpQV6YY9clIuGMn4ZK8ZD0xfNMwIWjUQQjawnOU4lK8YQZjFlPdDKEkGeQ71xcCcNDh%2BWZ3kS08%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
691f6341998668fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/ Frame A551 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210916/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210916/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 20 Sep 2021 23:43:39 GMT
expires
Mon, 04 Oct 2021 23:43:39 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
4933
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 		253 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f610f8f9d6906db189fd2e6e79af43565e7f46a90a544096c8d9e00b7916bc18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95704
x-xss-protection
0
server
cafe
etag
6585056725647189716
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 01:05:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4786732530380180
Requested by
Host: riftv.net
URL: https://riftv.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
4da9a73c699a8dd54f6da51d6f8ae8dbd5352900df1ac7fc51ed4a99450cd9ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Origin
https://riftv.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49113
x-xss-protection
0
server
cafe
etag
16951115657666143100
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 01:05:52 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186817945-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
833
date
Tue, 21 Sep 2021 00:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 21 Sep 2021 02:52:00 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-55TCKJ2V2B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186817945-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
21601b8f3edd6ffdfc3620f88013bb7faa24d80ef224801314e15b06e4e654cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51041
x-xss-protection
0
expires
Tue, 21 Sep 2021 01:05:53 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1327696420&t=pageview&_s=1&dl=https%3A%2F%2Friftv.net%2F16919.html&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20RIFTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=706242226&gjid=1322460247&cid=1068792509.1632186353&tid=UA-186817945-1&_gid=1907773539.1632186353&_r=1&gtm=2ou9k0&did=dZTNiMT&z=41301687
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=riftv.net&callback=_gfp_s_&client=ca-pub-4786732530380180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4776375aa38df1e318c1004e6e1e93fa8dd18f7317d866e53c7f744b00201209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BFEB 		59 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
33a7ea6f55d1f9fba10b5d0aa637da0f05e9fdd39913c139ed840e1791250172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
content-length
17750
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 01:20:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27652
x-xss-protection
0
server
sffe
etag
"1632137829538267"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 01:05:53 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-55TCKJ2V2B&gtm=2oe9k0&_p=1327696420&sr=1600x1200&ul=en-us&cid=1068792509.1632186353&_s=1&dl=https%3A%2F%2Friftv.net%2F16919.html&dt=Page%20not%20found%20%E2%80%93%20RIFTV&sid=1632186352&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-55TCKJ2V2B&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-186817945-1&cid=1068792509.1632186353&jid=706242226&gjid=1322460247&_gid=1907773539.1632186353&_u=YGBACUAABAAAAC~&z=716606877
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.71.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 21 Sep 2021 01:05:53 GMT
content-type
text/plain
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C855 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=522&slotname=4595207511&adk=3709760374&adf=2830473785&pi=t.ma~as.4595207511&w=1045&cr_col=4&cr_row=2&fwrn=2&lmt=1632186353&rafmt=9&psa=0&format=1045x522&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352940&bpp=2&bdt=317&idt=196&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=278&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rS4tPD2BPt&p=https%3A//riftv.net&dtd=200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4786732530380180&output=html&h=522&slotname=4595207511&adk=3709760374&adf=2830473785&pi=t.ma~as.4595207511&w=1045&cr_col=4&cr_row=2&fwrn=2&lmt=1632186353&rafmt=9&psa=0&format=1045x522&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352940&bpp=2&bdt=317&idt=196&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=278&ady=483&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rS4tPD2BPt&p=https%3A//riftv.net&dtd=200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 01:20:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 4185 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=2908623078&adk=1153787187&adf=823027770&pi=t.ma~as.2908623078&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352942&bpp=1&bdt=318&idt=205&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zGTPUWsyxJ&p=https%3A//riftv.net&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f0f0f1260904a73b9b9f4a6ba6eb7ec781dbeefcd88031cd4789d2819476437c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=2908623078&adk=1153787187&adf=823027770&pi=t.ma~as.2908623078&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352942&bpp=1&bdt=318&idt=205&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=436&ady=1925&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=zGTPUWsyxJ&p=https%3A//riftv.net&dtd=209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
content-length
212
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 01:20:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
private
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-186817945-1&cid=1068792509.1632186353&jid=706242226&_u=YGBACUAABAAAAC~&z=29913547
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E0E8 		65 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6f9571e5c399221c5bf9230df67613767a8554f2bb9f70acb9d5302945a06fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
content-length
27544
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 01:20:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
private
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BA5F 		65 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
cf591ddcec9deb8c10d30c29e321596e39a4bbcfb0fd5b89113012a9a7b1fc6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
content-length
27645
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 01:20:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Friftv.net%2F16919.html&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Friftv.net%2F16919.html&tn=DIV&cls=background-cover&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2886 		105 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1632186353&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Friftv.net%2F16919.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352967&bpp=2&bdt=344&idt=293&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ba138d63e17d46-22003e313bc90067%3AT%3D1632186353%3ART%3D1632186353%3AS%3DALNI_Ma5cdB-3YLQ5jrvtPQ62bmi4XdwnQ&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080%2C120x1080&nras=1&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=301
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4dfdb5a5c15bcb974cdb34f60418979be5d6fb3ff4dba8b1d52f4574ea3e1710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4786732530380180&output=html&adk=3046330955&adf=2044148826&lmt=1632186353&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Friftv.net%2F16919.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352967&bpp=2&bdt=344&idt=293&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ba138d63e17d46-22003e313bc90067%3AT%3D1632186353%3ART%3D1632186353%3AS%3DALNI_Ma5cdB-3YLQ5jrvtPQ62bmi4XdwnQ&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080%2C120x1080&nras=1&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=6&uci=a!6&fsb=1&dtd=301
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
content-length
28175
x-xss-protection
0
set-cookie
IDE=AHWqTUk9aLi94BWvFU6MLRC-OGyhebXIcA3XHTUot3MbneR_OBKfaPfPFxuO_Fesdos; expires=Thu, 21-Sep-2023 01:05:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
private
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2532
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
691f6344df954abd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Fri, 24 Sep 2021 01:05:53 GMT
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.1&blog=187526598&post=0&tz=0&srv=riftv.net&host=riftv.net&ref=&fcp=7046&rand=0.04915404281564051
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210916&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
d939ddc5cd93ab33bd71f4bc65278fa38d9c3de95c26ab54e2e037c85fb7cd7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8537
x-xss-protection
0
rum
riftv.net/cdn-cgi/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://riftv.net/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://riftv.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
quads_browser_width=1600; _gid=GA1.2.1907773539.1632186353; _gat_gtag_UA_186817945_1=1; _ga_55TCKJ2V2B=GS1.1.1632186352.1.0.1632186352.0; _ga=GA1.1.1068792509.1632186353; __gads=ID=33ba138d63e17d46-22003e313bc90067:T=1632186353:RT=1632186353:S=ALNI_Ma5cdB-3YLQ5jrvtPQ62bmi4XdwnQ
content-length
1389
:path
/cdn-cgi/rum?
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
riftv.net
referer
https://riftv.net/16919.html
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://riftv.net/16919.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://riftv.net
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
691f63446d3968fd-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 21 Sep 2021 01:05:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame BFEB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 00:33:33 GMT
css
fonts.googleapis.com/ Frame BFEB 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:41:44 GMT
server
ESF
date
Tue, 21 Sep 2021 01:05:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 01:05:53 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame BFEB 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 17 Sep 2022 09:23:10 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame BFEB 		357 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
0aebcd38397f33a5e7c8d39dd1dcb0eb19618cd23cd430a535c9e8666542c815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126725
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 17 Sep 2022 09:22:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame BFEB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 23:45:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 23:45:39 GMT
csi
csi.gstatic.com/ Frame BFEB 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kttdm2km&c=34506313722&slotId=17253156861&qqid=COfwpP7vjvMCFUvyuwgdqyADjw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BFEB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:50:07 GMT
x-content-type-options
nosniff
age
51346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Sep 2022 10:50:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame BFEB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:46:15 GMT
x-content-type-options
nosniff
age
