urlscan.io logo urlscan.io
SecurityTrails logo

l.riftv.net Open in urlscan Pro
109.234.162.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zizouit.com/r.php?v=dD1jJmQ9MTI3ODQmbD0xMzk3JmM9NTIzNDQw
Effective URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Submission: On June 07 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 6 countries across 15 domains to perform 110 HTTP transactions. The main IP is 109.234.162.107, located in France and belongs to O2SWITCH, FR. The main domain is l.riftv.net.
This is the only time l.riftv.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 139.99.133.160 16276 (OVH)
2 15 109.234.162.107 50474 (O2SWITCH)
12 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 217.182.76.191 16276 (OVH)
17 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 213.202.235.10 24961 (MYLOC-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
1 142.250.180.210 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
110 29
1    139.99.133.160 (Sydney, Australia)

ASN16276 (OVH, FR)
PTR: vps-2a0a7142.vps.ovh.ca
zizouit.com
15    109.234.162.107 (France)

ASN50474 (O2SWITCH, FR)
PTR: dinde.o2switch.net
l.riftv.net
12    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
1    217.182.76.191 (Reczno, Poland)

ASN16276 (OVH, FR)
PTR: edge01.devgrid.net
api.miniature.io
17    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
www.google-analytics.com
7    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    213.202.235.10 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com
1    142.250.180.210 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f18.1e100.net
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i1-v6exp3.v4.metric.gstatic.com
1    2a00:1450:4001:82f::2012 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i2-v6exp3.ds.metric.gstatic.com
Domain Requested by
17 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
15 l.riftv.net 2 redirects l.riftv.net
12 pagead2.googlesyndication.com l.riftv.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
10 www.google.com 3 redirects cse.google.com
www.google.com
l.riftv.net
tpc.googlesyndication.com
8 cdnjs.cloudflare.com l.riftv.net
6 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cse.google.com l.riftv.net
www.google.com
1 p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i2-v6exp3.ds.metric.gstatic.com
1 p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i1-v6exp3.v4.metric.gstatic.com
1 m.exactag.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 www.google.de l.riftv.net
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 clients1.google.com l.riftv.net
1 www.googleapis.com l.riftv.net
1 api.miniature.io l.riftv.net
1 www.googletagmanager.com l.riftv.net
1 zizouit.com 1 redirects
110 27

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
l.riftv.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
miniature.io
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2019-08-28 -
2021-09-13		 2 years crt.sh
*.v4.metric.gstatic.com
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.ds.metric.gstatic.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh

This page contains 16 frames:

Primary Page: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Frame ID: A530729BC409B2A55B3E98E08C3EC4D8
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Frame ID: 760F52B338DD92B4115EBA5B704995E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=293675617&adf=814277786&lmt=1623024273&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&ea=0&flash=0&pra=5&wgl=1&dt=1623024273689&bpp=256&bdt=348&idt=58&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5042837193721&frm=20&pv=2&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: A621886ACBF1460C6919EFE9D1FE374A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=13&bdt=348&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=swG097dchU&p=http%3A//l.riftv.net&dtd=221
Frame ID: D377BCF25909D87C3D453EC2BDDBCCBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Frame ID: B1EE23CBBC400E76CA74F48537505185
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Frame ID: DD8BDD1F42BB6DB9CF398705CC68379E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Frame ID: 39F8BDAB6695328070A9684AC8D88D36
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1EBEDBAEBD4194654DD40208516615A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Frame ID: BCAB64C205F134E0006AA749B53E7BDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BCDB9450E677EC6EAC2F0077AC3A5158
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Frame ID: D1ED3E82A61BF66C0D4315ACD9C78970
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 760AD71FAD1B7B070E205CB6C4A94D8A
Requests: 2 HTTP requests in this frame

Frame: https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 487DD39D76C9C9536E16F1BA7B39D297
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Frame ID: 72DD8FF3B15AD8DD5542D39534D56C4B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D616F22508A9F0B878129CC90CC29461
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F53F99CD0FC4652A1222612722F57CCD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://zizouit.com/r.php?v=dD1jJmQ9MTI3ODQmbD0xMzk3JmM9NTIzNDQw HTTP 302
    http://l.riftv.net/WKkfU?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440 HTTP 301
    http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

110
Requests

94 %
HTTPS

76 %
IPv6

15
Domains

27
Subdomains

29
IPs

6
Countries

1159 kB
Transfer

2933 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zizouit.com/r.php?v=dD1jJmQ9MTI3ODQmbD0xMzk3JmM9NTIzNDQw HTTP 302
    http://l.riftv.net/WKkfU?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440 HTTP 301
    http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1 HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
Request Chain 10
  • http://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0 HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
Request Chain 11
  • http://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1 HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
Request Chain 13
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3 HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
Request Chain 14
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3 HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
Request Chain 16
  • http://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17 HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
Request Chain 22
  • https://l.riftv.net/HwlYZ/i HTTP 302
  • https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F13097.html
Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 97
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

110 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set HwlYZ
l.riftv.net/
Redirect Chain
  • http://zizouit.com/r.php?v=dD1jJmQ9MTI3ODQmbD0xMzk3JmM9NTIzNDQw
  • http://l.riftv.net/WKkfU?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
  • http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
HTTP/1.1
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 / PHP/7.4.16
Resource Hash
2ca6d9c1fe1793d432b8afee454b8e779f75ab0ee22faccf9a0a502a32737d81

Request headers

Host
l.riftv.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
PHPSESSID=67006d4785ef6844dee3390615b9113e; short_WKkfU=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 00:04:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.16
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
short_HwlYZ=1; expires=Mon, 07-Jun-2021 00:34:32 GMT; Max-Age=1800; path=/; HttpOnly
Server
o2switch-PowerBoost-v3
Content-Encoding
gzip

Redirect headers

Date
Mon, 07 Jun 2021 00:04:32 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
X-Powered-By
PHP/7.4.16
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=67006d4785ef6844dee3390615b9113e; path=/ short_WKkfU=1; expires=Mon, 07-Jun-2021 00:34:32 GMT; Max-Age=1800; path=/; HttpOnly
Location
http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Server
o2switch-PowerBoost-v3
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48419
x-xss-protection
0
server
cafe
etag
13744972075384101287
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Jun 2021 00:04:33 GMT
bootstrap.min.css
l.riftv.net/static/css/ 		89 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/css/bootstrap.min.css
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
fa9a3880a0d54a4bd990e2f63278be581b068336f34a39863e47ba65774d82d7

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
style.css
l.riftv.net/themes/cleanex/ 		87 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/themes/cleanex/style.css
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
fff5f15db7a6346794d255fa1e22caa0090efa107f34215e36cf5a7d986f776f

