urlscan.io logo urlscan.io
SecurityTrails logo

risu.io Open in urlscan Pro
172.66.41.2  Public Scan

Go To Rescan Add Verdict Report
URL: https://risu.io/Hlv7j
Submission Tags: 0xscam
Submission: On April 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 7 countries across 23 domains to perform 122 HTTP transactions. The main IP is 172.66.41.2, located in United States and belongs to CLOUDFLARENET, US. The main domain is risu.io.
TLS certificate: Issued by GTS CA 1P5 on February 23rd 2024. Valid for: 3 months.
This is the only time risu.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 172.66.41.2 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
9 34.98.102.251 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
7 142.250.185.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.186.215.140 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 162.210.196.208 30633 (LEASEWEB-...)
5 172.67.71.254 13335 (CLOUDFLAR...)
14 2600:9000:225... 16509 (AMAZON-02)
1 142.250.184.194 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.232 15169 (GOOGLE)
8 175.41.212.118 16509 (AMAZON-02)
2 142.250.185.132 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.186.163 15169 (GOOGLE)
1 5 192.96.203.13 30633 (LEASEWEB-...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 35.190.36.98 15169 (GOOGLE)
1 2 172.105.203.31 63949 (AKAMAI-LI...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 142.250.186.78 15169 (GOOGLE)
9 203.75.214.136 3462 (HINET Dat...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 157.240.252.13 32934 (FACEBOOK)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 34.117.109.52 396982 (GOOGLE-CL...)
1 1 23.56.202.187 16625 (AKAMAI-AS)
1 184.30.22.30 16625 (AKAMAI-AS)
122 37
13    172.66.41.2 (United States)

ASN13335 (CLOUDFLARENET, US)
risu.io
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    34.98.102.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.102.98.34.bc.googleusercontent.com
assets.risu.io
2    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
agent.aralego.com
5    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
14    2600:9000:2250:1c00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2600:9000:2250:8c00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
8    175.41.212.118 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
2    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.google.com.br
5    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
2    172.105.203.31 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1857-31.members.linode.com
gocm.c.appier.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
fundingchoicesmessages.google.com
9    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.117.109.52 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 52.109.117.34.bc.googleusercontent.com
pmp-beacon.apx.appier.net
1    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
Apex Domain
Subdomains		 Transfer
24 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 122123
ad.holmesmind.com — Cisco Umbrella Rank: 91646
134 KB
22 risu.io
risu.io
assets.risu.io
1 MB
9 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 62787
38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net
4 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
290 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 145
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
122 KB
6 aralego.com
agent.aralego.com — Cisco Umbrella Rank: 334737
ads.aralego.com — Cisco Umbrella Rank: 33138
sync.aralego.com — Cisco Umbrella Rank: 2564
3 KB
5 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 74211
gocm.c.appier.net — Cisco Umbrella Rank: 2890
pmp-beacon.apx.appier.net — Cisco Umbrella Rank: 195059
3 KB
5 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 6640
41 KB
5 gstatic.com
fonts.gstatic.com
227 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
91 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 744
14 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 36
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
399 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
252 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
2 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 995
eus.rubiconproject.com — Cisco Umbrella Rank: 593
124 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 661
41 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 107692
14 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
7 KB
1 google.com.br
www.google.com.br — Cisco Umbrella Rank: 25086
63 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
63 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
2 KB
122 23
Domain Requested by
16 cdn.holmesmind.com ad.sitemaji.com
cdn.holmesmind.com
ad.holmesmind.com
risu.io
13 risu.io 1 redirects risu.io
static.cloudflareinsights.com
ad.sitemaji.com
9 assets.risu.io risu.io
assets.risu.io
8 ad.holmesmind.com cdn.holmesmind.com
risu.io
7 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
7 pagead2.googlesyndication.com risu.io
pagead2.googlesyndication.com
5 cdn.aralego.net agent.aralego.com
risu.io
ads.aralego.com
5 fonts.gstatic.com fonts.googleapis.com
4 connect.facebook.net cdn.holmesmind.com
connect.facebook.net
4 unpkg.com 2 redirects assets.risu.io
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 ads.aralego.com 1 redirects agent.aralego.com
ads.aralego.com
3 www.googletagmanager.com risu.io
www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com risu.io
2 sync.aralego.com ads.aralego.com
2 38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net risu.io
t.ssp.hinet.net
2 www.facebook.com connect.facebook.net
2 static.criteo.net cdn.holmesmind.com
2 gocm.c.appier.net 1 redirects risu.io
2 ad2.apx.appier.net 1 redirects risu.io
2 www.google.com tpc.googlesyndication.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ad.sitemaji.com assets.risu.io
ads.aralego.com
risu.io
2 static.cloudflareinsights.com risu.io
1 eus.rubiconproject.com ads.aralego.com
1 secure-assets.rubiconproject.com 1 redirects
1 pmp-beacon.apx.appier.net ad2.apx.appier.net
1 www.google.com.br
1 analytics.google.com www.googletagmanager.com
1 www.google.de
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 agent.aralego.com 1 redirects
1 cdn.jsdelivr.net assets.risu.io
122 36