490778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 08:46:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFEB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CPtCC8S9JYae0CMvk7_UPq8GM-AjMkeCkZYjShbv3Df_gor3AARABIIa6tX9gyQagAe6_2boCyAEFqAMByAObBKoExQFP0C835sny8rmsOH1hiwS0sgYIploa47jBWmXa02NDhDXaOCLmbDHItbLBTDaQy3cRyHA_h8poAdLpYD98OAVzkPGp_i42qwZMute-W7L970RD5TWatl_U73oDlpnvJirslPwPSC9v2ZnhIl79gOHjJrmjEYSI5W6ftotLNBr7alCX3ViB_ZSZJibF2nQfQsp51azsFeDiayQceb7NYtyK92uqf10bfOMOPYkK9foKUtWlHSF0i6QrwjJf_L5M9ZM3vuMqWcAEysaTgMUD4AQDkAYBoAZ5gAf6v6bFAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAcgLAeALAYAMAbATlPHAC9ATANgTDYgUUtgUAdAVAYAXAQ&eventType=clickstring&clientTime=1632186353555&ai=CPtCC8S9JYae0CMvk7_UPq8GM-AjMkeCkZYjShbv3Df_gor3AARABIIa6tX9gyQagAe6_2boCyAEFqAMByAObBKoExQFP0C835sny8rmsOH1hiwS0sgYIploa47jBWmXa02NDhDXaOCLmbDHItbLBTDaQy3cRyHA_h8poAdLpYD98OAVzkPGp_i42qwZMute-W7L970RD5TWatl_U73oDlpnvJirslPwPSC9v2ZnhIl79gOHjJrmjEYSI5W6ftotLNBr7alCX3ViB_ZSZJibF2nQfQsp51azsFeDiayQceb7NYtyK92uqf10bfOMOPYkK9foKUtWlHSF0i6QrwjJf_L5M9ZM3vuMqWcAEysaTgMUD4AQDkAYBoAZ5gAf6v6bFAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAcgLAeALAYAMAbATlPHAC9ATANgTDYgUUtgUAdAVAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame BFEB 		18 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ALWL1wkUF7CF38Syh0yi3ElaViNTbuOS-mXbpVz_haXv8oA6DvFtItwNvM4YZMGPgbkaKkb6J7pd4iobH6HUpA5fgkRQ&cry=1&dbm_d=AKAmf-DdRNQVqJq8hm5nsAZ4TzQtzgtUKHVZbaZHQlTzFARs84robs9mkZcenjkq43O7ikA9-Ejd2P7lYRZzlOuDdxH2GKlBzBR2G7z2U4IL4RrpF8wkhcNPCwNKqnw4ArPlWdyAHCXHnM3XG9v7eO8O0yJp7a2T8Fwq-ylV_NCEPqZzwwv_JSXV-fughUcoOmr6Zcgf4HtzTr3G0R6wJavHHtBInnhTV8az07AWyrnmZrcZfn6rCjXPSKaWczq6QZOTX-f9kbT6gLqWx-jYpfoXM2GGXdUIwkeyMbcWn8IuhVW__koHs6B7ClXqwhURWumGzzWaJzpMQEqN2ou7_eVy4HBBFWgBRX0urpPZZc9md-mGeuk5CSc0Q9wPCeSmcj8JZ89BJPfG8mwRHzuARroRyMfYXc-WYW5eOBYI9DzMPaCr7l1adyoWOQQ6eoF7pxv9_QraDSQyVksUkmsMQRJkXuZIQU8maldjAmg0Hi87Aam1B61h9001NEMMYYOO-HlAxYuEkdSXdU7l-41TmWPJNaBhyFJpD0JmZMMiZ0eTwamRbTmLG4YbvTP5NTQXL34dM0Zp3PbJ1j1AYsXDDWqSGqE5CHTVkVukwB2dW4V3qo3Wmcf-W0uNEfYhynDCkUB_emUv7Fk0JAtPHwWeTG4kZWV08R6l9iSXFSvAGEQlpcsnAGhySbOqn69PNnrlYXgEJfrjVdyejHPOWNIA6l6SOAoXLfwyOor--Ap_91WO2w7D7gBr418S9PzKpasvESt5QCfLjf7HlZTXq7OHFLYewEL7xPBKAW0dKxp6RTMbhncXuhFbXRtxF-TcutzKXMTO-yyDzJ2YnJK3o15hnwZBCHfvbUSXXPHJcOaZWrRJOyZsddGYqvjplGcFuw13FdeA2f2EB-7pn0nUsSZflF5qlc2kdNt76a68dMdwrA_Xw_CTTi9aj2JOYr1hzJydv-nOY45OwtWIgvrNY7K1nWCGmtgbMJHL857Kb7iptzzMY0plPnRr6EuFjJ4bsT5u6T3imR8im525qF_ALQuB4dTMwp5mZTyrMCn_PqQtKzVTsx9vxEW_5VzmboOruBVjuxJbLE5SjJr0S8kilNATNeFqoHRgyqh48PFOWDmCYQDIx73BVi7rSsat-rNWVmeZHiJPQqCLAMoXNFcyj2bC1rOT5_GB3o4J1JSNu6tSV1b-mN_WW0K3MJJ6Y0IuGJF4cTgkb92CAFF5lLuqWrR1GV8dlvkWJjQwcqdN4YIeJG6x6PdhimT_UckCIuxgWl3BhsHJRP8buAkgWD1jlEXzQV3ZCPTpwPgQN_fBzpfaK7Fxn0GIsG9UcakcYvyYwldKS-IF76P_vMtNnr3rwJZPLnXTTYzOYZoZIJEdF3ZmXUGVy9yjtHyVROQMd72RRUuCQnP2pqAgN7u4ANAKbWH_QMRogPzL-3aPxc49pzf-FfyxLIbI0_kBlo1ZDNvUO55MUZ-b-QgDig5eTTugV7NRAlCuKm4ycYskIVqrKww2zw1MJYBUoVRjij4AaJBI7vuXuZhEN4hHD98GYnBj5hJ8M53bLY6k1t1MrpNdgmvku7d-WS_TLcKMyiAL_ICpux5PHrl1QNjewn0S35u6xNNAgaBLvZWtVVrO5GvRudU7qSLwyiwzrTGEHMAjjnuAGhEam3gqWpXFECUUdJyOZJL8t68XXKw9C0eJNeP5V-LJS5lQkGjxqUGW0tMBDNu470wsoUhfG0vvUqVeRxPkWaoZkzrnopSVNBLBYsINaEYxIp75gfkVAr3lOg00kilboKOkFKTeQmvm7rHGuwyhIEk4Sspr-UcK9_qDe77vnUHzz9XU7VYb-4IGHlpjm733HIhD_16PmnnkyxFMyo9_b33mOMC62H_3_-WjMgGTMeR7ov4wLPfzbfwIFXtMvCldPfA_X7-3w-1REAriGghvRm6dyvHgKd-ILo0klFzwA9Zth7FH1MUe5BfjAt8AUJ3y15Z9NvQnsPFu8qnv2KC9Hj1d3sTzovWXsIt6l6RcVhLeM6zjqZKHDuI7_mmLm3pPwsPtnelFkJOlyXkLg1xjL2QwQ3s1OqVX97mXoDd0RS4AyUbOCZKK2TYZnShRNSuF-mF3l9a4zoHtH1Ithx-uo3w39XyVhmtMEYdbSdmMThNPK7BA3BiPgy8XE0ZNx0fNbAkrla54axW5P3aVCsdx_Qva_m3FdUT23tV0Rlw8I3KKmpHbDHWI7YCrf4unckuklt0fdkqJfWqpICrzO0rWAhwF4l7GEiFhcWZrkV62B3mfksBcTNs4NEe_TdTm4HIFmJ_2UErjpQJ2Xkw8trCPVm9t-MzkH2F6yzoVr_8YRuGXmnO1AIM0BiOEB5e6j_SVhN_X8zuTeLmGK0BLzjmAcUy3zW_ysa7R7VDcxnISOA_wW2_pWf-VuRefX1ro9HMyrVs-eLJHGNrupAWbX8Oe3o1RbpIm4b3vT1SsZD_wQrGBd9q-UvSwPyhzcHpKp58uvmmPj2lDGHAtPId3DPr9V1RclFbn6EcvecK27dUGHJf7NIlVHbg05HX2t3xERD4Nn2AMSNWEkBTdIfoLe7lox2CfORZ7YbfPnmanK85JMbvJ7a0iKbZP8KMeS0_zPchI0IVGiDEO7jymMEGQuBXabNSB4UXH4fHLTPTVXjEJqDLqIebnE-RkUzP2vOc4C31-tz8CojXktnVTPX7pksAgIUR83dRw-jlyxN4ZrQEoXHKrn9H40r89gGdv3TRS_d6Hlb0SDN6-yCB6lLDManseejy-QpnbYVBuoY4ogS8Ote5EYnJlpE1PmXTxpwLp_5K04T-Eil6zwzLIXII-EH1NVwE_4C0lVx7CWr0S2A&cid=CAASBORofc4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
cafe /
Resource Hash
10a8ad27d3d8c4e6290003b77769e67607c5b15688c54d60f5c053a5e9c480eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11841
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BFEB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2nNc8S9JYae0CMvk7_UPq8GM-AjMkeCkZYjShbv3Df_gor3AARABIIa6tX9gyQagAe6_2boCyAEFqAMByAObBKoEwgFP0C835sny8rmsOH1hiwS0sgYIploa47jBWmXa02NDhDXaOCLmbDHItbLBTDaQy3cRyHA_h8poAdLpYD98OAVzkPGp_i42qwZMute-W7L970RD5TWatl_U73oDlpnvJirslPwPSC9v2ZnhIl79gOHjJrmjEYSI5W6ftotLNBr7alCX3ViB_ZSZJibF2nQfQsp51azsFeDiayQceb7NYtyK92uqf10bJOKUyBqYlWjkxnblioILfTBTOKZcHCUAFCBXpMAEysaTgMUD4AQDiAXV5IeXL5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGeYAH-r-mxQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcKEJmCARiHsO6iAdIIBwiAYRABGB-ACgHICwGwE5TxwAvIE-6l8wjQEwDYEw2IFFLYFAHQFQGAFwGyFxwKGggAEhRwdWItNDc4NjczMjUzMDM4MDE4MBgA&sigh=KyPv-U1AW8o&cid=CAQSGwCNIrLMuLY_5HrYdJ0qjv80u4NLohlUuW8FdQ&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 21 Sep 2021 01:05:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 21 Sep 2021 01:05:53 GMT
truncated
/ Frame BFEB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe7faa8f7f7df216c49979c2908a59a1ddf004caf7918f1556d511acfe180af7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DCC8 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 20 Sep 2021 22:11:29 GMT
expires
Tue, 20 Sep 2022 22:11:29 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E8A3 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f132.1e100.net
Software
GSE /
Resource Hash
b199a83f7ca429779fd1388a0edb679440e028e793fd058e3fed8c9025504247
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PVB9kFR1ZLWg83JXExcQkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 21 Sep 2021 01:05:53 GMT
date
Tue, 21 Sep 2021 01:05:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-PVB9kFR1ZLWg83JXExcQkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tag158609
ads.revjet.com/ Frame BFEB 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.revjet.com/tag158609?_key=b7b&_cb=1632186353137767
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
95.217.105.225 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.105.217.95.clients.your-server.de
Software
nginx /
Resource Hash
4fb974d07fb81bde84cd96f0109c41d8f5287507d63c7ddd9832fc8674836805

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
server
nginx
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
must-revalidate, no-cache, no-store
x-server
ip44622
access-control-allow-credentials
true
content-type
text/xml; =;charset=UTF-8
content-length
6016
expires
Sat, 01 Jan 2000 12:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A6D3 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNXsFBNxq5f8gz6UGUc8S3sbU7UyrawCr-9d4j8gVIoiMxqkDKQuUcGl8va90wN5ZfEABBbhd2jPkyCX5sQ7D7r0-z-rUg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNXsFBNxq5f8gz6UGUc8S3sbU7UyrawCr-9d4j8gVIoiMxqkDKQuUcGl8va90wN5ZfEABBbhd2jPkyCX5sQ7D7r0-z-rUg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlHV6H5mdhC0F1gZOsrgpJJYM4147z-zX0acdjkg_ot8QPFRTJRSCYubDgO_-A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame B7DC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 21:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 21:15:39 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/ Frame B7DC 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 23:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2646
x-xss-protection
0
server
cafe
etag
7823829336074104133
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 23:23:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B7DC 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWJehJvtTmLXBHEGv4SN0iXRfqJR9iLT1kH35akig_TjHpSoAz_Yd3wZVsov48iBvfeMhjRmomFk1xdpc0MtUm643I9tE3R75lsKwhZfDm4zKB-AWHsY_mgf6H8C_jL58GLk0khL7DLEvRrMdmKODZKVmUlkwaNbzMt5EX_gKShLjoL4ieu9XTGO-Hp2-TR31dM0TbJK2Wg6YEp5s0HP-pOnjTWrmbZCLxHXOvbo2XZt79ZGICA3pEWnOTQhcJJBxNTDQgMCd1ZSohpwPLh9deXDPZCqiutcFbeAtnV67-XzmTLFtcxPvvJc8YeMFq0DhVxw5likwnKn4B7FtdqKnSJ40gIlMqwlT2za3FMfAe7vpjUhy16zC65AMVE_uBekBWXbhJjgXv4Fvsk1TJZxEJkC_gGwPlc4UgS7mMOQYDnHND9sz3W8NpLgfhG0GfdkG1lLvMXLH8UngobKFarAfZ7Q_iwZ7Kiyp4FFlGLrSP4d2T7ozAA_3vUjMO2uh8RZwo1Nmqq43t8N8hjgxvLNh2UKYpGJ5DhfPuxxwejHcBBAs3Wja8qi4JsitbhQXBxb1wpGChilw3K-4XLJ3pVlAU2h20JoATFHMm7ScWPv9-OszojqSpCmGgiCzrA8Lo29pv3Gr281bfIW-KrNoi6P0RKS1spBbXmsnuc3cs65F_SsohfmNm8dQ-Vk3b0R6tKo15Wxvz5aiYtRAEUg4vd5wm05wzFFfzcyuuzFtwmdv1vT9CjOup1lTTDBkelihEdYwn3uLNBfsgxogKNKLQzRYNnuodux5d7zru3SNLOeDzx1n57vFQhe4kBdpPmYz_GrOyLA0Y7vaNZGq3hlQ5eeXVSoH0NGXAcBcSD_QEZHPMWcJs9eM9UdEQWkT0M34yeFA5Y-7WphYZBp4zwvVyXdZMbudICtRY-VDec12WHlFQXhn_fLSPWC2l9B9v4A1g_-tcaNWB_8S75dT0ITccBS4Eziy2Q_g7JCSGjo8SHPVc-UEhf2ycDDG7SQ&sai=AMfl-YTPhlRG9K2jZtYC2WyZDFcxdTc37qWoz7yF6kTi4on_mElNKdLZOqnno0eIYpB9lca4Y3kg4yrpndmjvImKSRMdIgYUsxPI1CAbPzW70nchqemoM6T1aUaK9z3EvfQ8yBY-2OybNVk98OdcllX2Pp0QSopCtNBPBMwwZ0TNvA&sig=Cg0ArKJSzEVRhnuFhz-pEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210916.46017&adurl=
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 21 Sep 2021 01:05:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B7DC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame B7DC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 00:46:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7DC 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1632137836110461"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 01:05:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame B7DC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 23:45:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 23:45:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7DC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDo9IdiZqz7ILOlsn7xxabQGzK4NrVKeO5OlGvhuFapX0tZU1CWXc1vGNAWjmKhJVOz4rcCCKbnIQVRpzgj_5nLERaVyDgYUqK3aaB2fnlH_eQ28M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9811832887585832660
s0.2mdn.net/simgad/ Frame B7DC 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9811832887585832660
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=644353800&adf=2711302622&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352945&bpp=3&bdt=321&idt=250&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280%2C120x1080&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&xpc=7dDHA4LsXo&p=https%3A//riftv.net&dtd=260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f6.1e100.net
Software
sffe /
Resource Hash
fb75b99c3778d8ad13ed09653f69df9073f87d2fb257119652f027669e162d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 05:23:05 GMT
x-content-type-options
nosniff
age
502968
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39204
x-xss-protection
0
last-modified
Thu, 25 Mar 2021 12:08:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 05:23:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E974 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNW0GziiROztZVCo431y0KzCHFZPdFLUHTZh-ZzAi4frgEmNmjOS0skc0qyWGxcFcTaXflmZ9zGp9c_-1V_F8QS3FuA_cw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNW0GziiROztZVCo431y0KzCHFZPdFLUHTZh-ZzAi4frgEmNmjOS0skc0qyWGxcFcTaXflmZ9zGp9c_-1V_F8QS3FuA_cw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlHV6H5mdhC0F1gZOsrgpJJYM4147z-zX0acdjkg_ot8QPFRTJRSCYubDgO_-A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 21 Sep 2021 01:05:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9811832887585832660
s0.2mdn.net/simgad/ Frame 4B88 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/9811832887585832660
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f6.1e100.net
Software
sffe /
Resource Hash
fb75b99c3778d8ad13ed09653f69df9073f87d2fb257119652f027669e162d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 05:23:05 GMT
x-content-type-options
nosniff
age
502968
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39204
x-xss-protection
0
last-modified
Thu, 25 Mar 2021 12:08:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 15 Sep 2022 05:23:05 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame 4B88 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 21:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 21:15:39 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/ Frame 4B88 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 23:23:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2646
x-xss-protection
0
server
cafe
etag
7823829336074104133
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 23:23:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4B88 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulpsKek2Q7trmkdlMg0qbFxP_pmkmKGYVryGnhj7pqVMQoF2f2ym-5tHXpubl-iTijnUBqKP_xl7fKoUrOWhIyX5czcBQPVhkoi__j1V_2_124nZ_THT9o1Ikn6k2QfTnMtKJN_V6jcUG-g9McfIxft4weH2Sl0eaaKQkKCu7l6iHJy0pPGS89Omdj21CQiBa1HEKvrTxLi7G9Cnva8uMymLQP7feV6WK_Tv2G2Eok1iwfk9gntpjmn3Jn3HeUZ9vRV1fyvyrKuWZX3yBpu-caSjFEVloMXTgl7eL13n1-GqosQiRiIVNZ5W2HY3_F89G76XWvpoWKMNj6eFAM8QJZUODyvHXXcvCQO8bMPN3yJyN3DfxEfFBh1djkKe3hcOcv8Hxk1tJuztVD1wvB08RajqODi-M5gIGuwnLsKvr8euH2mT33tMZ_TuYnvl9bU9kSKIvnNvp7qZ05pDIy6Tk7278lslJdf2GuyV3GqqRWblC-W9DsQUqu8Qli54Cf2NuD77yI-H-ORhJQ0G7dasK2KzABNYxIpe2hRjoQLDJE-hs51DRo6IAKLAEOr3OTNmmnZQelvhI3VxDHZhCNCWcofnBSyhBwO7-PrXjgsNW3QBkR3iNibC72AuteJIK3TfEAnMW8X7I2yiLVbEg68J0UcYXJ7cuaeyigeGAJNr3AuMsNzDCYoAKgPIBSI09UvTu9c9hMZP5w1XPtbv1R03PQ1oKT2pxUAOwAvL9_HXeOpPZykMb1hFqB3IaILGlj2q-OW9aNFHRHI2DH6osbXJh7rTdC84N9U2CEhsH0lsrNErgfntWf0QBV5wy71PudWlt4M3zQYCBS28CxT568pTsQbnY-Hpee70UkPnPdZCSzknAvov-LbGvsh5sydzW5-D21pXZUtZAtHHrhWEgLJxwUvbgUVK-PBWhQ_NcpVkU0O1Pk6cYLQGK0JCzbT9KF5S1cAqZwABd0q0EhRwCGZaOlHDh51d7KSca0mnMSKJRgiH1UeSgx0MEDPw&sai=AMfl-YR9LKugMTLavI1d5h_7DLN1j-j82vAGsjhUyMkaeFjWn2jgFUe5Fcp_G9aNW5DOOqcYJHrpa9sSbgWlAQolC4xCsa12X1lTqxusqQlexXh8KWKercCryfbnO7QAqCF1jRSJTD9N0Cdqcsed8Gr5InCyCd9zVETPh5X6yivBYw&sig=Cg0ArKJSzEed22Mvk09gEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210916.25541&adurl=