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
components.min.css
l.riftv.net/static/css/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/css/components.min.css
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
fa-all.min.css
l.riftv.net/static/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/css/fa-all.min.css
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css
jquery.min.js
l.riftv.net/static/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/js/jquery.min.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
05a8a5125b36da55ff02702436ee672fa3ddd45ccebd499a8fbff0461c8cba10

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
bootstrap.min.js
l.riftv.net/static/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/bootstrap.min.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
application.fn.js
l.riftv.net/static/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/application.fn.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
fc6c45fb43f51dfc76b7770b2e751e3400575327793dcd1eb257373af7857627

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
blockadblock.min.js
cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
  • https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4333456
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1309
cf-request-id
0a85621fc200004e800d335000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-1289"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f8N3tDkEp0X%2Bzu7OBEgEL4g5Z51LZMcIFWqN9C%2FAYHhU0dGATaIn3Cc%2Foishgxl%2B9TyH9Ngwjxa7H6zd%2BqJbjzEXwIBCY%2BLVsLiWMQdhZcQSX4nitEU3MNPveILz9YkZNHDxmu5poRFlc03rPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c744e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js?v=3.2.1
Non-Authoritative-Reason
HSTS
detect.app.js
l.riftv.net/static/ 		440 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/detect.app.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
35a7a78646d1367107f41a8e337a96914cdcff35df8d014508a380ab86b4c49d

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
chosen.jquery.min.js
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
  • https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
965096
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5483
cf-request-id
0a85621fc200004e80203c3000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e23-6956"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=52pFN60MeBke7ZjxIheUDDf5KDtF9u5ukdgLRaXCPVHYn5uf31IX1Bizv7PwV9vLthXrjkf%2Bed3lzbl9fVLNHz%2FaJd76PkCMG40ae0jLSo4bZqt83CA5SxIm%2F8KODY2Ri1ff0ySB3ybLsXFnNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c754e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
Non-Authoritative-Reason
HSTS
icheck.min.js
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
  • https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1557233
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1911
cf-request-id
0a85621fc200004e801892d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-11a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZyclW1DJQeGKmTBXR6t0J9bLcGvdm92n5ZjvWel3GuAeLNU3aRM1EZFzAn0TkFxFq4HPCO7appmSzlVJrs6LS0dQhUIhVMvhsUtSE9sQqGVYVBHUIjvKzmFuVIRIc7QVN33ysRd4ZvUWavn1Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c764e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
Non-Authoritative-Reason
HSTS
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1557530
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2906
cf-request-id
0a85621fc200004e803cbb6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-2824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3y2vzPUZ6Ty6cma8ZRyfEYKFQ3oykZLdniNMGesJw%2BltuHIj4IGocWNfvDyKZjVyTXxOUJ8NoUVbB5PClC5sj9dH5sQ2aFRfHFz3oYBbxCnwyjzU7gk7ttIzWz6wD%2B%2FJXVaKNN2RRU3Pslyjhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c6d4e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1556732
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5676
cf-request-id
0a85621fc200004e802ca19000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3uOv%2Fg0C%2BWfLNEWdtnRonbkURR3EzFvVVPZANwpdlNiAycOvbzlxoB3qBXVXBYkRHm1v9zVJNbkIpQwlm2q7OyEWUTeK0RYVzI7eIhrmSejAcoT7AQcFwC0nkrq1Bg7ljM8kwvNmvxHGDxjXdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c774e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
Non-Authoritative-Reason
HSTS
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4593222
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
948
cf-request-id
0a85621fc300004e803e3b4000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4HqZocE5Mlysni7b1Rjvz8sItGhi93OblYdBcOCuDKNkcroQEoH4OKhCz2lFj8dtuBxA6JZTATORZ7CC%2Fhgg2Gx%2FoGVbb2ysjZk6O8T2qZlVAqoLq11lA8H2ezE8t%2BfKiNU9fQP%2FGMwxPYmehg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c794e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
Non-Authoritative-Reason
HSTS
jquery.autocomplete.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
269967
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3860
cf-request-id
0a85621fc200004e804d906000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-331b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BMQ8Xbh%2BA%2FWWqVLUuOgpHbhCjKW1rCNc4CN74RyUahcYpdci4sz0uCah1cWQ4Rnvx%2BT7svrFbmUdoDKYvkLhNfxy2VDYVQTiccYiGC9p2TTXCDVll95IFi%2Bz%2FT4xQaDEnrEb%2F76Mw8PeCet76A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c724e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT
pace.js
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
  • https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
273574
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5158
cf-request-id
0a85621fc300004e80203c4000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f40-621b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XhEcekVZe%2B40QKXpNy9dGeTuK5kGAoCBcxf3ST7WfAcHbF54kcx72S%2BWAclBW5i%2FvfvJL1%2BCawGJWKoKFLkoe%2FPKAc2gjDFEK7AD%2F3flmyJeggXGa5NrXK7pBRdv8UQ9tesSDspsuOn7ijJftQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
65b59fac6c7a4e80-FRA
expires
Sat, 28 May 2022 00:04:33 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
Non-Authoritative-Reason
HSTS
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-186817945-1
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
839661c0a1c18b80c77189707d35aeda58b7c7bdd3901ef047738b95019ee766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35964
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:33 GMT
application.js
l.riftv.net/static/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/application.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
2433d15cf3fc19f8f5cafb0ac8bfa2a3eea71cea8c41b3e4a7ee84252a33bb1c

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
server.js
l.riftv.net/static/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/static/server.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
7d11e7e384579b55d578f3aec8bf96ba7ab144a1f34e36451556019113bb2b5f

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:32 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
auto_site_logo.png
l.riftv.net/content/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.riftv.net/content/auto_site_logo.png
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
35f79e2956b19a8822e2f2edbe9eae2c79507dd3f37cbf10d45ba6dd2cbff91d

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
last-modified
Mon, 19 Apr 2021 00:50:09 GMT
server
o2switch-PowerBoost-v3
accept-ranges
bytes
content-length
32340
content-type
image/png
cse.js
cse.google.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=9e2274aae0c331a16
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
74a39acaad6065841ef02c5fff6c28c4b394577992dae399942ad9715ba11f54
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2834
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:33 GMT
/
api.miniature.io/
Redirect Chain
  • https://l.riftv.net/HwlYZ/i
  • https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F13097.html
88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F13097.html
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.182.76.191 Reczno, Poland, ASN16276 (OVH, FR),
Reverse DNS
edge01.devgrid.net
Software
openresty /
Resource Hash
9d70b3b91c2311694a9c24cda3c76115e0a20640cc949b9d2d0ff16657afbe01

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
server
openresty
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
x-response-type
content
cache-control
max-age=86400
access-control-allow-headers
X-Requested-With