This site contains links to these domains. Also see Links.

Domain
docs.google.com
www.facebook.com
m.me
Subject Issuer Validity Valid
risu.io
GTS CA 1P5		 2024-02-23 -
2024-05-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
assets.risu.io
GTS CA 1D4		 2024-03-28 -
2024-06-26		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
sitemaji.com
ZeroSSL RSA Domain Secure Site CA		 2024-04-08 -
2024-07-07		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2024-03-05 -
2025-04-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com.br
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
aralego.net
E1		 2024-03-18 -
2024-06-16		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.t.ssp.hinet.net
 2024-03-11 -
2025-03-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-28 -
2024-04-27		 3 months crt.sh
pmp-beacon.apx.appier.net
GTS CA 1D4		 2024-02-24 -
2024-05-24		 3 months crt.sh
*.c.appier.net
GTS CA 1P5		 2024-02-25 -
2024-05-25		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-07 -
2025-04-03		 a year crt.sh

This page contains 19 frames:

Primary Page: https://risu.io/Hlv7j
Frame ID: E4B815044A94AA77567BC3807FD033AF
Requests: 60 HTTP requests in this frame

Frame: https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 6ADD826447C5B39E99BD13823BF88C39
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 1B6E14AA8755245C3DF828696B9BFE39
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 5FEB046DE3D96EA9C4E816D10B96D6D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1713603900&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Frisu.io%2FHlv7j&pra=5&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713603899989&bpp=3&bdt=690&idt=249&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1858904328431&frm=20&pv=2&ga_vid=1749293619.1713603900&ga_sid=1713603900&ga_hid=147111421&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082702%2C44795922%2C95326317%2C95331036&oid=2&pvsid=3756734265768438&tmod=285858713&uas=0&nvt=1&fsapi=1&fc=1920&brdim=990%2C990%2C990%2C990%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=259
Frame ID: 4DAF1358AEFE4F902AAB85BE7F34E0B9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: F3A49365C1E292B8E07BE4AACACB5A65
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 450940866B5A8B444E82CF85B8AAA7E8
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3269C98A8BCE131B63AD5549371E8AB0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 7C1C47F5869FEF4AD7194BC4C659B1B9
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F018A1462110410D76B53244E3C3050
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C742832048ABEFA9701FD6E78063BDA
Requests: 1 HTTP requests in this frame

Frame: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=p4GlZ77dC4GIU1e6PoUjZg&id=ida4mlvgiastit93r
Frame ID: FAD803AC0CBAE491B905F6BE65E4B82A
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5be1859063958cdf%26domain%3Drisu.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frisu.io%252Ff1febb965038273df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchichi.lilian520%2Fvideos%2F1857244681395703%2F&locale=zh_TW&sdk=joey&show_text=false&width=280
Frame ID: 8ED465B78B0459D21699009680E94FF1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8e2551232a05c5ed%26domain%3Drisu.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frisu.io%252Ff62a453f90078a0cd%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchichi.lilian520%2Fvideos%2F1857244681395703%2F&locale=zh_TW&sdk=joey&show_text=false&width=280
Frame ID: A20090B125783C90FCC4FBA43D3CFA06
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Frame ID: 888A84CC58AEB76E46ABE0DCAE0A5FA8
Requests: 6 HTTP requests in this frame