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 21 Sep 2021 01:05:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4B88 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317267
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 4B88 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:46:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 00:46:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B88 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39526
x-xss-protection
0
server
sffe
etag
"1632137836110461"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Tue, 21 Sep 2021 01:05:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame 4B88 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 23:45:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4814
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 23:45:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B88 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdSsYS3pEmEjvPag2ZSJwezPuO938A7lFOX6ZVM-AtQp63396NKDAEWJ9VBFenfB5Y5xSedMHlnDmXIhS1eknP-4bu9dOyNOvI6dkBBVWphjdcI1E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=1080&slotname=1821230127&adk=2656946602&adf=2853643837&pi=t.ma~as.1821230127&w=120&lmt=1632186353&psa=0&format=120x1080&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352943&bpp=2&bdt=320&idt=244&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x280%2C1045x522%2C728x280&correlator=6025756825077&frm=20&pv=1&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaonEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=5i0Lb4pOQy&p=https%3A//riftv.net&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame BFEB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317262
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:11 GMT
csi
csi.gstatic.com/ Frame BFEB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kttdm2l2&c=34506313722&slotId=17253156861&qqid=COfwpP7vjvMCFUvyuwgdqyADjw&fb=outstream-lima&gpm_i=4&gpm_c=4&gpm_a=4&smb=1000&br=997&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vmfc=4&vhc=0&msm=1&aits=0&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0&umsem=0&ape=1&met.4=videopreviewvisible.jm
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B7DC 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWJehJvtTmLXBHEGv4SN0iXRfqJR9iLT1kH35akig_TjHpSoAz_Yd3wZVsov48iBvfeMhjRmomFk1xdpc0MtUm643I9tE3R75lsKwhZfDm4zKB-AWHsY_mgf6H8C_jL58GLk0khL7DLEvRrMdmKODZKVmUlkwaNbzMt5EX_gKShLjoL4ieu9XTGO-Hp2-TR31dM0TbJK2Wg6YEp5s0HP-pOnjTWrmbZCLxHXOvbo2XZt79ZGICA3pEWnOTQhcJJBxNTDQgMCd1ZSohpwPLh9deXDPZCqiutcFbeAtnV67-XzmTLFtcxPvvJc8YeMFq0DhVxw5likwnKn4B7FtdqKnSJ40gIlMqwlT2za3FMfAe7vpjUhy16zC65AMVE_uBekBWXbhJjgXv4Fvsk1TJZxEJkC_gGwPlc4UgS7mMOQYDnHND9sz3W8NpLgfhG0GfdkG1lLvMXLH8UngobKFarAfZ7Q_iwZ7Kiyp4FFlGLrSP4d2T7ozAA_3vUjMO2uh8RZwo1Nmqq43t8N8hjgxvLNh2UKYpGJ5DhfPuxxwejHcBBAs3Wja8qi4JsitbhQXBxb1wpGChilw3K-4XLJ3pVlAU2h20JoATFHMm7ScWPv9-OszojqSpCmGgiCzrA8Lo29pv3Gr281bfIW-KrNoi6P0RKS1spBbXmsnuc3cs65F_SsohfmNm8dQ-Vk3b0R6tKo15Wxvz5aiYtRAEUg4vd5wm05wzFFfzcyuuzFtwmdv1vT9CjOup1lTTDBkelihEdYwn3uLNBfsgxogKNKLQzRYNnuodux5d7zru3SNLOeDzx1n57vFQhe4kBdpPmYz_GrOyLA0Y7vaNZGq3hlQ5eeXVSoH0NGXAcBcSD_QEZHPMWcJs9eM9UdEQWkT0M34yeFA5Y-7WphYZBp4zwvVyXdZMbudICtRY-VDec12WHlFQXhn_fLSPWC2l9B9v4A1g_-tcaNWB_8S75dT0ITccBS4Eziy2Q_g7JCSGjo8SHPVc-UEhf2ycDDG7SQ&sai=AMfl-YTPhlRG9K2jZtYC2WyZDFcxdTc37qWoz7yF6kTi4on_mElNKdLZOqnno0eIYpB9lca4Y3kg4yrpndmjvImKSRMdIgYUsxPI1CAbPzW70nchqemoM6T1aUaK9z3EvfQ8yBY-2OybNVk98OdcllX2Pp0QSopCtNBPBMwwZ0TNvA&sig=Cg0ArKJSzEVRhnuFhz-pEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=168&vt=11&dtpt=167&dett=2&cstd=0&cisv=r20210916.46017&adurl=
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame B7DC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2fc8fc8c825f829b53d310478a6ed56670be046dd85ad303353b450b96cc757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame E8A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210916&jk=2684485149987423&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame A6D3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNXsFBNxq5f8gz6UGUc8S3sbU7UyrawCr-9d4j8gVIoiMxqkDKQuUcGl8va90wN5ZfEABBbhd2jPkyCX5sQ7D7r0-z-rUg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 01:05:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 21 Sep 2021 01:05:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A6D3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUkv8be21Xa9bWAa5SNoRwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNXsFBNxq5f8gz6UGUc8S3sbU7UyrawCr-9d4j8gVIoiMxqkDKQuUcGl8va90wN5ZfEABBbhd2jPkyCX5sQ7D7r0-z-rUg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 01:05:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 21 Sep 2021 01:05:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6D3 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNXsFBNxq5f8gz6UGUc8S3sbU7UyrawCr-9d4j8gVIoiMxqkDKQuUcGl8va90wN5ZfEABBbhd2jPkyCX5sQ7D7r0-z-rUg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A6D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNXsFBNxq5f8gz6UGUc8S3sbU7UyrawCr-9d4j8gVIoiMxqkDKQuUcGl8va90wN5ZfEABBbhd2jPkyCX5sQ7D7r0-z-rUg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 01:05:54 GMT
X-Proxy-Origin
216.131.114.235; 216.131.114.235; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0ff4d57f-12cd-4db2-9303-5c825f959062
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ve-vcrv2831_2_20210602223846_w854_h480.mp4
cdn2.revjet.com/s3/ve/2021/06/02/22/38/vcrv2831/2/ Frame BFEB 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn2.revjet.com/s3/ve/2021/06/02/22/38/vcrv2831/2/ve-vcrv2831_2_20210602223846_w854_h480.mp4?_media_file_id=57783182&_media_file_size=3742635
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.34.237 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/676F) /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 21 Sep 2021 01:05:53 GMT
age
94
x-cache
HIT
Content-Range
bytes 0-3742634/3742635
x-amz-replication-status
COMPLETED
Content-Length
3742635
x-amz-id-2
CQyqT9fLGDIB5IPrrMZv77doUjZg4okdbwhHqIbia3KFGAI9oJqd7Pwaa5/enHaD/GfpBUiKeD0=
last-modified
Wed, 02 Jun 2021 22:38:49 GMT
server
ECAcc (frb/676F)
x-amz-request-id
C965AXNNST2SYBFY
etag
"d56bd620c43487814a5060585b61291e"
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-type
video/mp4
expires
Tue, 21 Sep 2021 02:05:53 GMT
csi
csi.gstatic.com/ Frame BFEB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kttdm2s4&c=34506313722&slotId=17253156861&qqid=COfwpP7vjvMCFUvyuwgdqyADjw&fb=outstream-lima&gpm_i=4&gpm_c=4&gpm_a=4&smb=1000&br=997&mt=video%2Fmp4&vs=854x480&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fads.revjet.com%252Ftag158609%253F_key%253Db7b%2526_cb%253D1632186353137767&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4B88 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulpsKek2Q7trmkdlMg0qbFxP_pmkmKGYVryGnhj7pqVMQoF2f2ym-5tHXpubl-iTijnUBqKP_xl7fKoUrOWhIyX5czcBQPVhkoi__j1V_2_124nZ_THT9o1Ikn6k2QfTnMtKJN_V6jcUG-g9McfIxft4weH2Sl0eaaKQkKCu7l6iHJy0pPGS89Omdj21CQiBa1HEKvrTxLi7G9Cnva8uMymLQP7feV6WK_Tv2G2Eok1iwfk9gntpjmn3Jn3HeUZ9vRV1fyvyrKuWZX3yBpu-caSjFEVloMXTgl7eL13n1-GqosQiRiIVNZ5W2HY3_F89G76XWvpoWKMNj6eFAM8QJZUODyvHXXcvCQO8bMPN3yJyN3DfxEfFBh1djkKe3hcOcv8Hxk1tJuztVD1wvB08RajqODi-M5gIGuwnLsKvr8euH2mT33tMZ_TuYnvl9bU9kSKIvnNvp7qZ05pDIy6Tk7278lslJdf2GuyV3GqqRWblC-W9DsQUqu8Qli54Cf2NuD77yI-H-ORhJQ0G7dasK2KzABNYxIpe2hRjoQLDJE-hs51DRo6IAKLAEOr3OTNmmnZQelvhI3VxDHZhCNCWcofnBSyhBwO7-PrXjgsNW3QBkR3iNibC72AuteJIK3TfEAnMW8X7I2yiLVbEg68J0UcYXJ7cuaeyigeGAJNr3AuMsNzDCYoAKgPIBSI09UvTu9c9hMZP5w1XPtbv1R03PQ1oKT2pxUAOwAvL9_HXeOpPZykMb1hFqB3IaILGlj2q-OW9aNFHRHI2DH6osbXJh7rTdC84N9U2CEhsH0lsrNErgfntWf0QBV5wy71PudWlt4M3zQYCBS28CxT568pTsQbnY-Hpee70UkPnPdZCSzknAvov-LbGvsh5sydzW5-D21pXZUtZAtHHrhWEgLJxwUvbgUVK-PBWhQ_NcpVkU0O1Pk6cYLQGK0JCzbT9KF5S1cAqZwABd0q0EhRwCGZaOlHDh51d7KSca0mnMSKJRgiH1UeSgx0MEDPw&sai=AMfl-YR9LKugMTLavI1d5h_7DLN1j-j82vAGsjhUyMkaeFjWn2jgFUe5Fcp_G9aNW5DOOqcYJHrpa9sSbgWlAQolC4xCsa12X1lTqxusqQlexXh8KWKercCryfbnO7QAqCF1jRSJTD9N0Cdqcsed8Gr5InCyCd9zVETPh5X6yivBYw&sig=Cg0ArKJSzEed22Mvk09gEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&vt=11&dtpt=135&dett=2&cstd=0&cisv=r20210916.25541&adurl=
Requested by
Host: riftv.net
URL: https://riftv.net/16919.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 01:05:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 4B88 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e71778fe6db4abb7e435d175d70a3c5e1fa1f352ab0fe4f6ed09fdc962869c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CD01 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 17 Sep 2021 08:58:07 GMT
expires
Sat, 17 Sep 2022 08:58:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
317267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame E974
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNW0GziiROztZVCo431y0KzCHFZPdFLUHTZh-ZzAi4frgEmNmjOS0skc0qyWGxcFcTaXflmZ9zGp9c_-1V_F8QS3FuA_cw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 01:05:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 21 Sep 2021 01:05:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E974
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUkv8be21Xa9bWAa5SNoRwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNW0GziiROztZVCo431y0KzCHFZPdFLUHTZh-ZzAi4frgEmNmjOS0skc0qyWGxcFcTaXflmZ9zGp9c_-1V_F8QS3FuA_cw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 01:05:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 21 Sep 2021 01:05:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E974 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNW0GziiROztZVCo431y0KzCHFZPdFLUHTZh-ZzAi4frgEmNmjOS0skc0qyWGxcFcTaXflmZ9zGp9c_-1V_F8QS3FuA_cw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E974
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DELiiJBjRrtmhATAB&v=APEucNW0GziiROztZVCo431y0KzCHFZPdFLUHTZh-ZzAi4frgEmNmjOS0skc0qyWGxcFcTaXflmZ9zGp9c_-1V_F8QS3FuA_cw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 01:05:54 GMT
X-Proxy-Origin
216.131.114.235; 216.131.114.235; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ad789d3e-a9d5-4bb5-8d2d-e84ff0e4e1b0
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDM2NTU4NDExNjQwMDQ0NDkwMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F654 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 17 Sep 2021 08:58:07 GMT
expires
Sat, 17 Sep 2022 08:58:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
317267
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
pagead2.googlesyndication.com/bg/ Frame DCC8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 20:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
362608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13277
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 16 Sep 2022 20:22:26 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame A150 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Fri, 17 Sep 2021 08:58:11 GMT
expires
Sat, 17 Sep 2022 08:58:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
317263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ff4d452039a0ab4ce44f3d708be0186d30d632b6ff65fd296a8a93b11ac7da65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53046
x-xss-protection
0
server
cafe
etag
12604060163903404395
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 01:05:54 GMT
ca-pub-4786732530380180
fundingchoicesmessages.google.com/i/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4786732530380180?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
9b51b9247b3caa2e06dab13a5d7cc3e0e70b758ece980a094998b18c0ad7dd67
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L+nSzylKSIJJZDd3lFn7IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-L+nSzylKSIJJZDd3lFn7IQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-L+nSzylKSIJJZDd3lFn7IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-L+nSzylKSIJJZDd3lFn7IQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
date
Tue, 21 Sep 2021 01:05:54 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
1103
pix.revjet.com/interaction/ Frame BFEB 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.revjet.com/interaction/1103?__ads=a1d812f4c41c8e36b4ee13868db1d584&__adt=7666816651329242308&__ade=1&vid=5004185298543003745
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.21.233.17 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.17.233.21.65.clients.your-server.de
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
cache-control
no-store
content-type
image/gif
content-length
43
expires
Sat, 01 Jan 2000 12:00:00 GMT
dc_oe=ChMI6ZHD_u-O8wIVkJ6FCh0pzQthEAAYACCTl_dGQhMI5_Ck_u-O8wIVS_K7CB2rIAOP;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,...