Redirect headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:33 GMT
server
o2switch-PowerBoost-v3
x-powered-by
PHP/7.4.16
content-type
text/html; charset=UTF-8
location
https://api.miniature.io/?width=800&height=600&screen=1024&url=https%3A%2F%2Friftv.net%2F13097.html
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 19 Nov 1981 08:52:00 GMT
main.js
l.riftv.net/themes/cleanex/assets/js/ 		892 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.riftv.net/themes/cleanex/assets/js/main.js
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.234.162.107 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
dinde.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
13de570acd88a220c7ded609d1d89a23bf3799113b60466fed8e8ddf663f70d4

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
br
last-modified
Tue, 23 Mar 2021 10:22:36 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/ 		232 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
254289178148fbf9ff689acd1e9bd49ad1a2cffbe7846305919678ec31213418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87688
x-xss-protection
0
server
cafe
etag
3714043755393298265
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 07 Jun 2021 00:04:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/ Frame 760F 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210601/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 06 Jun 2021 23:22:09 GMT
expires
Sun, 20 Jun 2021 23:22:09 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
2544
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
glyphicons-halflings-regular.woff
l.riftv.net/static/fonts/ 		0
0
cse_element__de.js
www.google.com/cse/static/element/323d4b81541ddb5b/ 		275 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=9e2274aae0c331a16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 04:36:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jan 2021 19:23:46 GMT
server
sffe
age
415704
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92401
x-xss-protection
0
expires
Thu, 02 Jun 2022 04:36:09 GMT
default+de.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=9e2274aae0c331a16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 04:30:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jan 2021 19:23:46 GMT
server
sffe
age
416053
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9032
x-xss-protection
0
expires
Thu, 02 Jun 2022 04:30:20 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=9e2274aae0c331a16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Jun 2021 00:41:02 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-186817945-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3190
date
Sun, 06 Jun 2021 23:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 07 Jun 2021 01:11:23 GMT
ca-pub-4786732530380180
fundingchoicesmessages.google.com/i/ 		89 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4786732530380180?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1cfbcb4a51657ecce989cd495b0f505c8e0d6e0a20aa1608d7aa88516bea668d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gakPa1tZlD4K2rqxZ0mI1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-gakPa1tZlD4K2rqxZ0mI1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-gakPa1tZlD4K2rqxZ0mI1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-gakPa1tZlD4K2rqxZ0mI1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
async-ads.js
cse.google.com/adsense/search/ 		181 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2442774fdb2795d05f483a682fd18b761abbeef07910d5ea62e86a6784cf81e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 00:04:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
sffe
X-Content-Type-Options
nosniff
ETag
"4423532091042216692"
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Accept-Ranges
bytes
X-XSS-Protection
0
Expires
Mon, 07 Jun 2021 00:04:33 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 01:42:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
age
426103
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
expires
Thu, 02 Jun 2022 01:42:50 GMT
branding.png
www.google.com/cse/static/images/1x/de/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/de/branding.png
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:02:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
age
489712
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1512
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:02:41 GMT
generate_204
www.googleapis.com/ 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clients1.google.com/generate_204
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 07 Jun 2021 00:04:33 GMT
Content-Length
0
glyphicons-halflings-regular.ttf
l.riftv.net/static/fonts/ 		0
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=540482268&t=pageview&_s=1&dl=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&ul=en-us&de=UTF-8&dt=Aidan%20O%26%23039%3BBrien%20expects%20High%20Definition%20improvement%20%7C%20Racing%20News%20%7C%20RIFTV%20-%20riftvshurtlink&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=674871542&gjid=1657214933&cid=928287810.1623024274&tid=UA-186817945-1&_gid=2037997725.1623024274&_r=1&gtm=2ou621&z=915282812
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://l.riftv.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVTm3GQ1NVYakUndlP_ZjUg5HAKSGXQGmcXzxW_1V9Vc0e2einsRXYwur55I6ekxQDfA4JhML0hdFYjFNmlPMc=
fundingchoicesmessages.google.com/l/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxVTm3GQ1NVYakUndlP_ZjUg5HAKSGXQGmcXzxW_1V9Vc0e2einsRXYwur55I6ekxQDfA4JhML0hdFYjFNmlPMc=?pvid=A0298512-26D0-4E33-9E2C-61F7497FD6DA&anonid=1AC5BBD4-74AE-4CD2-A319-614837A122C0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.6vT70H60lwM.es5.O/d=1/rs=AJlcJMzhB7ik6rZg2xPrYSKIIqtwMPn5YA/m=loader_js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+twSbJXAWEgvmQyuTLau5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+twSbJXAWEgvmQyuTLau5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
http://l.riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-+twSbJXAWEgvmQyuTLau5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+twSbJXAWEgvmQyuTLau5g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWmLfata-aHEegv27wIk3iHYtSogTnQeCcAINZQItk-Vs_cLGmbmlhyfwE0XXqFXw256CmbEiBddEb5Is_7O5E=
fundingchoicesmessages.google.com/f/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWmLfata-aHEegv27wIk3iHYtSogTnQeCcAINZQItk-Vs_cLGmbmlhyfwE0XXqFXw256CmbEiBddEb5Is_7O5E=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIzMDI0MjczLDg5MTAwMDAwMF0sIkEwMjk4NTEyLTI2RDAtNEUzMy05RTJDLTYxRjc0OTdGRDZEQSIsIjFBQzVCQkQ0LTc0QUUtNENEMi1BMzE5LTYxNDgzN0ExMjJDMCIsbnVsbCxbbnVsbCxbN11dLCJodHRwOi8vbC5yaWZ0di5uZXQvSHdsWVoiXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.6vT70H60lwM.es5.O/d=1/rs=AJlcJMzhB7ik6rZg2xPrYSKIIqtwMPn5YA/m=loader_js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48e56f559558a90e00044a2734ead4928241e960309b7646b909a9c80b313866
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5w9vU9bRx3HlyuPdM9GkTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5w9vU9bRx3HlyuPdM9GkTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-5w9vU9bRx3HlyuPdM9GkTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-5w9vU9bRx3HlyuPdM9GkTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=l.riftv.net&callback=_gfp_s_&client=ca-pub-4786732530380180
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ac264201f758f427b3286c36c1946801850c07f6b18199f95680f10888be4187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&tn=DIV&cls=cc-window%20cc-floating%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-right%20cc-color-override-1971232268%20&ign=false
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 00:04:33 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&tn=DIV&cls=pace-progress&ign=false
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Jun 2021 00:04:33 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=l.riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=l.riftv.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A621 		5 KB
717 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=293675617&adf=814277786&lmt=1623024273&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&ea=0&flash=0&pra=5&wgl=1&dt=1623024273689&bpp=256&bdt=348&idt=58&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5042837193721&frm=20&pv=2&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27ee9d60bb5e620c324ab38292a86d7da61081df6a23359fbe9b3371b980beb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&adk=293675617&adf=814277786&lmt=1623024273&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&ea=0&flash=0&pra=5&wgl=1&dt=1623024273689&bpp=256&bdt=348&idt=58&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5042837193721&frm=20&pv=2&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=215