Frame: https://ad.sitemaji.com/ysm_risu.js
Frame ID: CA877926625ABBA503498942231F0A31
Requests: 1 HTTP requests in this frame

Frame: https://risu.io/ad_first.html?s=728x90&type=fsa_passback
Frame ID: 8F8F16428EAF40F0A277A5526B3566DC
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 913E4343E9644B9A41156F540811F240
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 50AFDBD43DD7C77D6C516284A79702CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

短網址。行銷。分析 - Risu.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

122
Requests

91 %
HTTPS

42 %
IPv6

23
Domains

36
Subdomains

37
IPs

7
Countries

2420 kB
Transfer

10354 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://unpkg.com/video.js@7/dist/video-js.min.css HTTP 302
  • https://unpkg.com/video.js@7.21.5/dist/video-js.min.css
Request Chain 10
  • https://unpkg.com/@videojs/themes@1/dist/sea/index.css HTTP 302
  • https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
Request Chain 20
  • https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Request Chain 36
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 69
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r HTTP 307
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=p4GlZ77dC4GIU1e6PoUjZg&id=ida4mlvgiastit93r
Request Chain 106
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 117
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Hlv7j
risu.io/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://risu.io/Hlv7j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8601795e76a9cb039e4c5f389b760b135aa0ce356495374bc07f05ae25b24a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8773f8502ff1bf6a-WAW
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 20 Apr 2024 09:04:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
4a10d93a-ff96-48c7-b9d1-1b6a6110372c
x-runtime
0.053665
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		4 KB
550 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Apr 2024 09:04:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Apr 2024 09:04:59 GMT
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76b8a0d06c6abfa98a8da99c5b2f95a6d9cbba102e1bc92d0e44ff2d7b21e41a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Apr 2024 09:04:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Apr 2024 09:04:59 GMT
application-025be2bd.css
assets.risu.io/packs/css/layouts/ 		528 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 20:34:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:32:29 GMT
server
nginx
age
45023
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68120
header-419e5bb6.css
assets.risu.io/packs/css/commons/ 		226 B
227 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/css/commons/header-419e5bb6.css
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 20:34:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:32:29 GMT
server
nginx
age
45023
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
show-11000a9b.css
assets.risu.io/packs/css/pages/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/css/pages/show-11000a9b.css
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
28196ab389ed9e4958f82b3528cd13035d2bfd35df0d60cc126cfb73225e2493

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 09:32:53 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:32:29 GMT
server
nginx
age
84726
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3352
email-decode.min.js
risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/Hlv7j
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Apr 2024 15:45:04 GMT
server
cloudflare
etag
W/"661e9d00-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8773f852bb9fbf6a-WAW
expires
Mon, 22 Apr 2024 09:04:59 GMT
rocket-loader.min.js
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/Hlv7j
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Apr 2024 15:45:04 GMT
server
cloudflare
etag
W/"661e9d00-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8773f852dbccbf6a-WAW
expires
Mon, 22 Apr 2024 09:04:59 GMT
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 22:09:58 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8773f8535f45920b-FRA
index.css
cdn.jsdelivr.net/npm/simple-keyboard@latest/build/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/simple-keyboard@latest/build/css/index.css
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/pages/show-11000a9b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61aff5cf966b1399abc950ad1ca973c93e5136a468951eaa6258700b4bfdd5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets.risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35875
x-jsd-version
3.7.77
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1108
x-served-by
cache-fra-etou8220037-FRA, cache-lga21969-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"c91-SFqesvFdX2LwHeHs7XWZIJs+yaw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRHSgYD8rk0n3a8uys%2F4DCPxzQ6hmGXTPg1YjYRBpYecuH9VTARa3wVipXgCFBroq9Ea%2FqL67u9No0HC8MAckx64vMP4w7RtjQwOrKt9apbevrwiIku0TL0tJsI88ti80dM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8773f8540ab2bf67-WAW
video-js.min.css
unpkg.com/video.js@7.21.5/dist/
Redirect Chain
  • https://unpkg.com/video.js@7/dist/video-js.min.css
  • https://unpkg.com/video.js@7.21.5/dist/video-js.min.css
40 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/video.js@7.21.5/dist/video-js.min.css
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/pages/show-11000a9b.css
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31020b3680c09d76da253d297d6d3faa98fd6b551c1c751829db8c12a9f4a1ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://assets.risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2516001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HSJCJJHBJ45V9CD24GHJCVG5-fra
server
cloudflare
etag
"a03b-sf5Rua+ucYc7QC6tPa5Nbd2dspc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8773f8548eda18f3-FRA