ade.googlesyndication.com/ddm/activity/ Frame BFEB 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6ZHD_u-O8wIVkJ6FCh0pzQthEAAYACCTl_dGQhMI5_Ck_u-O8wIVS_K7CB2rIAOP;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30072%26vmtime%3D25%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642445658%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632186354100;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BFEB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CPtCC8S9JYae0CMvk7_UPq8GM-AjMkeCkZYjShbv3Df_gor3AARABIIa6tX9gyQagAe6_2boCyAEFqAMByAObBKoExQFP0C835sny8rmsOH1hiwS0sgYIploa47jBWmXa02NDhDXaOCLmbDHItbLBTDaQy3cRyHA_h8poAdLpYD98OAVzkPGp_i42qwZMute-W7L970RD5TWatl_U73oDlpnvJirslPwPSC9v2ZnhIl79gOHjJrmjEYSI5W6ftotLNBr7alCX3ViB_ZSZJibF2nQfQsp51azsFeDiayQceb7NYtyK92uqf10bfOMOPYkK9foKUtWlHSF0i6QrwjJf_L5M9ZM3vuMqWcAEysaTgMUD4AQDkAYBoAZ5gAf6v6bFAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAcgLAeALAYAMAbATlPHAC9ATANgTDYgUUtgUAdAVAYAXAQ&sigh=FWiSSh8p0ps&label=part2viewed&ad_mt=26&acvw=sv%3D20210908%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30072%26vmtime%3D25%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642445658%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632186354100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1000
pix.revjet.com/interaction/ Frame BFEB 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.revjet.com/interaction/1000?__ads=a1d812f4c41c8e36b4ee13868db1d584&__adt=7666816651329242308&__ade=1&vid=5004185298543003745&_js_site_page=[URL_SIGNALS]&p_h=[P_H]&p_w=[P_W]
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.21.233.17 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.17.233.21.65.clients.your-server.de
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
cache-control
no-store
content-type
image/gif
content-length
43
expires
Sat, 01 Jan 2000 12:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BFEB 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssr9EifOAhjU-eCR4Q-savYon04680HbXPDlPm81B2P5VK6neSqCK3jVPRsNJzOd_bfc7gMwUChFwZseT0wra9wIYqyp0iwo48oFmEgDp-vDWQdLv098qpEmIAXIoohX5siTmCR_yxtPGaDLhcZ__jLcFhS0hrB5MaLCzNFAuRbF0ySetg062xUJQScF988RCtOwCkVdL0NKJxkvPbmLMyu3sYY7ngFq2MutebBzpb6vHLKPbj6U4ywMElFAvfyFxSg9LzGdQqCBkKwyNemqHL6pblEDFMhQ1caEqNZwove8jO2lnOftHn97H_dNrQ8iSZfeIK1Vb068yFqhpdL0o95V2dgOqIOeGBXW_n6k-WwXJNMOoJDL9QmzDZ_HR-0k-9IMj2k7Ur8JpsfNzMhx7zhOfqQcaiF9_wopCUqEcBfOR_-cYOQ06mDyXTigyE79Nz0YJuVkLe35AHG-MNhnEKqpDDOm0h-eYkh0RxgKP8pN6sdqDE-Co7-wPq8uHRrua3eg5Si-g--iVw6VtfpnK12gic4q4njEhvXCsbtSp8v5gKuE50yW2JYTlCQl8_1RUNpNFt51okBMh8eHBY5PacX4OfnZeWVfCFrmPAkVSOHNjNrtvj687TwnNW5ZUdZjOSVEVCY9X_OPZddFea2XBRCeIbh-SBOqQtu6LUgtMUGTwpAExM4F1mWxVYuJrqZQ-LGrZUHYOBry93ga_Ts1QSOmiVy5UsajWVsYMUFJ71vDGhqQFUn6P30WglYtbb4kidP_H2NFOI5ZyGfzAxoz0Xm0_rCD1lILKEwg2lsM1In1-sYR0-WhveYo7_mulQdHcpxKfqva9ZzVWfoSV7DRV6lmAUMpDky1PzPZTkvtyoWYHGtvfM0HS7UHF_cIAAmx07kXQuybH9_Jq7zrmbIGVNl-kG9Kz29ofyvQk1MOpShc5w9wfGosd4SzbRaDi5sARwcSa4ZpQ2kyyZsoRmmQRjGF3HBmkDF8gqC-8VGcNQ4uMPg3Oybp0vnUPiEAP6upqz8Ccnt&sai=AMfl-YQ-OIaZ9IhXWu-Qn11Ow3AqynddbvpCNCm3VeHU4615EPM_WOhWtjn3gpJX01AwKKq_WPpTB5QNB0k47s6EMrxmyIFsL_jX2oi7ptHWtTywsaSVUampqjvJV6wHHKvifNy-&sig=Cg0ArKJSzEN6inIkZ2tPEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 21 Sep 2021 01:05:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame BFEB
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBDiz-kCGIew7qIBIAEwAQ&v=APEucNW9pDnv3veSg0HEWXMgflY8pZu-KTGZkourfxeUvqfGW-FgGxWpWX1v6RPXDE9CydE6-sRMjNtogw97wNiDsQIWnlScKw
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUkv8be21Xa9bWAa5SNoRwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 21 Sep 2021 01:05:54 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 21 Sep 2021 01:05:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFEB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6ZHD_u-O8wIVkJ6FCh0pzQthEAAYACCTl_dGQhMI5_Ck_u-O8wIVS_K7CB2rIAOP;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame BFEB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6ZHD_u-O8wIVkJ6FCh0pzQthEAAYACCTl_dGQhMI5_Ck_u-O8wIVS_K7CB2rIAOP;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30072%26vmtime%3D25%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642445658%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632186354100;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BFEB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuDk5a-uJmOpiSjmiYOjAAJ_Q_iKhrZ5wgqsr_XhhseBRRRuEB-sGTozTx-Hnp4WMA1EDrhDWswmPnfRWrX8awUP7tkjyO1HzdAwC-h4Bk12ez1uc&sai=AMfl-YR8DGL061fXjI4fsvjELXU2-CS_jmtkDhElPXKK48_kE0IKW0PzbkQOa4W-WAwcyZWtjO6f3qsXSno0&sig=Cg0ArKJSzN8NN3qOaEh0EAE&cid=CAASBORofc4&id=lidarv&acvw=sv%3D20210908%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30072%26vmtime%3D25%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642445658%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1632186354100&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
900
pix.revjet.com/interaction/ Frame BFEB 		43 B
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.revjet.com/interaction/900?__ads=a1d812f4c41c8e36b4ee13868db1d584&__adt=7666816651329242308&__ade=1&vid=5004185298543003745
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
65.21.233.17 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.17.233.21.65.clients.your-server.de
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
cache-control
no-store
content-type
image/gif
content-length
43
expires
Sat, 01 Jan 2000 12:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame BFEB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CPtCC8S9JYae0CMvk7_UPq8GM-AjMkeCkZYjShbv3Df_gor3AARABIIa6tX9gyQagAe6_2boCyAEFqAMByAObBKoExQFP0C835sny8rmsOH1hiwS0sgYIploa47jBWmXa02NDhDXaOCLmbDHItbLBTDaQy3cRyHA_h8poAdLpYD98OAVzkPGp_i42qwZMute-W7L970RD5TWatl_U73oDlpnvJirslPwPSC9v2ZnhIl79gOHjJrmjEYSI5W6ftotLNBr7alCX3ViB_ZSZJibF2nQfQsp51azsFeDiayQceb7NYtyK92uqf10bfOMOPYkK9foKUtWlHSF0i6QrwjJf_L5M9ZM3vuMqWcAEysaTgMUD4AQDkAYBoAZ5gAf6v6bFAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIBhEAEYH4AKAcgLAeALAYAMAbATlPHAC9ATANgTDYgUUtgUAdAVAYAXAQ&sigh=FWiSSh8p0ps&label=vast_creativeview&ad_mt=26&acvw=sv%3D20210908%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D30072%26vmtime%3D25%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642445658%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1632186354100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4786732530380180&output=html&h=280&slotname=7281954683&adk=1662183511&adf=2036783278&pi=t.ma~as.7281954683&w=728&fwrn=4&fwrnh=100&lmt=1632186353&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Friftv.net%2F16919.html&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632186352929&bpp=11&bdt=305&idt=159&shv=r20210916&mjsv=m202109200101&ptt=9&saldr=aa&abxe=1&correlator=6025756825077&frm=20&pv=2&ga_vid=1068792509.1632186353&ga_sid=1632186353&ga_hid=1327696420&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=580&ady=54&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060032&oid=3&pvsid=2684485149987423&pem=705&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=8I4PYo1v5c&p=https%3A//riftv.net&dtd=176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame BFEB 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kttdm2u3&c=34506313722&slotId=17253156861&qqid=COfwpP7vjvMCFUvyuwgdqyADjw&fb=outstream-lima&gpm_i=4&gpm_c=4&gpm_a=4&smb=1000&br=997&mt=video%2Fmp4&vs=854x480&dm=30000&event_name=first_play&asset_bytes=189833&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=videopreviewstarted.sr
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxWkgNP5O2vZm33zwhbAgx5F-QtH4BhIiYmZvaRCXB74et-9HXx0cRDmBvrx6d4VdX5amfpf2s77869wqyfQcAs=
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWkgNP5O2vZm33zwhbAgx5F-QtH4BhIiYmZvaRCXB74et-9HXx0cRDmBvrx6d4VdX5amfpf2s77869wqyfQcAs=?pvid=FC98C7D5-03C0-4396-B5DF-143D0F0F492E&anonid=45D45707-63B6-4CD3-9245-59BC9E225FC1
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.jjsHamj7b_E.es5.O/d=1/rs=AJlcJMxN2HiD_w0vm3j6u2MHHf3DCsTsLQ/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+V/G7saZRwGIv+fYWqCEEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+V/G7saZRwGIv+fYWqCEEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-+V/G7saZRwGIv+fYWqCEEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+V/G7saZRwGIv+fYWqCEEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXIogd5M4t4mvJKnV1Y1Ih-rBFpCwbBh9RMRunHPIzbxB2ArqgiInUBdKu3fKBM-s184vV7UaFTBlhR5Jkd7Fg=
fundingchoicesmessages.google.com/f/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXIogd5M4t4mvJKnV1Y1Ih-rBFpCwbBh9RMRunHPIzbxB2ArqgiInUBdKu3fKBM-s184vV7UaFTBlhR5Jkd7Fg=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMyMTg2MzU0LDM0NzAwMDAwMF0sIkZDOThDN0Q1LTAzQzAtNDM5Ni1CNURGLTE0M0QwRjBGNDkyRSIsIjQ1RDQ1NzA3LTYzQjYtNENEMy05MjQ1LTU5QkM5RTIyNUZDMSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3JpZnR2Lm5ldC8xNjkxOS5odG1sIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.jjsHamj7b_E.es5.O/d=1/rs=AJlcJMxN2HiD_w0vm3j6u2MHHf3DCsTsLQ/m=loader_js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
a44356c0c4d0624295212693eedea7cf44072f112be6414e3bab086f68cbcaa5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TV63u+zx8wPJmDEX5O3bIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TV63u+zx8wPJmDEX5O3bIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-TV63u+zx8wPJmDEX5O3bIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-TV63u+zx8wPJmDEX5O3bIA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 21 Sep 2021 01:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/ Frame B004 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109200101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://riftv.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUk9aLi94BWvFU6MLRC-OGyhebXIcA3XHTUot3MbneR_OBKfaPfPFxuO_Fesdos
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 20 Sep 2021 23:55:32 GMT
expires
Mon, 04 Oct 2021 23:55:32 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
4222
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
pagead2.googlesyndication.com/bg/ Frame F654 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 20:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
362608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13277
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 16 Sep 2022 20:22:26 GMT
ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
pagead2.googlesyndication.com/bg/ Frame CD01 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 20:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
362608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13277
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 16 Sep 2022 20:22:26 GMT
ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
pagead2.googlesyndication.com/bg/ Frame A150 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 20:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
362608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13277
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 16 Sep 2022 20:22:26 GMT
css2
fonts.googleapis.com/ Frame B004 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 00:51:50 GMT
server
ESF
date
Tue, 21 Sep 2021 01:05:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 01:05:54 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/ Frame B004 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 21:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7680
x-xss-protection
0
server
cafe
etag
7151105853351230339
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 21:54:04 GMT
AGSKWxWyTkaSUaBbXUwvEWacMe6MNauDMAw_DbaVbNVIKgWBHkC4369GlAOn_452smChwXiNqaz8d28y0A-inxdbz6_1gP0zD_vC0Dh-ONsnZi2JF93T6qOBnvC_BwBNNwRUtLKjVarPTZh6-4sYN3G5u4CCKDFneEyVbM9n_zU32nhnBO_iIhlR0vfSrdTn
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWyTkaSUaBbXUwvEWacMe6MNauDMAw_DbaVbNVIKgWBHkC4369GlAOn_452smChwXiNqaz8d28y0A-inxdbz6_1gP0zD_vC0Dh-ONsnZi2JF93T6qOBnvC_BwBNNwRUtLKjVarPTZh6-4sYN3G5u4CCKDFneEyVbM9n_zU32nhnBO_iIhlR0vfSrdTn
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.cBXXj0x4Z9k.es5.O/d=1/rs=AJlcJMw1VFPvwPmQDfrcWOyM0m1Rxj_gcQ/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PFfr6TS+c+Wr4+Flt7bbpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PFfr6TS+c+Wr4+Flt7bbpQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:54 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-PFfr6TS+c+Wr4+Flt7bbpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PFfr6TS+c+Wr4+Flt7bbpQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWyTkaSUaBbXUwvEWacMe6MNauDMAw_DbaVbNVIKgWBHkC4369GlAOn_452smChwXiNqaz8d28y0A-inxdbz6_1gP0zD_vC0Dh-ONsnZi2JF93T6qOBnvC_BwBNNwRUtLKjVarPTZh6-4sYN3G5u4CCKDFneEyVbM9n_zU32nhnBO_iIhlR0vfSrdTn
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWyTkaSUaBbXUwvEWacMe6MNauDMAw_DbaVbNVIKgWBHkC4369GlAOn_452smChwXiNqaz8d28y0A-inxdbz6_1gP0zD_vC0Dh-ONsnZi2JF93T6qOBnvC_BwBNNwRUtLKjVarPTZh6-4sYN3G5u4CCKDFneEyVbM9n_zU32nhnBO_iIhlR0vfSrdTn