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Jun 2021 00:04:33 GMT
server
cafe
content-length
694
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Jun-2021 00:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:33 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame D377 		405 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=13&bdt=348&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=swG097dchU&p=http%3A//l.riftv.net&dtd=221
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82778338e8d23aff623902d6ca4e74db300007b01ff81c85afba1496e3d148f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=2503452471&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=13&bdt=348&idt=92&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=115&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=swG097dchU&p=http%3A//l.riftv.net&dtd=221
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Jun 2021 00:04:34 GMT
server
cafe
content-length
203
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Jun-2021 00:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B1EE 		57 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc64f537ebaf0678afdd734a34498a98590c0f9c52c4d4fce2cef0304c67a7f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Jun 2021 00:04:34 GMT
server
cafe
content-length
22309
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Jun-2021 00:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame DD8B 		76 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
385f90f81c46f355a4a6cc24a246786656877202f6764fb4669c6f3112b7a759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Jun 2021 00:04:34 GMT
server
cafe
content-length
27091
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Jun-2021 00:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 39F8 		70 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e8f18e5714463a8976ab8c766d5efe42bfbd6427528574868f06548cf008016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 07 Jun 2021 00:04:34 GMT
server
cafe
content-length
24004
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 07-Jun-2021 00:19:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622805992319560"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28149
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:33 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-186817945-1&cid=928287810.1623024274&jid=674871542&gjid=1657214933&_gid=2037997725.1623024274&_u=YEBAAUAAAAAAAC~&z=2136667754
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Jun 2021 00:04:33 GMT
content-type
text/plain
access-control-allow-origin
http://l.riftv.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVldwFmv43GpQt4N4DidyABrqpstQqjQHaonTCHwzkEazzDoYRgKNBA1U4rUek1m5Je1WcpwZ9kMiNVCiAb2cCqkoIWI41BHRX3nHcIiQvv-dKpzOuaWTjgf6TX6HnIebjMdeKYILgCHNWpayuEnL_gZMBXc5nwM4FM5aM_gZcY89cBiJ2rXDdhc0ma
fundingchoicesmessages.google.com/l/ 		0
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxVldwFmv43GpQt4N4DidyABrqpstQqjQHaonTCHwzkEazzDoYRgKNBA1U4rUek1m5Je1WcpwZ9kMiNVCiAb2cCqkoIWI41BHRX3nHcIiQvv-dKpzOuaWTjgf6TX6HnIebjMdeKYILgCHNWpayuEnL_gZMBXc5nwM4FM5aM_gZcY89cBiJ2rXDdhc0ma
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.8Bi3xpk4YUM.es5.O/d=1/rs=AJlcJMxwiWwAbGG4fFJD_RHmfQ0G22j4Cw/m=iabccpawebsignalscript
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6VeLSTPR5s+pYdeY1PA8zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6VeLSTPR5s+pYdeY1PA8zw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
http://l.riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-6VeLSTPR5s+pYdeY1PA8zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-6VeLSTPR5s+pYdeY1PA8zw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVldwFmv43GpQt4N4DidyABrqpstQqjQHaonTCHwzkEazzDoYRgKNBA1U4rUek1m5Je1WcpwZ9kMiNVCiAb2cCqkoIWI41BHRX3nHcIiQvv-dKpzOuaWTjgf6TX6HnIebjMdeKYILgCHNWpayuEnL_gZMBXc5nwM4FM5aM_gZcY89cBiJ2rXDdhc0ma
fundingchoicesmessages.google.com/l/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxVldwFmv43GpQt4N4DidyABrqpstQqjQHaonTCHwzkEazzDoYRgKNBA1U4rUek1m5Je1WcpwZ9kMiNVCiAb2cCqkoIWI41BHRX3nHcIiQvv-dKpzOuaWTjgf6TX6HnIebjMdeKYILgCHNWpayuEnL_gZMBXc5nwM4FM5aM_gZcY89cBiJ2rXDdhc0ma
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.8Bi3xpk4YUM.es5.O/d=1/rs=AJlcJMxwiWwAbGG4fFJD_RHmfQ0G22j4Cw/m=iabccpawebsignalscript
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fm94rQkz+yASPg5Fqy+hIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fm94rQkz+yASPg5Fqy+hIw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Jun 2021 00:04:33 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
http://l.riftv.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-fm94rQkz+yASPg5Fqy+hIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-fm94rQkz+yASPg5Fqy+hIw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVPs2dciTYYz-SOrB9TwCrrwgVuEx4o_s_2iyFPs6RjYQlncm83gkYwajoNYKMedWGOZt9jS2JuXW4mgGCLlEjLNopQUg8HDZzrYjYRgCyz2VQsL84IQ1JXkM-rNhLl2IIODY_MdxL3nCjdXoAx35gOPwa1MVYK_KBrLfTmTqgSPeC9JmNW8evMmVUI
fundingchoicesmessages.google.com/f/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVPs2dciTYYz-SOrB9TwCrrwgVuEx4o_s_2iyFPs6RjYQlncm83gkYwajoNYKMedWGOZt9jS2JuXW4mgGCLlEjLNopQUg8HDZzrYjYRgCyz2VQsL84IQ1JXkM-rNhLl2IIODY_MdxL3nCjdXoAx35gOPwa1MVYK_KBrLfTmTqgSPeC9JmNW8evMmVUI?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIzMDI0MjczLDk2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cDovL2wucmlmdHYubmV0L0h3bFlaIl0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.8Bi3xpk4YUM.es5.O/d=1/rs=AJlcJMxwiWwAbGG4fFJD_RHmfQ0G22j4Cw/m=iabccpawebsignalscript
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38f159b6382834aa7a7e3260ad2b47c2a885b1a6bb8543472f3e1a3adcb89352
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4c8D9F2prlw5MVU1qTGARg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4c8D9F2prlw5MVU1qTGARg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-4c8D9F2prlw5MVU1qTGARg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4c8D9F2prlw5MVU1qTGARg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-186817945-1&cid=928287810.1623024274&jid=674871542&_u=YEBAAUAAAAAAAC~&z=1567385473
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-186817945-1&cid=928287810.1623024274&jid=674871542&_u=YEBAAUAAAAAAAC~&z=1567385473
Requested by
Host: l.riftv.net
URL: http://l.riftv.net/HwlYZ?sub1=1&sub2=12784&sub3=40&sub4=1397&sub5=523440
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 39F8 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 06 Jun 2021 23:41:02 GMT
server
ESF
date
Mon, 07 Jun 2021 00:04:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Jun 2021 00:04:34 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 39F8 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:58:22 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 39F8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7001
x-xss-protection
0
server
cafe
etag
17954294202796946299
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:41:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 39F8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:59:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39F8 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:34 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622806011323838"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 39F8 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1091097466425408374
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:56:52 GMT
3b821d177d35ff0343c5a517c12ac1c9.js
www.gstatic.com/mysidia/ Frame 39F8 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3b821d177d35ff0343c5a517c12ac1c9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 16:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Jun 2021 00:10:36 GMT
server
sffe
age
373145
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10549
x-xss-protection
0
expires
Tue, 31 Aug 2021 16:25:29 GMT
ai.aspx
m.exactag.com/ Frame 39F8 		721 B
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=13335630182&extCr=122627486523-525045634689&cb=1253398896
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
HTTP/0.9
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.10 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
becf74378fb3a9cbddd6547acdde42dc5e5bf1a0eea5cc1ebbefdb7c03433436