Redirect headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HVXBNCFVJ0H6B5EAJ077RGZF-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
376
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/video.js@7.21.5/dist/video-js.min.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
8773f8543e3e18f3-FRA
index.css
unpkg.com/@videojs/themes@1.0.1/dist/sea/
Redirect Chain
  • https://unpkg.com/@videojs/themes@1/dist/sea/index.css
  • https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
1 KB
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@videojs/themes@1.0.1/dist/sea/index.css
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/pages/show-11000a9b.css
Protocol
H2
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b374d05231f031b755f2d522847efa8d0b2af827366c01b055216eda7fe1f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://assets.risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3251069
last-modified
Wed, 28 Oct 2020 04:24:35 GMT
fly-request-id
01HRWFJ2RVN15W3HH98JAAG3KA-fra
server
cloudflare
etag
W/"4f6-vBgwTvo8UG+Hkhbt9c4vT9i+iMU"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8773f8548ee218f3-FRA

Redirect headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HVXBZ9TH09MJ3Y98TN129DEQ-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
51
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@videojs/themes@1.0.1/dist/sea/index.css
cache-control
public, s-maxage=600, max-age=60
cf-ray
8773f8543e3d18f3-FRA
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 10:16:35 GMT
x-content-type-options
nosniff
age
600504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 10:16:35 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 15:53:06 GMT
x-content-type-options
nosniff
age
580313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 15:53:06 GMT
bootstrap-icons-dfd0ea12.woff2
assets.risu.io/packs/media/fonts/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/media/fonts/bootstrap-icons-dfd0ea12.woff2
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://assets.risu.io/packs/css/layouts/application-025be2bd.css
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:03:56 GMT
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:32:28 GMT
server
nginx
age
63
content-type
application/font-woff2
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90528
show-75e02becb07b9dccc786.js
assets.risu.io/packs/js/pages/ 		3 MB
799 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/js/pages/show-75e02becb07b9dccc786.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0588692e4e0f96d05a20ca5ee504bc1c054cdcb8763684841a2b51a5f89fdfd0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 09:32:54 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:32:29 GMT
server
nginx
age
84725
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
817881
zh-TW.js
assets.risu.io/javascripts/i18n/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/javascripts/i18n/zh-TW.js?b8928d7ddbc6bd8fd605402c4caed5ba
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:03:56 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 01 Apr 2024 14:12:37 GMT
server
nginx
age
63
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10051
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9208708170783140
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
abdc14f58963ce8c06d66f083a00db89b96da1f61d8c9039412df76e10c25e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51053
x-xss-protection
0
server
cafe
etag
8737087103951354416
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 20 Apr 2024 09:04:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
75d1ce1a2924ab3bf84247e25e09ccc33160012f230e6f5327afa37f104e424c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51029
x-xss-protection
0
server
cafe
etag
13322727651130025295
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 20 Apr 2024 09:04:59 GMT
header-f240211f70dcac795a0a.js
assets.risu.io/packs/js/commons/ 		474 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/js/commons/header-f240211f70dcac795a0a.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4d1616b0b54dea57a0b666686976e1a8e01cb29f7988de451560c1e01f8eade1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 20:34:37 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:32:29 GMT
server
nginx
age
45022
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147114
application-77f95976827167b5498b.js
assets.risu.io/packs/js/layouts/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/packs/js/layouts/application-77f95976827167b5498b.js
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f230b70fafb661f679ff2e6b151d861405ab99c918a9db15427cc520be1501ea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 20:34:37 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:32:29 GMT
server
nginx
age
45022
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17076
main.js
risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 6ADD
Redirect Chain
  • https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H3
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de05e716292a74a520d396dd9e4b30e8299d7894fc92ee786e7392b898c8863a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8773f8561fdabf6a-WAW
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 20 Apr 2024 09:04:59 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control
max-age=300, public
cf-ray
8773f855bf58bf6a-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
8773f8502ff1bf6a
risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6ADD 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/8773f8502ff1bf6a
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
server
cloudflare
cf-ray
8773f856c897bf6a-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		202 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfdc5e44f9d6d72f1532998da87deb3652f9774201b5f8a65eab27ecc6172b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74256
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Apr 2024 09:05:00 GMT
favicon.png
assets.risu.io/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.risu.io/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.102.251 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
251.102.98.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
140d23c26269417067ca5c36ad591e3a13da19b3854209bc82ea477cc54e9986