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.cBXXj0x4Z9k.es5.O/d=1/rs=AJlcJMw1VFPvwPmQDfrcWOyM0m1Rxj_gcQ/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F/MADJ2GGEHz+hs9239UNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-F/MADJ2GGEHz+hs9239UNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-F/MADJ2GGEHz+hs9239UNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-F/MADJ2GGEHz+hs9239UNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX3sqwVkNKDSSkitfQprb7JeXlcn249B63SiWDpNvDF03pXkvQP9D2GB5NjKRXI4DKFTHAYBHhu1uEl5Hvx2kiq4otc0aOgqqHPMbwbdmWeCiRlESJg0T5mKUK4Jch-blBMusscpPISn2CWTyexZ-3TT-UP0-acebVtkTA5tkiMQdnODwsMhtFIPAJd
fundingchoicesmessages.google.com/f/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX3sqwVkNKDSSkitfQprb7JeXlcn249B63SiWDpNvDF03pXkvQP9D2GB5NjKRXI4DKFTHAYBHhu1uEl5Hvx2kiq4otc0aOgqqHPMbwbdmWeCiRlESJg0T5mKUK4Jch-blBMusscpPISn2CWTyexZ-3TT-UP0-acebVtkTA5tkiMQdnODwsMhtFIPAJd?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMyMTg2MzU0LDY1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9yaWZ0di5uZXQvMTY5MTkuaHRtbCJd
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.cBXXj0x4Z9k.es5.O/d=1/rs=AJlcJMw1VFPvwPmQDfrcWOyM0m1Rxj_gcQ/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
d2161c4ec5dbea0cebfa5527ae1b42fb982d5efb0b4c1647b2cfaf510c0070c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MFrV1rtl093kvIUKxileag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MFrV1rtl093kvIUKxileag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-MFrV1rtl093kvIUKxileag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MFrV1rtl093kvIUKxileag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/ Frame A4CC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 00:33:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 00:33:33 GMT
css
fonts.googleapis.com/ Frame A4CC 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 00:57:59 GMT
server
ESF
date
Tue, 21 Sep 2021 01:05:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Sep 2021 01:05:54 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame A4CC 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:23:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 17 Sep 2022 09:23:10 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/ Frame A4CC 		357 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f10.1e100.net
Software
sffe /
Resource Hash
0aebcd38397f33a5e7c8d39dd1dcb0eb19618cd23cd430a535c9e8666542c815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126725
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 22:21:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-instream-static"
expires
Sat, 17 Sep 2022 09:22:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/ Frame A4CC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210916/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 23:45:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 23:45:39 GMT
csi
csi.gstatic.com/ Frame A4CC 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kttdm3ll&c=3652512534151&slotId=1826256267075.5&qqid=CODatv7vjvMCFeqL_QcdHZINhg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4CC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CBrZG8S9JYaCeGuqX9u8PnaS2sAiw0oL5XL3b7oa7C6XNiYTjGBABIIa6tX9gyQagAejOuIsDyAEFqAMByAObBKoEygFP0FdDH_7EmoR_QK0o4kUULb86X1W1EYdcZL6ourPgnkTynAr8l1cS3hehjHtL1z2MJEQ79Umgl0uzuUHkLhuqjqJvlOQMENMzK4dh5jUqf6kINaJEQrXBRqU0ZeWC5GLmnfYGXE1QRNQqkFlAveZLJFobkcmEeKws9hSMO1dNRFiZdj4G3mp8QQ8e1VxNeEDZ_lKrmcEJV4t3qqpqqcDDQhp1sBkT0_sOyWFxCEs8B6GoMPTdbgsmPZnEcvFKi_dtigqbSnVfvOhdwASI6dzw-ALgBAOQBgGgBnaAB4Cxx3SoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB-ACgHICwHgCwGADAGwE53lugzYEw2IFATYFAHQFQGAFwE&eventType=clickstring&clientTime=1632186354878&ai=CBrZG8S9JYaCeGuqX9u8PnaS2sAiw0oL5XL3b7oa7C6XNiYTjGBABIIa6tX9gyQagAejOuIsDyAEFqAMByAObBKoEygFP0FdDH_7EmoR_QK0o4kUULb86X1W1EYdcZL6ourPgnkTynAr8l1cS3hehjHtL1z2MJEQ79Umgl0uzuUHkLhuqjqJvlOQMENMzK4dh5jUqf6kINaJEQrXBRqU0ZeWC5GLmnfYGXE1QRNQqkFlAveZLJFobkcmEeKws9hSMO1dNRFiZdj4G3mp8QQ8e1VxNeEDZ_lKrmcEJV4t3qqpqqcDDQhp1sBkT0_sOyWFxCEs8B6GoMPTdbgsmPZnEcvFKi_dtigqbSnVfvOhdwASI6dzw-ALgBAOQBgGgBnaAB4Cxx3SoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB-ACgHICwHgCwGADAGwE53lugzYEw2IFATYFAHQFQGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame A4CC 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ClgXLPlhybjjXD1TCgL7m-hCmKEVPmvD7j9y7fYzY0GFO2dAS8AfRClkenkyB3lcZ6ttlHgzTIUaVfvXtkb_fn3gEPIA&cry=1&dbm_d=AKAmf-AkRzee4yMl7Hlb2RMa_CMoNpQX5EFFucaBKmFYUwgCvsB1973lwYo0m3XWKQ4MdSC3wsKwEdNNEJZVmlveANu_l0g9YLZmEHEN5d3cu6zJetluw42WdgPq71RrL7OI8uhf8ienaZWnCr6QbmHV7e10jF4MRRYqRzRgO-huxJjuoBxcLgEQ76hMmEc7tJEd5CXTY5PJNCZFZXWoihERDUlMx8_LXfccbGMShSAVNmWhSpUFdeesADKElSEL64I54cDkNESafMfe2urcY_pfP2AQPb_KgLdJ9dwdvADC93CxsHz3MJKV3G9PKK920zwYBBVI5IO_P_w37o77cpybmNAkFkARB5N8VWDRPPhmnJCBv40LFEUVP0Pqt19u9qNPhr3VAu-9jNhAXeMm8YnSfr6BCGzQHTHDeS-DTi5IPHyOeNqFCfb9Ir8InOl36C-f8MWfg6HXw-9RzaSrRwDF2SVlW_MXp5cW72uuxgcDKvKZIJVWryI7ofGR1icwd-LHqpvf2MzUwNh6TWjqIqyYpE5lhp-JIjFeHptjO9WhhY13i95JMT7yKHkg0E9yX_tSGUP8dXtG3PZOOKCKkDypzcMD2ZARpi1vsxEEdGFV3d8FbGU-2D69KQmAnNFnn3T2azP1RxVup1SJmsTf6gBFm8IZcyQq-zP7qv7qHSs_8bKMg46hYowSJBGydeE_YenMNZrYlSPa54R_35wm2bccpNIjz5aDfRGpusjbnK0qaEMf_cU0YvhqKFdBbMqgZhgqR1SKlmFCjOFrf1RvQRsmXKJZ0IAoQ6sjkrqiPe-Y4KenvxSUlHoI1jkhVFFkq4UHYLWAmdHmx6hTnL1AFAV8jnBChh52crsiI8x53BWzEn594sQmSy5MxI5tH0NnTUstr9SAW03gSiP5EFJ7M8RQxRkW1UsKAmhbu_t17BINInaTdWJvzK02PzGigAjW0U_Q1oRUoHvkqavwp64o1lAL0nK5hTImnmp-FLRvrPz8dbd-6p1va9xN-ch8U94DpRAszF8MxHsZBEPATHXBoO1vU6HPWi34CLAroRyDhPDcZJfdH1yIOH8LGfTqEAFNwu0f8HplJ4HiyzbMjQ_i9cNPmIySnFVNFUC3O_XRQvzlMmCVJWm7VedQhWSgdSOEZNyUkg-T5k18blWIUxztapEtSnM3h0ejnjolA4Wzs3DEO1I27iHAQv9vWc-Z3sCenGbDckMMYEm4rKj9R3Obyl_JouIKrfIsxS4A37YBgq9STvBI-TDt-LjhP8lZobAPSigvd8EkmHDGwNYoYrI6UBrzGcYzf-tRBOAGnpTeBfXYwYZSwNSBVh7Oi9SqL504W37Zy4YZV5aLQV2-UMqOfhLZbLVYzINALqaLLISe4gYAa-b9WsmiN_GefMRSdaKSmepr51tOcL5f4nzTM9B58RBhPILH67QpQX7GhS6Dm4mJ3yku5OZ7W4SJMYvB4LmcYaOqpeM4eA8ORLxfkpQj7RI4D_aSHyU1ZUnJOty3MM6dV7I4MDho_YZsuecGyg2fzbxbOEEzpWqET_4h-amcenw9XsaEcq5uXipWGdOEP2747hA7MJ1FrNyFiLVuCWL8RLTWUjoZDZKDanEU0ILFu8_p6XdgOlyX-uVvUUVli2QPnoRzdG19XDTzWglT3_B-c6b52ib05qUSntpqgkpR7zLal_bU3uU-8IiLqMtCUSfcD1DwbNZdg1VUYR601W_CyHQJoFFU1sFcE8a38qkCNwXcjx95JAqb6wR1yH2YO8bULA_8Q03VmoTfcGgTTAYzQalgYs6mXtjHorhSsyHb535Y6N1lJPCmbVd5jsd3FEkZxbejCfh5PmJBVyEbi8i3BZmnkXemNpEhXWZBNx7rkXiyvp0U6GbjucblDYRR-BWioiv7UmfrB8kECKBYuoHC8ARx-SSOzaceLka0_ZkeRFiOI7Pv40VBowz9eFNbjYuWMpunZRJ-9dUNdlwoxYNxnTn_60RamRbaJJ_TjDgC_t_yrJmlixUIbJu1DA54qf4OFSb9xTCSBHxnKgu64PypfdXsugCY_41-ub9ieyPKyj7kTT_Fje40MDq0hz7pBFJM8hcP0qqPy_kciJQBq9UUvb-RHdYP8GOwqPlu_8iCjYXNXcL3q-cWGs6ahSnzJFr0Tk6TUkALW6wxxxAPlwT4y-HQKajRrm0fPJtWLKpbSZpkDq51whvpfKTS-lgNFAk1s6nDc_gpAsg1a6CCeenpKvPe72zVMZDcBB2jWByf6J1gESo8W6cKtw7D_vIgiBouSFdorNd7wsrC_ZTgUmDdVqP-mVYPPNLfvxXCiEBn0EKuXgDAK7y96jZB5VPnmqCJldROfLQYgr78yzWpp_8QnsJuGktmqFnGL6ZcTt5dQzSY8qB_MQMJs6gNaWINfzb2aHbpnCy5j-T1ziGXTMF-DhfdW4vl-hscPwg-DZ-ezA1v-RpClL7I0qARHXkuRIcJLW1Jy4nnrIVty6A7IrUsrkYeVW67iqctRPmoAYmA8Ut-QcD4COnZ6Ev7C4x1m_1JX7v478iMwJaktKuqvqXDxjRDwerkutvpJ-zcQlHbcmuc4VY-A9a1tVe_V4yP7rPt02H7RTSosS_HhASsXhAR95HWasWlScYjewcBcm00YV53P57B8s0znq6LFNlVt1qis6TwpdGSnjIVwDCMs-tcxpStu75uAAFvEqxNr6j-T3SIO5HTF7PSUbeXRlLkJiDeRkAvLjRTQgLrB6oxWx66cO3-aI0o1t54yBfRY8K3O4wCbNos8XQw5l6zNebBu-5PsDGn3uX7aBY77hxSY_mNBuYhbYiR8MoWqxweesH6GrWAD84ME-g6RJhEHVvw0j-jtRO28Nrz-GAfarU3M9Vgp9OSaHMOmkIoOzPvNfIBJtqV7C21733q_1AdzQl65YvApi2irMZcdlP5DnIh-UAkENJu0n_c-dgWx17tNLV9RwdgzGi4yXiEWsAP7es6Lc8XNf6cLGxMuAksah0RAKO7bIHTy63VzjBxRRZ2yA4rV6v0O0HGlXr9t2Y_u0Rbi5OQlRRMhXIlOblRYt6tmR6UAPeqAJzO6gpCDLg4sMyVvXlxB3s8tDanbejaIwk58wat7GzNtrYXJqO0_5pjflpzHmTfzDMKjyJavb7jRUaFRYAyurKQEv182lS-5HYY_uqesXjnTIdSv7lZ8JHCCrTQI6f3zMKtmMmGtwjY5XQcfc_vW7UfaSWiiA&cid=CAASEuRovz7zvyOVfsVYtL0lvZQ4vQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
cafe /
Resource Hash
4f98d34f016106cdba8016728c682f7d3612150c7f1f054d4f0ca1d4b450abfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14787
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B135 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 20 Sep 2021 21:06:15 GMT
expires
Tue, 21 Sep 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14379
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame A4CC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 08:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317263
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 17 Sep 2022 08:58:11 GMT
3
r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A4CC
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6662EDB33D64A1DDA0FA05DC05AF94E9D6D5E1EF.62D74EC2EFEAC5E16C18583E075EBD0C88702667/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/5/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186283/mv/m/mvi/3?file=file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.153.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s58-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 21 Sep 2021 01:05:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Access-Control-Allow-Credentials
true
Connection
close
Timing-Allow-Origin
null
Content-Length
0

Redirect headers

Date
Tue, 21 Sep 2021 01:05:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Location
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6662EDB33D64A1DDA0FA05DC05AF94E9D6D5E1EF.62D74EC2EFEAC5E16C18583E075EBD0C88702667/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/5/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186283/mv/m/mvi/3?file=file.mp4
Vary
Origin
Content-Type
text/html
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Connection
close
Timing-Allow-Origin
null
Content-Length
0
Expires
Tue, 21 Sep 2021 01:05:55 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 38E0 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Fri, 17 Sep 2021 08:58:11 GMT
expires
Sat, 17 Sep 2022 08:58:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
317264
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame B135 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKIUgOM7K9bwSGe300FjSYg&google_cver=1&google_push=AYg5qPKjlRLcwNzHgztwGPCqEvbg-pJ5Ef6QOD5CLGYLjtp1DxyqIZtFW-LhMwd7iacSwPHFdd3_kaX5W_opDeUM5baIN9OxNkY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B135
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPK2afoRfSvLQC8XFqDEWUrSpLVzUKvIAHV_uYUkZIKDEvpQz0Ll3uGl5jhye8rj4SF5Q9it9msJOqyV3crbVUpK-iPE1eI&google_gid=CAESEFCQlcbqavG-WyPBZHCT8jE&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPPfpIoGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLMmFmb1JmU3ZMUUM4WEZxREVXVXJTcExWelVLdklBSFZfdVlVa1pJS0RFdnBRejBMbDN1R2w1amh5ZThyajRTRjVROWl0OW1zSk9xeVYzY3...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTVVEdmNvRUtiVi0yZzJrSDZWT05HblY2NzBNNlBUVkx2UjlFMTEzektEOA==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTVVEdmNvRUtiVi0yZzJrSDZWT05HblY2NzBNNlBUVkx2UjlFMTEzektEOA==&google_push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 21 Sep 2021 01:05:55 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwTVVEdmNvRUtiVi0yZzJrSDZWT05HblY2NzBNNlBUVkx2UjlFMTEzektEOA==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame B135
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDJVbqEVrO6MrRtrD_QAVNw&google_cver=1&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ
  • https://rtb.openx.net/sync/dds?google_gid=CAESEDJVbqEVrO6MrRtrD_QAVNw&google_cver=1&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ&o...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ&google_hm=uiDQJZ9ezm8pgC3LCD0BJg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ&google_hm=uiDQJZ9ezm8pgC3LCD0BJg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:54 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLuMkSvtJ7N-dmmqROVr9ufy5yWB6IRQKGT1oxM3TitHHEPJaPp4BD28G8DfkTNwcRKugFyEnV6u7t2dr4z_5qOA7v9qeQ&google_hm=uiDQJZ9ezm8pgC3LCD0BJg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
hah9epi5hsvlb63mmut5jpt47kmot4pa
pixel
cm.g.doubleclick.net/ Frame B135
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YNLclW39QluHVZHwPigMqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YNLclW39QluHVZHwPigMqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKU3rp1Hq3C4PcE1-LASBvxue5Awi1VWcwX_YSxfKLvWywT9kDAEzCW-NJwgYN__DlV9p4cxI6yoDR4O-L103SGb86SJeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YNLclW39QluHVZHwPigMqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKU3rp1Hq3C4PcE1-LASBvxue5Awi1VWcwX_YSxfKLvWywT9kDAEzCW-NJwgYN__DlV9p4cxI6yoDR4O-L103SGb86SJeg
date
Tue, 21 Sep 2021 01:05:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B135
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIGXjJ5WKw6mYEDCDGLFym0&google_cver=1&google_push=AYg5qPIwTAT_PR7eTpxP4Yjc3Ba4z7wSpFFtdcsxye91kGBMe3eTI1GUKLLtpC2vZhoGiRUOZaV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RURE0zUzMtMjAtTExLQw==&google_push=AYg5qPIwTAT_PR7eTpxP4Yjc3Ba4z7wSpFFtdcsxye91kGBMe3eTI1GUKLLtpC2vZhoGiRUOZaV6PmhFp24EaQhcGQB5CRGDByc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RURE0zUzMtMjAtTExLQw==&google_push=AYg5qPIwTAT_PR7eTpxP4Yjc3Ba4z7wSpFFtdcsxye91kGBMe3eTI1GUKLLtpC2vZhoGiRUOZaV6PmhFp24EaQhcGQB5CRGDByc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RURE0zUzMtMjAtTExLQw==&google_push=AYg5qPIwTAT_PR7eTpxP4Yjc3Ba4z7wSpFFtdcsxye91kGBMe3eTI1GUKLLtpC2vZhoGiRUOZaV6PmhFp24EaQhcGQB5CRGDByc
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame B135
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-...