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 39F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6jUwkWK9YIWMOfG6lQe7habgDPDZkopj1r65xuQNv-EeEAEghrq1f2CVAqABqPmSzAPIAQGpAqWM0SGoabQ-qAMByAPLBKoE5wFP0D5TPbc9IgRoxEmPlsA14zuqTABZodmWFhD21AQVBOUsASX_55EYbc5LKYXoN332eYiuoJcwpqWXZK0SQedStGRHRTLRmdFdzLxyyubFcqTJd597S65TqPk2fvn1VIJhqOPDGadtaeva6-u66cWOh_6W7hm4yO-9sN5FUnWXyXAdBI9GHC2TZCcYBR37qA-kJuNKiOczVtKg1HZ0b8UbbQlaa_jxXcfL45KDLxIP9p73B-u3Gf9y4xyn55vdvVf1OvQ-8R6_KWKScaAeW2-y_bpluUTTECjh0xRg_YILp_sUUv_VzfbABLvmq-nIA4AHwIbtM6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRDTtfQC0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTQ3ODY3MzI1MzAzODAxODA&sigh=l_um33aWhoQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 07 Jun 2021 00:04:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:34 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1EBE 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 06 Jun 2021 23:44:34 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1200
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 39F8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fae9c477ddb4fbdd6fc360a86e573d1e15d1a9b3680960203641977cec9a3ce5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 39F8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 21:07:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
442595
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Wed, 01 Jun 2022 21:07:59 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 39F8 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:27:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
455828
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:27:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1EBE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJ1SijsT_gcN1A346J7lm7psqi23h62mY7s6twdhM4qO0FRTYYWpiwDsvzj5Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Jun 2021 00:04:34 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 07-Jun-2021 01:04:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Jun 2021 00:04:34 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame BCAB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=394597393&adf=1374055083&pi=t.ma~as.8558532162&w=1140&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=1140x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=8&bdt=347&idt=160&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280%2C730x247&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=230&ady=1278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=BX3zaaiyWG&p=http%3A//l.riftv.net&dtd=231
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 06:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
235054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 06:47:00 GMT
css
fonts.googleapis.com/ Frame DD8B 		2 KB
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 06 Jun 2021 22:35:35 GMT
server
ESF
date
Mon, 07 Jun 2021 00:04:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Jun 2021 00:04:34 GMT
bgl_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame DD8B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/bgl_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee56037ac8fbd38d712a70f714fef6f8cb5aa40419b5e62f4b39a5c270226e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 10:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49615
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2171
x-xss-protection
0
server
cafe
etag
6229439154439569843
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 10:17:39 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DD8B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07830ff3d5e2b0c118c3fa2b1fb7208e94a105a1c84ac6bf5ce7a90e3ca30c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 22:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12030
x-xss-protection
0
server
cafe
etag
8295393228521596034
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 22:13:31 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7255730320823376380/ Frame DD8B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7255730320823376380/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44c70ec368535ddfefde8c5c6e2c4f1017f53d652a374f95b91da5b1bc410a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 06:30:58 GMT
x-content-type-options
nosniff
age
495216
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4782
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 14:10:22 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 06:30:58 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame DD8B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7001
x-xss-protection
0
server
cafe
etag
17954294202796946299
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:41:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DD8B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:59:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DD8B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:34 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622806011323838"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DD8B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1091097466425408374
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:56:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame DD8B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=de
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
487860
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Wed, 01 Jun 2022 08:33:34 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DD8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHU-nkWK9YNyfOtXC7_UP9omioAab7bPFYpqhk5_pDbmUqKOjJBABIIa6tX9glQKgAa_T3roByAEGqQKljNEhqGm0PqgDAcgDywSqBOoBT9CwCH-IZQN3abSURCaDuI24UcyTdovwyIxpc40tL20EqziqBhGFAglkXLJCJNWznJNQdaFfeYCputqHNiVkl2E3bow_RSRQSM-y_DwGUHC5PnKz-tqNHRxei1kECyX5HNTeJQkWus3HNGSE4PqGgokfZrqjOZMkttANE18fYmi6nTDYfcBBvP-vbWZgUluHrNVTZ4pdBDdMyFqZpBU39Z9v5hnJ1iDM6TuCjXwL5Qh9-DKtImuf0rOYpQV3WVTsUzoJplEixQ_VUO4CcCywKNEbfOTkxQ9dO2fOcwX72uhKY8O8NB6s2EpPwASGgsaLuwOgBjeAB7msocUCqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELPAAdIIBwiAYRABGB-ACgHICwHYEwPQFQGAFwGyFxoKGAgAEhRwdWItNDc4NjczMjUzMDM4MDE4MA&sigh=ByK6W4EmhNE&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 07 Jun 2021 00:04:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame BCDB 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJ1SijsT_gcN1A346J7lm7psqi23h62mY7s6twdhM4qO0FRTYYWpiwDsvzj5Y; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 06 Jun 2021 23:44:34 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1200