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 08:40:15 GMT
via
1.1 google
last-modified
Sat, 17 Feb 2024 07:13:19 GMT
server
nginx
age
1485
content-type
image/png
access-control-allow-origin
https://risu.io
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1954
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/ 		412 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3181fbcd87e8069fda16b04b43e0be62c13bb89dd7adea485b374d099475a763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142880
x-xss-protection
0
server
cafe
etag
4461693769914324184
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Apr 2024 09:05:00 GMT
ysm_risu.js
ad.sitemaji.com/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_risu.js
Requested by
Host: assets.risu.io
URL: https://assets.risu.io/packs/js/pages/show-75e02becb07b9dccc786.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5bed9d919b7e869a3881a15c3baa4af63bb6647cac3c93e1ebaa5f00cfee4fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 10:05:24 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 20 Feb 2024 09:47:03 GMT
server
nginx
age
82776
etag
W/"65d47517-bdc9"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14294
expires
Sat, 20 Apr 2024 10:05:24 GMT
facebook-icon-43072eec.svg
risu.io/packs/media/brands/ 		802 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/brands/facebook-icon-43072eec.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/Hlv7j
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Nov 2023 15:31:23 GMT
server
cloudflare
age
12259168
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8773f85799afbf6a-WAW
alt-svc
h3=":443"; ma=86400
google-icon-501a643d.svg
risu.io/packs/media/brands/ 		1 KB
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/brands/google-icon-501a643d.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/Hlv7j
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 17 Feb 2024 07:32:28 GMT
server
cloudflare
age
640313
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
8773f85799b5bf6a-WAW
alt-svc
h3=":443"; ma=86400
logo-1a0670e0.png
risu.io/packs/media/adult/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://risu.io/packs/media/adult/logo-1a0670e0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896fccdd4bf0aac29d2a1721a3d555a4884c48ebfc6f136dbcb1ccfcd69f2507

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/Hlv7j
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
via
1.1 google
cf-cache-status
HIT
age
263343
cf-polished
origFmt=png, origSize=4434
content-disposition
inline; filename="logo-1a0670e0.webp"
alt-svc
h3=":443"; ma=86400
content-length
2888
cf-bgj
imgq:100,h2pri
last-modified
Sat, 17 Feb 2024 07:32:28 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8773f85799b7bf6a-WAW
64a75d03-5897-402e-9982-6a60c4bc3d90
https://risu.io/ 		1 MB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/64a75d03-5897-402e-9982-6a60c4bc3d90
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1177087
Content-Type
application/javascript
3d8c0794-5a45-4d6c-895b-6670ae26aae2
https://risu.io/ 		1 MB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/3d8c0794-5a45-4d6c-895b-6670ae26aae2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
1177087
Content-Type
application/javascript
3cff6900-7344-400f-b7ad-04568250ba71
https://risu.io/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://risu.io/3cff6900-7344-400f-b7ad-04568250ba71
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
8773f8502ff1bf6a
risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6ADD 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/challenge-platform/h/b/jsd/r/8773f8502ff1bf6a
Requested by
Host: risu.io
URL: https://risu.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
server
cloudflare
cf-ray
8773f857fa15bf6a-WAW
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
rum
risu.io/cdn-cgi/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://risu.io/Hlv7j
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://risu.io
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8773f857fa18bf6a-WAW
js
www.googletagmanager.com/gtag/ 		260 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83a0bc46810ce02e7a503e675247e0eabf7f1f36ff5b63cbb5356b08b445a9b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92625
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Apr 2024 09:05:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MR8WJDJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Apr 2024 07:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4612
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 20 Apr 2024 09:48:08 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Protocol
H3
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10601
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgZk0CooHbS1xKpIy9fizl0KWBC2TcciP5Xm2hSnolJzz8LCwg%2BcAk0TK%2Bi%2BbQYyaXcYz12oIn2MCVOo4tneY2asVbq7DQfZ2h9dOUCI17SqlS0V0MXpfX3lnti8FVFzeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8773f85c0d8803b0-FRA