0
0
/
cc.adingo.jp/adx/push/ Frame B135 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEGnvyBXr9mFiG5_dESMYF2U&google_cver=1&google_push=AYg5qPKiscrt4uLOCv4JUTxTkr2WLkizt7insHZIgF8z-6-n0ruWoEJgOY7lUCY34uBcnG3SWkYblNWUyKNWJqNSNO8SOUhpgw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.53.67 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-53-67.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame B135 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGloeb4PXdY17je7ue4l-N17JSXEau88q_SzLns41b_zmX2sIsTW2ZEAjjwdD-E8z6Llce
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210916&jk=2684485149987423&bg=!_f6l_rrNAAZWaDWkVmg7ACkAdvg8WuA3P3YGq34tPR1ACRTQFcrt-ls-cS9qB9X82shAExXBhkBGaQIAAALqUgAAADxoAQeZAqhGpoYbA8pW-VgRDkX2c_zUDdHvOvS9cq1O-doeT-02gBXKIaY4wYJa69oazvyqoxnaLFcYIMcf0d2bppNzL75rLwqv1uVN8clOpTnekPIrLWE9TXiuwhcguyEm4J-kNvImloF5Bl6hMj_s78UufsLUPjF-kuRqbs28cL-XeSmBLwdFR41vKLIrscaCJk-WRvpz9MoU1YC201bLRnhybm92eypvRXQZfsMa-QyyxGELPDV4-TMmD1rn7I3C8aIughqIKJmIyKcw9kf3HVvCS_Toz-0olSoy4UDejjU1bO93t9PuQh5ZXdjLOLcTy3p9_AcALhTLE_XqrCeMkxZEPBsDIEw8pn708PjdzuFAR2V-KuPlDE1L_gNP8080AUzEUj7rT8OfG0iTurF8HZFlawDn6fLRycbX4ZPyryH1iXQVxvOvPMupeaefC48T5jVyXV0lran7U8sJDVJ67vo7f_t8-EgmEaTak5CZI3BRpo0MZS1_K-J4DnQ8GdG9FO1gMwjhXZ44uLyNOg-GrmcaCofiRlavImAMWqVIYbO3CPrMCcedEf7fI6hsBOcVfPbYFcJrEyaNVhI3yWwhqGILBUO8oOtO7sqvnzcms_xgmMgEaUhd9TxYtAR3g_yzjyQ-ryKKb1nzYH1BaCK8JLPoX29y_0m8tD5_g78BLnZNfzWBFU9x_TXOJHgaNo-QDyk9B4hSfy3uLTefZmmkhsYT1c7-lVngRmFh3U6MC5_Pi5la0Pwf3IE6DsSvtK4Ce-x9Yt6pPaqJjs7lrr1881uezq26hnRBK6dRILC2UlymiuH6ikEJcdJ9zRm4GDcyNYapGNCPOCgsh4bMHjTLFrnrnBtfxSBN1VeE1UovOIz3YiI7wGo2_DB6wWFtNNXVRx2rWozU5Ata3OV0tw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
pagead2.googlesyndication.com/bg/ Frame 38E0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/ukq32vx5_McxUorQ07ipf3ke83RHIIB7Hn7ctuWmSpM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 20:22:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
362609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13277
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 16 Sep 2022 20:22:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F654 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAOct8S9JYbT9DP2M7_UPxs2RkAsAAAAAOAHgBAI&bg=!sLOls_fNAAZWaDWkVmg7ACkAdvg8WgRW6ck0nQSGybYbeGMXdCeWrTay8YZHtbeGiOnqG1IFWYPyWgIAAAJ0UgAAADVoAQeZAxG4ZH89lA5iRLoeGCGES_l5XXoDqbVxufG0gPwwSbdAV9atiZybRh1S1rUVuAB3BKNKuOGVTUzqBtGs8vhF92CTjjv6MrBalLHNHyI4u9U36kOLS5JLgpR87OHAkGDn0RmSIEiZ4ij1PGh6dHCEGjBE-80_XXhpvMi0Vu-gsIrOLqhMHU1TZ0mqp8sofemuzc7y9RWi8D-M6S1bzmyn-PR55921MVYp4znKLGmwGdoXQ3M6Gptq4ZrpwTheVG1_GwD8XLmA96uSwcJwFImr3ZMt76G76c0NlwM40cWWDi-QMi9jrC4ogoqyzqpFu8JkbqhEp0u2wbUPr8Hb1C0phqy9PTLJ3wmqx3euit-utWF-Z-VqTB2UjdSHjQQ2HZ2DlLFiNtaE8MZzLjS4RjNft2-zSA-NEodNmgTc8sVzD4JPcv4X1IcaQXeGE20G_rWQl5m-iE-nfxFVEcqqiDAVJoqXLijsAoq3oY8BvgZ3BvPuJiOOoLKpwQ0K9US7YV_aYfdm6EllcMdLC0kBrSC-E6_lgLsUOZlQbM8_0zDBgxrE8u4cpshNLUp3yrpBwmO-kGxmf61VIN_XW5uWchghIXiSVzo5RxeTfG-VRoE6h-1Rg1Vtyd_GthW3HXjsG2qUN8NoX5UN3tDVGEI5AprDLryEU66qWm66uWCC8xsw4-nE-EDKrAna5lPXsC2BMHg0p-hgQwVm_whS7Cpv_Ty8EeabUSZhBRdaGyzg3cqGwmeL41mt34fn1_IJ6eni_ycO7mF7OkaGj-HDFtvzDQkrNnRy98OTp8OR_ilM9JE2u7PntVXD3W2ODKOs3eNLu8jojkQ9Fzc2vlR_-PjmzXsdbdaexVosG1Rhi_bH7NO4ZvHqly5-GK70sAy6t0mncQxsxJWdNtdVTojujfE6xuxFmlXVaUcl1VRjLk_TgmPbIk5Gy__2lP2EB4512EettxM_P5nZOqMqw1pBRznyvCl2UO_5gbyf7csI5Yn5dlJEi_AOPiw2iiQhxvLkhjR_uysN9rrNM1ER8zyiNFT8a9VhgKfVzw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD01 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGGKX8S9JYc78DaqF9u8P8qmj0AEAAAAAOAHgBAI&bg=!xsWlxYHNAAZWaDWkVmg7ACkAdvg8WqFdnEgkeVsqfGeG1DBA59vx_4DSdum3I_fWwqAw0gyna3juOAIAAAJ0UgAAADVoAQeZAu1ncv37vavgCHZlSfCubkSmxAT7bRV7_m_ze7A3ZAzBmsqANPb9I41fbugw8h5b9HPtKyGZ5R57LEJHzulmGEwbzkyT1m_NjNrsWpet6HScwVbg3ucuh0VksLsPGuuMaWwGkyoauYymsstdLlX5WQT6yECcrtIezoxGp0LrD6AlPxyGdUkOKstJVPk5drxelPwyKthl4-62vscm32bQAZqOpkW4_YhDmAOe9jTkzvGhwcAfQ6bCOCQ1FDKuFIHzJFmyouI9CaS0EIMjSS8wf0G2mt6dPoLsMfRf2rcOtBP32CNmY0KUxckN7BhUscM1mGzohd5o6fLZ90vc7qQY7B9l3Yg8eKg6ES7G_dNSandwurXRWfuiGQ0n6OKNNuogaB3V2Wy8Mftke4KAIOAqEU6uz2bOZ9ydr0Cf0X18N60N-8EZoDZpjYUatRObw0Qbki9bFsVLf1xa9poJROCwR32qrGq6qxhZCCBK0RUOWj3cyldxKdHcLry5L91vxG8nok1ZID8n7HtT_dXRdPo7WJWt1OomB9VNQVxJ04RRNzG0HbG9KoybJhn2kE3H7k9c0f-CDAZHJLTlqxyRAck0bgvbY5qT1sYvBTG6CQutFkBvI6cpwoWEAXecBz3yjwkWNNax6IgPu6R-4LRO-SN8RqLa2I5x-vFMMO0wgxxJLibefA5JfGKtASZJU6vTxpwHh3KTScsw9Wib4U-A-8-UBkhUJGdPkz8rn-C4dhpYcFa3tSilcgVLcrDue7j_v0q85Jy8QCYSnoi8YQhsLmgFoCSe6lor_LrkR4M_piNJpFetQenSgFrnJmg3vY4dIVW_eo_FmkmlpkthgufVZ6IwYBBmCcic9ae5TZrF1oXiDpVeugxoWqtcFmcTuYIF_Um1s-vzyXTx1S5UmlpIUVefhJERKTHdCwbNVgZbar7_48FadsDKb2-Ng-kEc4evyK1bYcXuFFMlGcNqCYCjrGG0Y9jw_ZLpnzTwTqgpD1QHyw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A150 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BLhto8S9JYanVJpC9lgSpmq-IBgAAAAA4AeAEAg&bg=!jI-lj8vNAAZWaDWkVmg7ACkAdvg8WslhWmQrUtmT5y4v145cEpkesPH7wmq5k6gboc0tj5awxXCvrAIAAAI_UgAAABBoAQeZAu1ZjDA4ztlVN5wkifRCCRT9pn8TSimZWw5gUNKGIf108bBj1aamvO6KauiUm0bWEwJ4NeyGiUc0AATBT14ELOsZzbl0fvyIqATCs-vBk3WzixERpUEOSdIW-F-DPWbVnnARppdPgVTn_vWdod2cL5i-4pqRi15cLhy4_zJw0lAfaMdu2YZYJk-eMI2D40b9CRg40hlAgvtoS82Hw1z-hz6dY0v11sEzAPRCmH2cJ3gup16J36O5d1xupUccxlfKsrY5_0-UI0pvWfeSk-ivhyju1XVVap2ad33AR07eQhvGYLWB_3grirlK4cqrazbn6TPsn5qEHDUMi-oAIm9G91T_LhhR58pQaKuNSovJ9LYjBwzwA1tIX5YeAdEZkG2JoSQ48C7NgKPkSJcl4-pP1yscMVNKoYFPPMJGoLmAVOjyOv21Sp-sgtI28wnuwNUvPfadNiEj6rx0nZxkGEqhoKSlyei-C2cAv05S25UHk7KzOhV3_r-IYve3kFg4RssnAPFSFLBRWatrwsQOlroBLI7u3pYuj91DhQOQgNrW0yeOvwW5bwf45JJFxaPz73Nn8lYh9ML9jqgQhjMBuO3BIHe1OsbHAKTB4RpMmJ0MgRwHNxa1-mAR-5hKXcZLqzOX42FJd0jvuuOScSkyRCIK5Q2WSckx9IFh0rRS3Hcsk_xcLuzbwIc7I7rJeuTTYK3PuBJlw_aN33gyGplfw9g5J-c1SgEqJXvkAqTzgJRn6hcdYl9aBJqEcK9KqxRiGbBczqCeaDc_tEdnoftXZRxENrm4R-SIUrkWUt_MAE_9QiJspidoeG6RBJPHD8ILbrabIiDNPNCT8zS5D5Jy6XJBqQgcEAQNAId6WUrogF_-SD9Ouelol73ti1xQi7LeMq8EsEOjwzGz-v5foC1dxe3WRcTqkzv2o9dRb7qGiL3jZdA9Qqq5L1NLEPOBrzy4Cf92ylxfT_7T4ILIiDnIgsYi8VlvUaWziME9I_n6Aeak1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B0Q4Y8i9JYa7pN422-wb8g4rQBwAAAAA4AeAEAg&bg=!QUKlQgbNAAZWaDWkVmg7ACkAdvg8Wg3VrPlc6Lx905GMAqKUZWp-sU7a2XQT3z3Y7vLRdNxxhAmOPAIAAACqUgAAABBoAQcKABCmoA1iY3EIfiWTc5U04bA7mQMCu_OdhxKIs4PzRxDbt5FmBguyJxaBx1xoqcurXLjlt3D9k_1flf66n1ulLy-OgTtof6JaRs0N0rWFp0VZPZxMxlfE_atKGXfAo2uUaLevSAJt2hPzGgF-wrs0qTT_-c8Amopv2t-pEzvUsldtkVhrmGYk1U7sL97eekWUqgU-nkToMI1KS9TynjntT0by4h_Bamm-CnoezZocsnggOU-x0NrhKf7SR7tR4r-cHSqNe8fElBbrCb4s_p2GyW0u0cRuL-que5gSPKza9szfWH6urAHG3pAR3HJWh3fRbTbq20twEQo1fu8EbqWCKc_IxBC3n_yQgVIpR-Rr6c26TIa_G-rsCQQUCHx9MzyN7FKAmiR-RKMSCwCPSjIUXOk6GBgY2Y17CbEBTbYL7uvet9XZxkskdqlXpf84UpGqkpyV8jCHPe3Ov8HQg0RKwTFkpkStyVtW-OeNgdGhA5UkOoiIWLObs14PNkMD9Pk9isO2WetTPfpB4KQ_CRl5JdAm5WHYRx7-BRgloS3nDhAZe7JQ_-cy6Y7tFg4isU3C4n9UkgjPSdjikuNU4Wvkj_iRLzyOWCO42VgzVVI19EdN2FyGbO8QYT-VXIdjxmRvtrNG06__WrGvhjVHG0KVoWQT71FwPLLT6kNVIvdfnbVSRleUxv75fCyxB51FdAkaI6fc7BL8YZrbjWJFX4lmHz0cMwLXKCPCeaTPWSyGujIdPW_v83h2aLKn6NuBeywf_OGildd5_MpK8QirzajnWBxrka0QbascSsKbPh2y5OZKxZhgAXTT4QZoXCfF00Wp_GnNQXvDl16Ovj2eXkgLgpzeRwgovVKGZfETfnNubhrEjMwf_GKI9qR6_1AK3ellaIMDORpVRkMt6cmeYj_zhk0BmNZV_IUebpuPUcIws0Ap8QaQrEEm4DMnRBHf-ZZJKl8m1m7aEkEND6CgVKrAi4C2D3Mq3DfArbsT_fKyk2CdekZqB7wVqev86GXt_p6gPbiNrd7-Hc5d_YbJ0LRNn64gPa1i1Dc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B88 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZ2SznNopsPgaOgWdVwbEZU5GvGMs-HLTq9pp46JPF_wl8z5QavnBM1gWwim3bdY9hvKuuTZKY0f7mnp2sy5FUuWvtgv0BustGFA&sai=AMfl-YRccaSHVxoiuw7PUmdtxGXOVmq2xkTaZULYKv75yGuMCzAyMwqdut2i3a9IFLOPB2AkPNp6PIgP8z7C&sig=Cg0ArKJSzPT1u2VWt-2_EAE&cid=CAASBORoZSQ&id=lidar2&mcvt=1003&p=50,1322,654,1442&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20210920&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=2656946602&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632186353714&rpt=695&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B7DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5F2qu07fjjhM8He5ocJwHPSjG2zcSmlcIqKpwtjmr-ISJAD8O30P6fLNP5Qbc737N932yXR2Sw8bcWKBqxSaYu0xhqg_Lhyo9wQ&sai=AMfl-YS5Kj0bBW77qqb455hpBg7hBoWMkUNnkJETUC5kLiqsK8tFzmuzcAPj0Ta7vE2X8w1rYs-evMAy4AuB&sig=Cg0ArKJSzBHF-QbwyEq9EAE&cid=CAASBORoY0A&id=lidar2&mcvt=1000&p=50,158,654,278&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210920&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=644353800&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632186353662&rpt=773&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A4CC 		0
775 B 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6662EDB33D64A1DDA0FA05DC05AF94E9D6D5E1EF.62D74EC2EFEAC5E16C18583E075EBD0C88702667/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/5/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186283/mv/m/mvi/3?file=file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.153.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s58-in-f8.1e100.net
Software
gvs 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 21 Sep 2021 01:05:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/plain
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Access-Control-Allow-Credentials
true
Connection
close