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame DD8B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a249c4814931704e5fc75cb4944973ae82241ec0a21385378b93acde83fe4cfc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
9210044382106700976
tpc.googlesyndication.com/simgad/ Frame B1EE 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9210044382106700976?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlOQZen_7hbFPjp5U50P1pYNbKsnQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d19b3cdf77fbb07c7f7c02442e928ae3dc9f1620e8a4f58a07f6699bc2c9e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:50:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 31 Mar 2020 19:08:59 GMT
server
sffe
age
382444
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83703
x-xss-protection
0
expires
Thu, 02 Jun 2022 13:50:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame B1EE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7001
x-xss-protection
0
server
cafe
etag
17954294202796946299
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:41:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame B1EE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:59:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B1EE 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:34 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1622806011323838"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame B1EE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 23:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
server
cafe
etag
1091097466425408374
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 23:56:52 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame B1EE 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8c60d643e58946baee86cbad5d665082f2acbb595f5dbc337f2a9d3f5fe39e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 06 Jun 2021 19:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14770
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10533
x-xss-protection
0
server
cafe
etag
2880717265082513417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 20 Jun 2021 19:58:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B1EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkiEdkWK9YJPoOO7L7_UPoc6XyAmuxd6IY42kw-SiC7_hHhABIIa6tX9glQKgAd37k_oCyAECqQJ9c6sFivd-PqgDAcgDyQSqBOEBT9Bhdx7ZaMLW6eTfq0EzoVRskwZwyTkLJYQw5uopOOap9wd2aAzyPWfr4iJ4vGAxZmAS4rKSxc31MHL7KK6IySqqIXp4mo_pKzbGdfCEqVt-5G6u47whjwKC5vo7TwK9bTd33X4CJHME1qpVRdGQ7UVfXlcjUc4x8nV5MWWcvsubW3FFhS8e9E0AN1QG7ewf2gC8eRBeOqzaEQPvB1hiYnRL5JbJjMlR31r5mIURy8hZ3_53QALK36scsSBLNAOOYRyJToYnvR63FgtM-ZF-0uecexesHchrkKbL-tLR46bDwASj8_jahwOgBgKAB4uE7IUBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEENOpA9IICQiA4YAQEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi00Nzg2NzMyNTMwMzgwMTgw&sigh=xk_7BrPsYkQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 07 Jun 2021 00:04:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame BCDB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJ1SijsT_gcN1A346J7lm7psqi23h62mY7s6twdhM4qO0FRTYYWpiwDsvzj5Y; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Jun 2021 00:04:34 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 07-Jun-2021 01:04:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Jun 2021 00:04:34 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame D1ED 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 06:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
235054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 06:47:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 760A 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJ1SijsT_gcN1A346J7lm7psqi23h62mY7s6twdhM4qO0FRTYYWpiwDsvzj5Y; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 06 Jun 2021 23:44:34 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1200
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 487D 		247 B
788 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
4be9cbfbc43e13c0b505ace2092b9b4b8e2e5dbe4fb7d33f29cd9315123f3b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-ew9mzRA1gYqxbK0iygAxdQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
203
date
Mon, 07 Jun 2021 00:04:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B1EE 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a629d03bb51f243df3504e644b954a1d35feef583fcbd00779c9ce3438436fb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 760A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJ1SijsT_gcN1A346J7lm7psqi23h62mY7s6twdhM4qO0FRTYYWpiwDsvzj5Y; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Jun 2021 00:04:34 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 07-Jun-2021 01:04:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 07 Jun 2021 00:04:34 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe.html
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 487D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
f7e04e7e89688448dad63de0d907436e34574e9eee387e3234804d223e535f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-StrZxwj07f1uc4ZiNNzXIQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
1861
date
Mon, 07 Jun 2021 00:04:34 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210601&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e8f1d6d6803cdcb2663d1d730ab85f3efac341ca7b7819522656d49e7a4a402
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Jun 2021 00:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8383
x-xss-protection
0
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame 72DD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 06:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
235054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 06:47:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4786732530380180&plah=l.riftv.net&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 00:04:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D616 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Sun, 06 Jun 2021 23:57:56 GMT
expires
Mon, 06 Jun 2022 23:57:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
398
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F53F 		783 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
75a24b1dd975c9dbed87b8ccfedc771e725ca9c80feb2c9ec722d841030e3d87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qOlmbieEMcsmtHLZVGHoag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://l.riftv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://l.riftv.net/