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
init.js
cdn.holmesmind.com/js/ Frame 1B6E 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_risu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sat, 20 Apr 2024 09:04:57 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
7
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
iriT8_euE86ywhLFrTK_RCs19vhsxtYlcjwOVrvOU1Walfebf_Zcjw==
init.js
cdn.holmesmind.com/js/ Frame 5FEB 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_risu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sat, 20 Apr 2024 09:04:57 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
7
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
iriT8_euE86ywhLFrTK_RCs19vhsxtYlcjwOVrvOU1Walfebf_Zcjw==
ads
googleads.g.doubleclick.net/pagead/ Frame 4DAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9208708170783140&output=html&adk=1812271804&adf=3025194257&lmt=1713603900&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Frisu.io%2FHlv7j&pra=5&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713603899989&bpp=3&bdt=690&idt=249&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1858904328431&frm=20&pv=2&ga_vid=1749293619.1713603900&ga_sid=1713603900&ga_hid=147111421&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31082702%2C44795922%2C95326317%2C95331036&oid=2&pvsid=3756734265768438&tmod=285858713&uas=0&nvt=1&fsapi=1&fc=1920&brdim=990%2C990%2C990%2C990%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=259
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 20 Apr 2024 09:05:01 GMT
expires
Sat, 20 Apr 2024 09:05:01 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240417&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d37aed64423b37967845347128d9982251691604352eba700fc6f4612059ca88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12274
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je44h0v883701885z8812733088za200&_p=1713603899981&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1749293619.1713603900&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713603900&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2FHlv7j&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=page_view&_fv=1&_ss=1&_c=1&tfd=1534
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 20 Apr 2024 09:05:00 GMT
collect
www.google-analytics.com/j/ 		16 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=147111421&t=pageview&_s=1&dl=https%3A%2F%2Frisu.io%2FHlv7j&ul=de-de&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1314634616&gjid=1334805971&cid=1749293619.1713603900&tid=UA-146086888-1&_gid=1613711923.1713603900&_r=1&_slc=1&gtm=45He44h0n81MR8WJDJv812733088za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1613893130
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame F3A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
11
content-length
9921
content-type
text/html
date
Sat, 20 Apr 2024 09:04:50 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-cf-id
eThWuac7xVi1v8jvZ0alOCfWROBmotiYfUTq7jT0FHzA1bdYaXC74g==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 4509 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sat, 20 Apr 2024 09:04:57 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
6
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
IK_oO8S4PBE-3KZRSWNVSzE5ojU67RsNmWprS5ux1d1K-AXNsE9ODg==
capmapping.htm
cdn.holmesmind.com/js/ Frame 3269 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
11
content-length
9921
content-type
text/html
date
Sat, 20 Apr 2024 09:04:50 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-cf-id
eThWuac7xVi1v8jvZ0alOCfWROBmotiYfUTq7jT0FHzA1bdYaXC74g==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 7C1C 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sat, 20 Apr 2024 09:04:57 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
6
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
IK_oO8S4PBE-3KZRSWNVSzE5ojU67RsNmWprS5ux1d1K-AXNsE9ODg==
collect
stats.g.doubleclick.net/j/ 		4 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-146086888-1&cid=1749293619.1713603900&jid=1314634616&gjid=1334805971&_gid=1613711923.1713603900&npa=1&_u=YADAAEAAAAAAACAAI~&z=1240609936
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 20 Apr 2024 09:05:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1a9c489241e052f86cb941f3b9474c2254c2af6b811518043a26895ef79ba433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Apr 2024 09:05:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 4509 		388 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=12496
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d524d61ab6feb72f926cba0e0d9cc87548bcc849cc2eaccab9aa157cf71c8207