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4CC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=notify&exchange=adx&creative_id=231531889&creative_type=118&usl_id=171142137209&errorcode=400&asseturi=https%3A%2F%2Fr3---sn-4g5edn6r.c.2mdn.net%2Fvideoplayback%2Fid%2Febd2c5d015d50af8%2Fitag%2F343%2Fsource%2Fweb_video_ads%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F1663722354%2Fsparams%2Facao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source%2Fsignature%2F6662EDB33D64A1DDA0FA05DC05AF94E9D6D5E1EF.62D74EC2EFEAC5E16C18583E075EBD0C88702667%2Fkey%2Fcms1%2Fmh%2FLa%2Fpl%2F24%2Frm%2Fsn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s%2Freq_id%2Fa935962db124a3ee%2Fredirect_counter%2F5%2Fcms_redirect%2Fyes%2Fmip%2F216.131.114.235%2Fmm%2F34%2Fmn%2Fsn-4g5edn6r%2Fms%2Fltu%2Fmt%2F1632186283%2Fmv%2Fm%2Fmvi%2F3%3Ffile%3Dfile.mp4&ord=25921924&offset=[CONTENTPLAYHEAD]&d=APEucNUEiJW5UEQ-iCpsJvx6RLBbE8rHD3CXsLToQmDA8bFDY4emWOmuTRJjLxrZWnoXhwFeyZdu--5NUTXXaxz4zOChYFFPtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A4CC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CBrZG8S9JYaCeGuqX9u8PnaS2sAiw0oL5XL3b7oa7C6XNiYTjGBABIIa6tX9gyQagAejOuIsDyAEFqAMByAObBKoEygFP0FdDH_7EmoR_QK0o4kUULb86X1W1EYdcZL6ourPgnkTynAr8l1cS3hehjHtL1z2MJEQ79Umgl0uzuUHkLhuqjqJvlOQMENMzK4dh5jUqf6kINaJEQrXBRqU0ZeWC5GLmnfYGXE1QRNQqkFlAveZLJFobkcmEeKws9hSMO1dNRFiZdj4G3mp8QQ8e1VxNeEDZ_lKrmcEJV4t3qqpqqcDDQhp1sBkT0_sOyWFxCEs8B6GoMPTdbgsmPZnEcvFKi_dtigqbSnVfvOhdwASI6dzw-ALgBAOQBgGgBnaAB4Cxx3SoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB-ACgHICwHgCwGADAGwE53lugzYEw2IFATYFAHQFQGAFwE&sigh=7Lur67jBebE&label=videoplayfailed400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210916/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4CC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-error&code=4&message=MEDIA_ELEMENT_ERROR%3A%20Format%20error&eventType=video_element_error&clientTime=1632186355482&ai=CBrZG8S9JYaCeGuqX9u8PnaS2sAiw0oL5XL3b7oa7C6XNiYTjGBABIIa6tX9gyQagAejOuIsDyAEFqAMByAObBKoEygFP0FdDH_7EmoR_QK0o4kUULb86X1W1EYdcZL6ourPgnkTynAr8l1cS3hehjHtL1z2MJEQ79Umgl0uzuUHkLhuqjqJvlOQMENMzK4dh5jUqf6kINaJEQrXBRqU0ZeWC5GLmnfYGXE1QRNQqkFlAveZLJFobkcmEeKws9hSMO1dNRFiZdj4G3mp8QQ8e1VxNeEDZ_lKrmcEJV4t3qqpqqcDDQhp1sBkT0_sOyWFxCEs8B6GoMPTdbgsmPZnEcvFKi_dtigqbSnVfvOhdwASI6dzw-ALgBAOQBgGgBnaAB4Cxx3SoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiAYRABGB-ACgHICwHgCwGADAGwE53lugzYEw2IFATYFAHQFQGAFwE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advertising2.
fundingchoicesmessages.google.com/f/AGSKWxVUWlGmfJhS7sBMqXNBPeECGJK64QbkcxDZaXND2VpP6yZVA0PpvEDA8kGbehOrB9rlkTu_DqhQyWnjNJDsJQcG0Zhih2fHWXRn19OvnzTQ4Jopeid965aPZsbrI1G-_Z5qM7sqrqoaa11IZ3ujwDALGj0S6... 		54 B
106 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVUWlGmfJhS7sBMqXNBPeECGJK64QbkcxDZaXND2VpP6yZVA0PpvEDA8kGbehOrB9rlkTu_DqhQyWnjNJDsJQcG0Zhih2fHWXRn19OvnzTQ4Jopeid965aPZsbrI1G-_Z5qM7sqrqoaa11IZ3ujwDALGj0S6mnMxxG8oaRyWCfleaHvyiFEriJho_3fwIg8cmIuETMCoJ2lG48k9MRODyojkIWeFOfRz8q8qmsM7e0ZTjI=/_-banner300x250./adclient-/bvadtgs./ads-cch-/advertising2.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.gZb8zIzxAxc.es5.O/d=1/rs=AJlcJMzZ14Ihn7KNn1ICOb62HthsIseH8A/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e368e091cca0563463aa56b6696f2e52fc24759f1e0957cf3fe3cc18bd3dc5d3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WqRSqnAEyFdy3LuHHBrRBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WqRSqnAEyFdy3LuHHBrRBA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-WqRSqnAEyFdy3LuHHBrRBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WqRSqnAEyFdy3LuHHBrRBA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.gZb8zIzxAxc.es5.O/d=1/rs=AJlcJMzZ14Ihn7KNn1ICOb62HthsIseH8A/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
cb5bc673a8b21b35caa73f4e692e73b72405b9733fa15821efd235720fcda0ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49133
x-xss-protection
0
server
cafe
etag
10526510731543585738
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Sep 2021 01:05:55 GMT
AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.gZb8zIzxAxc.es5.O/d=1/rs=AJlcJMzZ14Ihn7KNn1ICOb62HthsIseH8A/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y5kwoxn3/hE6dekCWsM4xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y5kwoxn3/hE6dekCWsM4xw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-y5kwoxn3/hE6dekCWsM4xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y5kwoxn3/hE6dekCWsM4xw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.gZb8zIzxAxc.es5.O/d=1/rs=AJlcJMzZ14Ihn7KNn1ICOb62HthsIseH8A/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rZWYdHlGBbnHgmk3fYqXvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rZWYdHlGBbnHgmk3fYqXvg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-rZWYdHlGBbnHgmk3fYqXvg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rZWYdHlGBbnHgmk3fYqXvg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.gZb8zIzxAxc.es5.O/d=1/rs=AJlcJMzZ14Ihn7KNn1ICOb62HthsIseH8A/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E28a2KfHxMfLoB9q8Ff+Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-E28a2KfHxMfLoB9q8Ff+Dw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-E28a2KfHxMfLoB9q8Ff+Dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-E28a2KfHxMfLoB9q8Ff+Dw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWM15ks77ic5Dgt9f3chboVrbCYf4bf_B1W2g5galByQPc0e-41-5zOmTO6RXU9zE5dSVO5jofV3DIQU_5b-MdCLITtkzKele4ze0Lpsdnzuduguc48SGPzNRgYGC3IVKiHFow1EMEOsWc99GGmc383hhQo1ccnhbuv_cz7lm7JOeZ4W9VXkD2ovW0Y
fundingchoicesmessages.google.com/f/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWM15ks77ic5Dgt9f3chboVrbCYf4bf_B1W2g5galByQPc0e-41-5zOmTO6RXU9zE5dSVO5jofV3DIQU_5b-MdCLITtkzKele4ze0Lpsdnzuduguc48SGPzNRgYGC3IVKiHFow1EMEOsWc99GGmc383hhQo1ccnhbuv_cz7lm7JOeZ4W9VXkD2ovW0Y?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMyMTg2MzU1LDU3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsMTAsNl1dLCJodHRwczovL3JpZnR2Lm5ldC8xNjkxOS5odG1sIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.gZb8zIzxAxc.es5.O/d=1/rs=AJlcJMzZ14Ihn7KNn1ICOb62HthsIseH8A/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
8dd70562553cda82a1b51d24b94e15ba374b2b0ebe864b84005cd297f87b3b51
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IepSmRDJiq/7JMgHDY4SbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IepSmRDJiq/7JMgHDY4SbA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-IepSmRDJiq/7JMgHDY4SbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IepSmRDJiq/7JMgHDY4SbA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU4ZECOe3mgt9dGT2yDtJkcRDW7u4VT_ZdW9TsjKGNhy9AljdAT5IhA2FYVWu5tzg_fDsoO8AroOo0ihm5WBvCV_c5Flsy5P0yKNcCgRUHPSU00SXoa2WkU8n0d3L3hXV2UtepnVidY-4E7XBLmCwUSUUO_fvWHxs3VrMPUT2BwY7E9X9qFFvkiHA6-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.gZb8zIzxAxc.es5.O/d=1/rs=AJlcJMzZ14Ihn7KNn1ICOb62HthsIseH8A/m=detection
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wSF2j2RFZ3N33wflvAOBdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wSF2j2RFZ3N33wflvAOBdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-wSF2j2RFZ3N33wflvAOBdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wSF2j2RFZ3N33wflvAOBdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVVDUeIUwct83BFGP4XSyExqIfFjVWs1TRP83VHZXkqTwWMwgHGlO7uwLhcwYWjioFi-ygzi-rR7EMVYlQed0QqwZbIX5tL_pVUpc1ZmzWKrO6OZj-5Hsx9H595y7jfPux-Zuced8CLjHa0GZywibPYXq13xcrV_PMPY8q7gcGSBozEJEmamCyicpNL
fundingchoicesmessages.google.com/el/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVVDUeIUwct83BFGP4XSyExqIfFjVWs1TRP83VHZXkqTwWMwgHGlO7uwLhcwYWjioFi-ygzi-rR7EMVYlQed0QqwZbIX5tL_pVUpc1ZmzWKrO6OZj-5Hsx9H595y7jfPux-Zuced8CLjHa0GZywibPYXq13xcrV_PMPY8q7gcGSBozEJEmamCyicpNL
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.bkckO5hXeoQ.es5.O/d=1/rs=AJlcJMyhSMjD9HnSFP65e8Mhj2p0dlU6cg/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NhAPwD5MfycnWvqhjLUD8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NhAPwD5MfycnWvqhjLUD8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-NhAPwD5MfycnWvqhjLUD8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-NhAPwD5MfycnWvqhjLUD8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVVDUeIUwct83BFGP4XSyExqIfFjVWs1TRP83VHZXkqTwWMwgHGlO7uwLhcwYWjioFi-ygzi-rR7EMVYlQed0QqwZbIX5tL_pVUpc1ZmzWKrO6OZj-5Hsx9H595y7jfPux-Zuced8CLjHa0GZywibPYXq13xcrV_PMPY8q7gcGSBozEJEmamCyicpNL
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVVDUeIUwct83BFGP4XSyExqIfFjVWs1TRP83VHZXkqTwWMwgHGlO7uwLhcwYWjioFi-ygzi-rR7EMVYlQed0QqwZbIX5tL_pVUpc1ZmzWKrO6OZj-5Hsx9H595y7jfPux-Zuced8CLjHa0GZywibPYXq13xcrV_PMPY8q7gcGSBozEJEmamCyicpNL
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.bkckO5hXeoQ.es5.O/d=1/rs=AJlcJMyhSMjD9HnSFP65e8Mhj2p0dlU6cg/m=cookie_refresh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fvo/I+NDjo0I+oYS+P0vIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Fvo/I+NDjo0I+oYS+P0vIg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://riftv.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 21 Sep 2021 01:05:55 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-Fvo/I+NDjo0I+oYS+P0vIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Fvo/I+NDjo0I+oYS+P0vIg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A4CC 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kttdm3lr&c=3652512534151&slotId=1826256267075.5&qqid=CODatv7vjvMCFeqL_QcdHZINhg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=866&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=17&vhc=0&ccc=3&ccrh=0&ccri=0&ccrs=3&ccru=0&ccrhc=false&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0&met.4=err.1pc&aec=400
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210908_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI6ZHD_u-O8wIVkJ6FCh0pzQthEAAYACCTl_dGQhMI5_Ck_u-O8wIVS_K7CB2rIAOP;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D2132,0,0,0,0%26mtos%3...