Response headers

expires
Mon, 07 Jun 2021 00:04:34 GMT
date
Mon, 07 Jun 2021 00:04:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qOlmbieEMcsmtHLZVGHoag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
pagead2.googlesyndication.com/bg/ Frame D616 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 04 Jun 2021 06:47:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
235054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5751
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jun 2022 06:47:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210601&jk=4119416544017560&bg=!enmleT3NAAY6sG-_OrA7ACkAdvg8WsYjk7h7FyjwBXBBR6HR_MJNXiFvThP_a962tBcWRqcsM3R-AQIAAABVUgAAAA1oAQcKANn-TM3p_cx3htr6wKsSZ-CuBqKxYcA9x23XlFwBIrbeTbwRTwd-0cfC3IStME8e9R84aKCm6V-j1pBZHH0K_EN2lW-cBAgXt2EL12qqt-AVI3CUFqw0eugzxDIpeBE5PO4UhAHRhbL9uV190n-WZeGc0tHtDZFVi40tLHb6MUNZHMgsE5jZqdAdZgXafONDhRqtmitDnUbsRE5SnJNYQeZHWicOrAVwys5FFlDKiB-4-SQmqyHl_a0ppwMksa22sOmGzKbnHiz6F8kK5L4h2uh1r2HFBKyGF8A2mQJDCATO8RyrLC3Y-1vtIY7ZpZBkN9p0tdBGQpvVGk0y2ie0NbINt_dCORnjOLzkIVEPeukwUaMrWqEtSdTcsR3VNuk_Qd6oiGmlUB-Sbm8cuNo_ASvJFFCrNNU_IxbbcBKysq9BWZ8Y0myLr8uZ1xRhdgK_lZ5FxFAFeBS0qpofdpjRcbWP4kbIPnzILlRczNLNYAYCqdfbbm9im5y9qEEfACzxejz32OhrWPZxC6gnfKCjhsTnXCnNyVlmSLnie03JG13zVvZL74fVd2dBDWEZHKqTt0dQvFDnCprgI268WT-oXXyHe-ejIqpTbBimUGkYMllihIuAun2y0wxmIEwfaCiZs0qoFtqk_CjTn2_99nrPCGaQMiOxOtGBVbdc7JXNfqRp9cnl4EHt0c5ObMJqmu9_kbuUe5DnFOdzGjFJAJlXlP5BANe1R698PD1RDwiBo5Xbi6AbZilVRo0cdOomN6RoSdgukfMUa2rxcSfGMjx2r9m-0besp4UxhI9dJonktR-ZX7_8eWg55gRfFpbG0nsUa4PnOYBxFEHI3kfhd8FvEzvryVP99h3eVS-VtXn-eBWOTxKNvIJ6-ViRGFGbD5lVPN9QKWgYvcwf7AEfkQH4BBCjm4nMXeKHPltjPX9oFdPy_jRnXdvqJ_VmN2ObBndJbcrPTFBJ9OCuJQL2BVNpwCZIg_uKbL3kMJBTuB-4iIXBCKFKqevg2IVhDbjMm4jpZtiGpOXGvUIcDhUVVAe_w-d7H2LZpBBl8QC8O9PAO6Ro
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://l.riftv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DD8B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYMq7kWK9YNyfOtXC7_UP9omioAab7bPFYpqhk5_pDbmUqKOjJBABIIa6tX9glQKgAa_T3roByAEGqQKljNEhqGm0PqgDAaoE6gFP0LAIf4hlA3dptJREJoO4jbhRzJN2i_DIjGlzjS0vbQSrOKoGEYUCCWRcskIk1bOck1B1oV95gKm62oc2JWSXYTdujD9FJFBIz7L8PAZQcLk-crP62o0dHF6LWQQLJfkc1N4lCRa6zcc0ZITg-oaCiR9muqM5kyS20A0TXx9iaLqdMNh9wEG8_69tZmBSW4es1VNnil0EN0zIWpmkFTf1n2_mGcnWIMzpO4KNfAvlCH34Mq0ia5_Ss5ilBXdZVOxTOgmmUSLFD9VQ7gJwLLAo0Rt85OTFD107Z85zBfva6Epjw7w0HqzYSk_ABIaCxou7A6AGN4AHuayhxQKoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQs8AB0ggHCIBhEAEYH4AKAcgLAdgTA9AVAYAXAbIXGgoYCAASFHB1Yi00Nzg2NzMyNTMwMzgwMTgw&sigh=Lk2nNL-udq8&vt=1&template_id=492
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=247&slotname=4516382124&adk=33470798&adf=540082601&pi=t.ma~as.4516382124&w=730&lmt=1623024273&rafmt=11&psa=0&format=730x247&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&wgl=1&dt=1623024273689&bpp=1&bdt=348&idt=149&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C728x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=625&ady=952&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=ON0jxfkAvV&p=http%3A//l.riftv.net&dtd=228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 07 Jun 2021 00:04:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DD8B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY93A80JuGat-EwSf6oyTmLC5g95-IYYRnu6fa2UDMuqv9CU9tNdDctpHz7eCgcI07zJKAU1FRc4vEsrAnocCIzX5dX4Mh-0A6K70mGHMyIynbn5OQEQTaXJg&sai=AMfl-YTz-LHS7Sqd82jSU1FMf4mIZA8oLyjquWnxUn1K0w1-KxOGpi9euHoffyTz8TIE-aoxjBl5eaLUesvI&sig=Cg0ArKJSzLGiknli3SCuEAE&id=lidar2&mcvt=1000&p=952,625,1446,1355&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210604&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&app=0&itpl=14&adk=33470798&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&eosm=0&rst=1623024273924&dlt=517&rpt=66&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B1EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMUkLkWK9YJPoOO7L7_UPoc6XyAmuxd6IY42kw-SiC7_hHhABIIa6tX9glQKgAd37k_oCyAECqQJ9c6sFivd-PqgDAaoE4QFP0GF3Htlowtbp5N-rQTOhVGyTBnDJOQslhDDm6ik45qn3B3ZoDPI9Z-viIni8YDFmYBLispLFzfUwcvsorojJKqoheniaj-krNsZ18ISpW37kbq7jvCGPAoLm-jtPAr1tN3fdfgIkcwTWqlVF0ZDtRV9eVyNRzjHydXkxZZy-y5tbcUWFLx70TQA3VAbt7B_aALx5EF46rNoRA-8HWGJidEvklsmMyVHfWvmYhRHLyFnf_ndAAsrfqxyxIEs0A45hHIlOhie9HrcWC0z5kX7S55x7F6wdyGuQpsv60tHjpsPABKPz-NqHA6AGAoAHi4TshQGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ06kD0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBgBcBshcaChgIABIUcHViLTQ3ODY3MzI1MzAzODAxODA&sigh=f-oDL9crHbs&vt=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4786732530380180&output=html&h=280&slotname=8558532162&adk=3577450996&adf=2855107163&pi=t.ma~as.8558532162&w=728&fwrn=4&fwrnh=100&lmt=1623024273&rafmt=1&psa=0&format=728x280&url=http%3A%2F%2Fl.riftv.net%2FHwlYZ%3Fsub1%3D1%26sub2%3D12784%26sub3%3D40%26sub4%3D1397%26sub5%3D523440&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1623024273689&bpp=7&bdt=348&idt=134&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=1&correlator=5042837193721&frm=20&pv=1&ga_vid=928287810.1623024274&ga_sid=1623024274&ga_hid=540482268&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44744170&oid=3&pvsid=4119416544017560&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=KnWIREP85N&p=http%3A//l.riftv.net&dtd=225
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 07 Jun 2021 00:04:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 07 Jun 2021 00:04:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B1EE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuy47ggWJUWX_4A5iW9sC6dkhTwwSNb-vzqTJMlO_T19ech3Rec1SvLFzsQkdnCCeKxEJ1PKF26oVRMxBbMmfo70-qZ-tQbS4Gx6R-4HqS1PEqt7T7JJ-Girp-hEw&sai=AMfl-YR4_J29S7zm_sTGCmp45J-jlOv1uOYwRwzDg04o-2XKlXsBs-lz-M1k87I8Qx9kvGvNXklXIhTg8STx&sig=Cg0ArKJSzEfOmWZQMNyAEAE&id=lidar2&mcvt=1000&p=470,436,658,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210604&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3577450996&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1623024273924&dlt=609&rpt=64&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6.gif
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i1-v6exp3.v4.metric.gstatic.com/v6exp3/ Frame 487D 		35 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i1-v6exp3.v4.metric.gstatic.com/v6exp3/6.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.210 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f18.1e100.net
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6.gif
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i2-v6exp3.ds.metric.gstatic.com/v6exp3/ Frame 487D 		35 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i2-v6exp3.ds.metric.gstatic.com/v6exp3/6.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2012 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Jun 2021 00:04:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
l.riftv.net
URL
https://l.riftv.net/static/fonts/glyphicons-halflings-regular.woff
Domain
l.riftv.net
URL
https://l.riftv.net/static/fonts/glyphicons-halflings-regular.ttf