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 20 Apr 2024 09:05:01 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 4509 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sat, 20 Apr 2024 09:04:59 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
UR0XklXBva-KvRDXXQ-rQ_vOc9Wrt3PYr59PQAq49Z8-0neORLFL6w==
Preset.js
ad.holmesmind.com/adserver/ Frame 7C1C 		388 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=12496
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d524d61ab6feb72f926cba0e0d9cc87548bcc849cc2eaccab9aa157cf71c8207

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 20 Apr 2024 09:05:01 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 7C1C 		30 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sat, 20 Apr 2024 09:04:59 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
2
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
UR0XklXBva-KvRDXXQ-rQ_vOc9Wrt3PYr59PQAq49Z8-0neORLFL6w==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
56371
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Apr 2024 17:25:29 GMT
expires
Sat, 19 Apr 2025 17:25:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1C74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dM9ccwSCRB2AtOPrsPHHRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dM9ccwSCRB2AtOPrsPHHRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 20 Apr 2024 09:05:00 GMT
expires
Sat, 20 Apr 2024 09:05:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=1749293619.1713603900&jid=1314634616&npa=1&_u=YADAAEAAAAAAACAAI~&z=635280199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-146086888-1&cid=1749293619.1713603900&jid=1314634616&npa=1&_u=YADAAEAAAAAAACAAI~&z=635280199
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-ZH634PL121&gtm=45je44h0v9134562597za200&_p=1713603899981&_gaz=1&gcd=13l3l3l2l3&npa=1&dma=0&ul=de-de&sr=1600x1200&cid=1749293619.1713603900&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Frisu.io%2FHlv7j&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&sid=1713603900&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1761
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZH634PL121&cid=1749293619.1713603900&gtm=45je44h0v9134562597za200&aip=1&dma=0&gcd=13l3l3l2l3&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZH634PL121&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.br/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.br/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZH634PL121&cid=1749293619.1713603900&gtm=45je44h0v9134562597za200&aip=1&dma=0&gcd=13l3l3l2l3&npa=1&z=993915959
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3374
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmx0w5EhWUno15vKpZRI%2BODad%2FEuE3KSrbFiCwaPFwGQV7somcWCK9bQXg0r3ljN2qDkXPMsFD6SSAcrPjQhANKRAK2xfTFCGb0I5zTbwnkgQGC%2F4tFyYJ8WHn5pOae3nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8773f85cde9f03b0-FRA
ad_request
ads.aralego.com/ 		409 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=de-DE&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FHlv7j&adid=ad-34B46A49E29A463613E23AEBB2E7B479&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.7430596254385111&uaBrands=%22Chromium%22%3Bv%3D%22124.0.6367.60%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.60%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22&uaPlatform=Win32&uaPlatformVersion=10.0.0&uaMobile=%3F0&uaArch=x86&uaBitness=64
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
4c34c89b92ba7a6222f549d56196466135bdbef47e2b1b06545b994b9f96cc4a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 09:05:01 GMT
X-Width
728
X-Height
90
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
409
ca-pub-9208708170783140
fundingchoicesmessages.google.com/i/ 		181 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9208708170783140?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c72b6fb2cb5f1f47fbba8ad37438bca4f1b944a909c7b9058d2fc1d2dc7db5c3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g-iVfdnhWkiY42sNM4DnVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-g-iVfdnhWkiY42sNM4DnVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhbo69XX0b2QQmTPyVCQDNbCpx"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
113968c123c211086afe366368f20e0a8019ded232414e7e884cc5c965518049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32364
x-xss-protection
0
server
cafe
etag
6184030497528098109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 20 Apr 2024 09:05:01 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
AGSKWxWrO51tsOGM0cCo61lrTdENoI0_taMibj6n_tBDcEZPejMwD_A0OFCIIsgapOzdzqxt-nPu3WyGYKWWX_1QS3NNgcASn78fdtBpt7BnsWdu8kSg1uJ2evolWEDb9ORKibZLPjUcAQ==
fundingchoicesmessages.google.com/f/ 		397 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWrO51tsOGM0cCo61lrTdENoI0_taMibj6n_tBDcEZPejMwD_A0OFCIIsgapOzdzqxt-nPu3WyGYKWWX_1QS3NNgcASn78fdtBpt7BnsWdu8kSg1uJ2evolWEDb9ORKibZLPjUcAQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzNjAzOTAxLDM0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yaXN1LmlvL0hsdjdqIixudWxsLFtbOCwibWJsSXhaS1VYSG8iXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDgyMjU0XSxudWxsLDRdIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMxMIBqsBrt-haZXx9Dmd0pqdC9s6g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7c0b68ef75d11e8354924d618278e23041191a9ccfd2e49523b85bc9a77c4f1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IP90wYni7LoqF3XLlqm2-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IP90wYni7LoqF3XLlqm2-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkwYQxzyfzpoCxE7pM1iDgNinfgZrDBC33jzHOhWITy44z3oRiJP-nWctAmIhHo69XX0b2QQOvHn9lhEA_Egrdg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
arjs.php
ad2.apx.appier.net/www/delivery/ Frame FAD8
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
  • https://gocm.c.appier.net/aanet?id=ida4mlvgiastit93r&url=ad2.apx.appier.net&zoneid=5988
  • https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=p4GlZ77dC4GIU1e6PoUjZg&id=ida4mlvgiastit93r
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=p4GlZ77dC4GIU1e6PoUjZg&id=ida4mlvgiastit93r
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
944a5694d898a8e02f96061254528325594a89547ce646fd445d1d25af433ec8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 09:05:02 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
text/html; charset=utf-8
cache-control
no-store
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