ade.googlesyndication.com/ddm/activity/ Frame BFEB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI6ZHD_u-O8wIVkJ6FCh0pzQthEAAYACCTl_dGQhMI5_Ck_u-O8wIVS_K7CB2rIAOP;met=1;acvw=sv%3D20210908%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D2132,0,0,0,0%26mtos%3D2132,2132,2132,2132,2132%26amtos%3D0,0,0,0,0%26mcvt%3D2132%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2418%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D1%26dur%3D30072%26vmtime%3D2446%26dtos%3D2132%26dtoss%3D1%26dvs%3D2132%26dfvs%3D2132%26dvpt%3D2418%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642445658%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2132;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1632186354100;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BFEB 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuDk5a-uJmOpiSjmiYOjAAJ_Q_iKhrZ5wgqsr_XhhseBRRRuEB-sGTozTx-Hnp4WMA1EDrhDWswmPnfRWrX8awUP7tkjyO1HzdAwC-h4Bk12ez1uc&sai=AMfl-YR8DGL061fXjI4fsvjELXU2-CS_jmtkDhElPXKK48_kE0IKW0PzbkQOa4W-WAwcyZWtjO6f3qsXSno0&sig=Cg0ArKJSzN8NN3qOaEh0EAE&cid=CAASBORofc4&id=lidarv&acvw=sv%3D20210908%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D2132,0,0,0,0%26mtos%3D2132,2132,2132,2132,2132%26amtos%3D0,0,0,0,0%26mcvt%3D2132%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2418%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D1%26dur%3D30072%26vmtime%3D2446%26dtos%3D2132%26dtoss%3D1%26dvs%3D2132%26dfvs%3D2132%26dvpt%3D2418%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D642445658%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2132&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1632186354100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Sep 2021 01:05:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect boolean| originAgentCluster object| __cfQR object| __cfBeacon undefined| $ function| jQuery object| _wpemojiSettings object| $document boolean| wpquads_adblocker_check function| gtag object| dataLayer object| taqyeem object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| sf_position string| sf_templates string| sf_input function| documentInitOneSignal function| OneSignal object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| ce4wp_form_submit_data string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wpcf7 object| tie object| gaplugins object| gaGlobal object| gaData function| createTicker boolean| isInTag function| typetext object| tie_isMobile function| tie_SmothScroll object| html5 object| Modernizr function| yepnope function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| browserPrefixes object| jetpackLazyImagesL10n function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| wpquads_adblocker_check_2 object| google_image_requests function| sf_addItem object| flra_array number| MainContentW number| LeftAdjust number| TopAdjust number| RightAdjust number| LeftBannerW number| TopAdjustScroll string| leftDivID string| rightDivID object| objAdDivRight object| objAdDivLeft object| body object| html function| FloatTopDiv function| ShowAdDiv number| startLX number| startLY number| startRX number| startRY object| _stq boolean| __cfRLUnblockHandlers function| st_go function| linktracker_init object| wpcom function| onYouTubeIframeAPIReady object| $fade_object object| $window object| $the_post object| $wrapper object| php_js boolean| isActive object| GoogleGcLKhOms number| __oneSignalSdkLoadCount object| _oneSignalInitOptions object| googletag object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingLoaderClientJs function| __Y9uNstf385Zx__ object| __fcInternalApiManager string| ZmZjNjEzNjY0Njg2M2QxZWxvYWRlcl9qcw== string| ZmZjNjEzNjY0Njg2M2QxZWNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ boolean| 7f8b8cc2-2352-41c9-8e0b-4f463f864f18 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__

26 Cookies

Domain/Path Name / Value
itsssl.com/ Name: PHPSESSID
Value: qk16le4k6o46c05d73obuu2do4
itsssl.com/ Name: short_nuOg5
Value: 1
riftv.net/ Name: quads_browser_width
Value: 1600
.riftv.net/ Name: _gid
Value: GA1.2.1907773539.1632186353
.riftv.net/ Name: _gat_gtag_UA_186817945_1
Value: 1
.riftv.net/ Name: _ga_55TCKJ2V2B
Value: GS1.1.1632186352.1.0.1632186352.0
.riftv.net/ Name: _ga
Value: GA1.1.1068792509.1632186353
.riftv.net/ Name: __gads
Value: ID=33ba138d63e17d46-22003e313bc90067:T=1632186353:RT=1632186353:S=ALNI_Ma5cdB-3YLQ5jrvtPQ62bmi4XdwnQ
.revjet.com/ Name: trx
Value: 5004185298543003745
.revjet.com/ Name: ads
Value: a1d812f4c41c8e36b4ee13868db1d584
.doubleclick.net/ Name: IDE
Value: AHWqTUk9aLi94BWvFU6MLRC-OGyhebXIcA3XHTUot3MbneR_OBKfaPfPFxuO_Fesdos
.casalemedia.com/ Name: CMID
Value: YUkv8be21Xa9bWAa5SNoRwAA
.casalemedia.com/ Name: CMPS
Value: 3201
.adnxs.com/ Name: uuid2
Value: 4365584116400444903
.casalemedia.com/ Name: CMPRO
Value: 1196
.casalemedia.com/ Name: CMRUM3
Value: 2d61492ff22760
.openx.net/ Name: i
Value: b6da6540-9f5f-48b6-9522-a994bf030861|1632186355
.casalemedia.com/ Name: CMST
Value: YUkv8mFJL-MA
.quantserve.com/ Name: d
Value: EBoBCQGmJIEA
.quantserve.com/ Name: mc
Value: 61492ff3-1dd1b-c3bfd-f9a6c
.rlcdn.com/ Name: rlas3
Value: iOHCIlLFMxxsGQDEtH3MonjcBQze/OveLfC9P9qacDA=
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 60D2DC95-6DFD-425B-8755-91F03E280CAB
.rlcdn.com/ Name: pxrc
Value: CPPfpIoGEgUI6AcQABIGCOndKhAA
.riftv.net/ Name: FCCDCF
Value: [["AKsRol8jWz8a2DlJu78tbHOlIYTLEpy0W31LBeVYlX5hDvKy-oKIAcO9yT7ehcp1_f2B7_m5jrBWk0FXlK-Yxt9yw--1QXQRSKERNwy4PdmyE1-j4GZdAsgAUYv-7_EazXrrDvvdGrb5hkQE5TyxgMfMWdQXF2A1tQ=="],null,["[[],[],[],[],null,null,true]",1632186354310],null,null]
.riftv.net/ Name: FCNEC
Value: [["AKsRol8jWz8a2DlJu78tbHOlIYTLEpy0W31LBeVYlX5hDvKy-oKIAcO9yT7ehcp1_f2B7_m5jrBWk0FXlK-Yxt9yw--1QXQRSKERNwy4PdmyE1-j4GZdAsgAUYv-7_EazXrrDvvdGrb5hkQE5TyxgMfMWdQXF2A1tQ=="]]

4 Console Messages

Source Level URL
Text
network error URL: https://riftv.net/16919.html
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6662EDB33D64A1DDA0FA05DC05AF94E9D6D5E1EF.62D74EC2EFEAC5E16C18583E075EBD0C88702667/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/5/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186283/mv/m/mvi/3?file=file.mp4
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network error URL: https://r3---sn-4g5edn6r.c.2mdn.net/videoplayback/id/ebd2c5d015d50af8/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1663722354/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6662EDB33D64A1DDA0FA05DC05AF94E9D6D5E1EF.62D74EC2EFEAC5E16C18583E075EBD0C88702667/key/cms1/mh/La/pl/24/rm/sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s,sn-4g5ekz7s/req_id/a935962db124a3ee/redirect_counter/5/cms_redirect/yes/mip/216.131.114.235/mm/34/mn/sn-4g5edn6r/ms/ltu/mt/1632186283/mv/m/mvi/3?file=file.mp4
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YUkv8be21Xa9bWAa5SNoRwAABKwAAAAB&google_push=AYg5qPLzK9UwhIgxJR4n6R5XiVfg_l7rGz23l2sV-f1pjznsjRUewMITrYuzbT553vIBdP7urxSNh3GnHV1A9W11a-MLjVFEGIg&google_cver=1&google_gid=CAESEDCHTx-u2uaGaM-y0DHa0Ag
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ads.revjet.com
adservice.google.com
bid.g.doubleclick.net
c0.wp.com
cc.adingo.jp
cdn.onesignal.com
cdn2.revjet.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
delegation-sante.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
itsssl.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.revjet.com
pixel.rubiconproject.com
pixel.wp.com
r3---sn-4g5edn6r.c.2mdn.net
riftv.net
rtb.openx.net
s0.2mdn.net
static.cloudflareinsights.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
104.16.95.65
104.18.226.52
104.21.30.38
142.250.179.227
142.250.181.226
142.250.184.238
142.250.185.110
142.250.185.130
142.250.185.142
142.250.185.161
142.250.185.194
142.250.185.66
142.250.186.138
142.250.186.67
142.250.186.74
142.250.186.98
142.250.74.194
172.217.16.130
172.67.135.157
185.33.221.14
185.64.189.115
192.0.76.3
192.0.77.37
2.18.234.21
216.58.212.132
216.58.212.134
216.58.212.136
35.186.253.211
35.244.174.68
51.161.131.47
52.68.53.67
65.21.233.17
68.232.34.237
69.173.144.139
74.125.133.157
74.125.153.200
74.125.71.154
91.228.74.133
95.217.105.225
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06371d8776d82528f3da81be8a87ee02b9a4a98b2d8fe0f15e125074159b7a2b
0665f5f3dfc038e410e2f0004a1a5ff6d2d91f392dd32208606eb8ff51195172
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
0aebcd38397f33a5e7c8d39dd1dcb0eb19618cd23cd430a535c9e8666542c815
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c97c6ce5fdeb2d91e4bc6263d3714ca800b990c1994cf0b6dac0f23c8fbabfe
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
10a8ad27d3d8c4e6290003b77769e67607c5b15688c54d60f5c053a5e9c480eb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21601b8f3edd6ffdfc3620f88013bb7faa24d80ef224801314e15b06e4e654cf
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e71778fe6db4abb7e435d175d70a3c5e1fa1f352ab0fe4f6ed09fdc962869c3
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
33a7ea6f55d1f9fba10b5d0aa637da0f05e9fdd39913c139ed840e1791250172
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
406674b8b4de2041cf136fda82b9a1c3698facb1dc385acd861a779b1023a964
46b7f068c42f2f7db3a8f5a6a41d2731c251413b79478112dee394e725ec43ed
4776375aa38df1e318c1004e6e1e93fa8dd18f7317d866e53c7f744b00201209
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4c71cab3e2b7defd9022059c922d2c91359df1ba71dd47e8543b108c70537f25
4da9a73c699a8dd54f6da51d6f8ae8dbd5352900df1ac7fc51ed4a99450cd9ad
4dfdb5a5c15bcb974cdb34f60418979be5d6fb3ff4dba8b1d52f4574ea3e1710
4f98d34f016106cdba8016728c682f7d3612150c7f1f054d4f0ca1d4b450abfd
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb974d07fb81bde84cd96f0109c41d8f5287507d63c7ddd9832fc8674836805
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
550bee253a00a7e6089b3aa136a1f21d904592e93ee0740f08d4d36e4b1dcbe5
569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6039cdb2c8028b73ddb9d711e7eb22834a8e11ba865283a7ed2fd2c75a401040
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6321f8887dfb13403972e9fd32f67eb9f5eaa8aadc0a17f91205f4b8f4721634
6bd6ef384f95c63760a90ab5e6d0ddc45ecee28a134fd869dd7d6ff629a7b274
6f9571e5c399221c5bf9230df67613767a8554f2bb9f70acb9d5302945a06fb2
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
797fba42d38e7a8dc369b91337c52e831d8e725a5ec3dec546fec209c2c71639
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8dd70562553cda82a1b51d24b94e15ba374b2b0ebe864b84005cd297f87b3b51
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8e93414f896d6002f025697fd592d2393994fc8b21be6061dd55b8df904aa245
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92c811b4ac9b3f23ec0c8eadae3be374682a860d290aac9cde2a8a8911b7412c
92ed71cba1999e5fff7768eb192e7e91166780a642084c4ba2a758bfecfd84c7
955c98325a7e06af12c0e9a93a342ce5abe84b545e181ca0bdf110a1b5331139
9657b0a8fad94d69d0317ab203423ac22731eb3b4116482acd110ab96f976563
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b51b9247b3caa2e06dab13a5d7cc3e0e70b758ece980a094998b18c0ad7dd67
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a44356c0c4d0624295212693eedea7cf44072f112be6414e3bab086f68cbcaa5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5203d82659edda0e0a20ad736dd4d8bf5b84953be6cb7485805bc917116e678
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b199a83f7ca429779fd1388a0edb679440e028e793fd058e3fed8c9025504247
b21bba2a5f9f66f4ea29660babd03fa1fb7db245f0deecfe16c185a844b8524c
b2fc8fc8c825f829b53d310478a6ed56670be046dd85ad303353b450b96cc757
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
b4d843c4f416a55a32ca1b36f3e5005bd8fbfc2a9dc235d675ec2b8758d3c2fd
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b82e7af123915691ea31e2a9e6ec992e9fe4b184d7363c4176f57433f5ff6de7
ba4ab7dafc79fcc731528ad0d3b8a97f791ef3744720807b1e7edcb6e5a64a93
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
cb5bc673a8b21b35caa73f4e692e73b72405b9733fa15821efd235720fcda0ba
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf591ddcec9deb8c10d30c29e321596e39a4bbcfb0fd5b89113012a9a7b1fc6d
d2161c4ec5dbea0cebfa5527ae1b42fb982d5efb0b4c1647b2cfaf510c0070c0
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d939ddc5cd93ab33bd71f4bc65278fa38d9c3de95c26ab54e2e037c85fb7cd7f
da7ff45b69815432f69ab60b817a525cdf51526341ccd5594f048b5bd6cbd6ca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e368e091cca0563463aa56b6696f2e52fc24759f1e0957cf3fe3cc18bd3dc5d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8c2e4d6ab0ad2f055a6cc3c777d31531e665758db5ca815f2613afad72f7088
ec9ba8ea2e9004c97a81a78dd2d340952c5fcfc3942a44e429bf5b9e57133b13
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f0f1260904a73b9b9f4a6ba6eb7ec781dbeefcd88031cd4789d2819476437c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f610f8f9d6906db189fd2e6e79af43565e7f46a90a544096c8d9e00b7916bc18
fb75b99c3778d8ad13ed09653f69df9073f87d2fb257119652f027669e162d44
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe7faa8f7f7df216c49979c2908a59a1ddf004caf7918f1556d511acfe180af7
ff4d452039a0ab4ce44f3d708be0186d30d632b6ff65fd296a8a93b11ac7da65