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| $ function| jQuery function| is_mobile function| is_tablet string| appurl string| token number| count number| countdown function| BlockAdBlock object| blockAdBlock object| detect function| engageBlock function| Clipboard object| cookieconsent object| Pace function| gtag object| dataLayer function| icheck_reload function| show_forgot_password function| update_sidebar function| zClipload function| loadall function| update_autocomplete function| validateForm function| form_switch function| changeTheme function| showBundle function| showAll function| server function| refreshLinks function| archive function| addtobundle function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| lang object| google_tag_manager object| __gcse object| google_tag_data string| GoogleAnalyticsObject function| ga function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| closure_lm_65930 function| _googCsa number| nextSearchboxId object| gaplugins object| gaGlobal object| gaData object| default_ContributorServingLoaderClientJs function| __Y9uNstf385Zx__ object| __fcInternalApiManager string| ZmZjNjEzNjY0Njg2M2QxZWxvYWRlcl9qcw== string| ZmZjNjEzNjY0Njg2M2QxZWNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager object| googletag boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpaForCanoeV2 number| _googEnableQup number| _googErrorTurnOffPersonalization number| _googTimeoutTurnOffPersonalization string| _googLazyLoadingDenyList string| _googLazyLoadingEnableList number| _googLazyLoadingRootMargin number| _googUspApiTimeout number| googleAltLoader object| default_ContributorIabCcpaWebSignalJs function| __djmt020195__ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ object| GoogleGcLKhOms

11 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnJ1SijsT_gcN1A346J7lm7psqi23h62mY7s6twdhM4qO0FRTYYWpiwDsvzj5Y
.riftv.net/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1623024273873],null,null]
.riftv.net/ Name: _gat_gtag_UA_186817945_1
Value: 1
.riftv.net/ Name: _gid
Value: GA1.2.2037997725.1623024274
.riftv.net/ Name: _ga
Value: GA1.2.928287810.1623024274
l.riftv.net/ Name: short_HwlYZ
Value: 1
l.riftv.net/ Name: short_WKkfU
Value: 1
.riftv.net/ Name: __gads
Value: ID=ee8b56ef87e05177-2251640f5ac80009:T=1623024273:RT=1623024273:S=ALNI_MZ9kzjfKW2ERfjMjofahjTYOuptMQ
l.riftv.net/ Name: PHPSESSID
Value: 67006d4785ef6844dee3390615b9113e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.miniature.io
cdnjs.cloudflare.com
clients1.google.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
l.riftv.net
m.exactag.com
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i1-v6exp3.v4.metric.gstatic.com
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-983121-i2-v6exp3.ds.metric.gstatic.com
p4-b73mj53ed7ubc-n2g3boogiw7wkx5j-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zizouit.com
l.riftv.net
109.234.162.107
139.99.133.160
142.250.180.210
142.250.185.195
213.202.235.10
216.58.212.162
217.182.76.191
2606:4700::6810:125e
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2012
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9b
05a8a5125b36da55ff02702436ee672fa3ddd45ccebd499a8fbff0461c8cba10
07830ff3d5e2b0c118c3fa2b1fb7208e94a105a1c84ac6bf5ce7a90e3ca30c8c
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
0a629d03bb51f243df3504e644b954a1d35feef583fcbd00779c9ce3438436fb
13de570acd88a220c7ded609d1d89a23bf3799113b60466fed8e8ddf663f70d4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1cfbcb4a51657ecce989cd495b0f505c8e0d6e0a20aa1608d7aa88516bea668d
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1f7244cb694f7f667a5f3668a79844fc6159e3922363f0423d9b09872680f372
21d19b3cdf77fbb07c7f7c02442e928ae3dc9f1620e8a4f58a07f6699bc2c9e5
2433d15cf3fc19f8f5cafb0ac8bfa2a3eea71cea8c41b3e4a7ee84252a33bb1c
2442774fdb2795d05f483a682fd18b761abbeef07910d5ea62e86a6784cf81e1
254289178148fbf9ff689acd1e9bd49ad1a2cffbe7846305919678ec31213418
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c
27ee9d60bb5e620c324ab38292a86d7da61081df6a23359fbe9b3371b980beb2
2ca6d9c1fe1793d432b8afee454b8e779f75ab0ee22faccf9a0a502a32737d81
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
35a7a78646d1367107f41a8e337a96914cdcff35df8d014508a380ab86b4c49d
35f79e2956b19a8822e2f2edbe9eae2c79507dd3f37cbf10d45ba6dd2cbff91d
385f90f81c46f355a4a6cc24a246786656877202f6764fb4669c6f3112b7a759
38f159b6382834aa7a7e3260ad2b47c2a885b1a6bb8543472f3e1a3adcb89352
3c19df610d2b937c34facbe5517c48054fd3695a18e69fa1ac94084aa61d5079
44c70ec368535ddfefde8c5c6e2c4f1017f53d652a374f95b91da5b1bc410a04
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
48e56f559558a90e00044a2734ead4928241e960309b7646b909a9c80b313866
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4be9cbfbc43e13c0b505ace2092b9b4b8e2e5dbe4fb7d33f29cd9315123f3b8e
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4d7bc2e5c2959435469986ff3eb98d158edf428ed8eeccb0e8ffe31d3336c9ac
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
5e8f1d6d6803cdcb2663d1d730ab85f3efac341ca7b7819522656d49e7a4a402
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
6e8f18e5714463a8976ab8c766d5efe42bfbd6427528574868f06548cf008016
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74a39acaad6065841ef02c5fff6c28c4b394577992dae399942ad9715ba11f54
74d66add22660b12e57cf4a9e1c2fe4fcc8708e052ec75b62b1e9428968fc90d
75a24b1dd975c9dbed87b8ccfedc771e725ca9c80feb2c9ec722d841030e3d87
7d11e7e384579b55d578f3aec8bf96ba7ab144a1f34e36451556019113bb2b5f
82778338e8d23aff623902d6ca4e74db300007b01ff81c85afba1496e3d148f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839661c0a1c18b80c77189707d35aeda58b7c7bdd3901ef047738b95019ee766
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9d70b3b91c2311694a9c24cda3c76115e0a20640cc949b9d2d0ff16657afbe01
a249c4814931704e5fc75cb4944973ae82241ec0a21385378b93acde83fe4cfc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
ac264201f758f427b3286c36c1946801850c07f6b18199f95680f10888be4187
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
bc64f537ebaf0678afdd734a34498a98590c0f9c52c4d4fce2cef0304c67a7f0
bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a
becf74378fb3a9cbddd6547acdde42dc5e5bf1a0eea5cc1ebbefdb7c03433436
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d8c60d643e58946baee86cbad5d665082f2acbb595f5dbc337f2a9d3f5fe39e4
d9de83c923a234e8b164d2351ed47b456ec3417785b5fc33b4827f071f51f05f
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee56037ac8fbd38d712a70f714fef6f8cb5aa40419b5e62f4b39a5c270226e2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f7e04e7e89688448dad63de0d907436e34574e9eee387e3234804d223e535f4d
fa9a3880a0d54a4bd990e2f63278be581b068336f34a39863e47ba65774d82d7
fae9c477ddb4fbdd6fc360a86e573d1e15d1a9b3680960203641977cec9a3ce5
fc6c45fb43f51dfc76b7770b2e751e3400575327793dcd1eb257373af7857627
fff5f15db7a6346794d255fa1e22caa0090efa107f34215e36cf5a7d986f776f