date
Sat, 20 Apr 2024 09:05:02 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=5988&acid=p4GlZ77dC4GIU1e6PoUjZg&id=ida4mlvgiastit93r
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
140
ads.js
ad.holmesmind.com/adserver/ Frame 4509 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=12496&rf=https%3A%2F%2Frisu.io%2FHlv7j&n=244&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6828-D0Foo8dkknWJQwYfnYAGbXwYa0bjfvf0&fp_uuid=6828-9e03fe7595d9dfabcfe566f92bc587c3&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5431e35cae28228dee7f49bd47cbbaf0de11f7aa9687aeca7ecbcd0a3a37a9d7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 20 Apr 2024 09:05:01 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
publishertag.js
static.criteo.net/js/ld/ Frame 4509 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
206ee313138c77bcb7145e7facc572f13ad9710e2bceedfb83dcbaa718942387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Apr 2024 12:20:57 GMT
server
nginx
etag
W/"661532a9-1fa82"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Apr 2024 09:05:01 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 4509 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sat, 20 Apr 2024 09:04:59 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
3
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
cqm1Uf9JEk25uce62XPaAfjKb5lCpF5aCHNLifJOpc6VsX5ucMTeyw==
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mblIxZKUXHo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzDNwlzxxq5cL3GkIVag_wf9qenfQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Apr 2024 09:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Apr 2024 09:05:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Apr 2024 09:05:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
37145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 19:45:43 GMT
x-content-type-options
nosniff
age
393558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Apr 2025 19:45:43 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
37145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 22:45:56 GMT
AGSKWxV5QKg3XDQJzgJhbconX1Yw8lHqu0ddqW8Jgdop1a5a5VB0Tywe_FfIfBtWPZwSNi6LxADf-DeqcfAUXLiRnZuxa2Hj4f3qTLLZ-SK9ujGsAFt4cnlMklYqeLh_8OqWbWTe9juBHA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV5QKg3XDQJzgJhbconX1Yw8lHqu0ddqW8Jgdop1a5a5VB0Tywe_FfIfBtWPZwSNi6LxADf-DeqcfAUXLiRnZuxa2Hj4f3qTLLZ-SK9ujGsAFt4cnlMklYqeLh_8OqWbWTe9juBHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mblIxZKUXHo.es5.O/am=wA/d=1/rs=AJlcJMxMIBqsBrt-haZXx9Dmd0pqdC9s6g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yxyLAHSK3Xw9KxhZB-OHCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 20 Apr 2024 09:05:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-yxyLAHSK3Xw9KxhZB-OHCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBiqGV4xtQKxE7pM1hDgFiIh2NvV99GNoETa-9dYAIAxD0MUg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://risu.io
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
utag.js
t.ssp.hinet.net/ Frame 4509 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:02 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
etag
W/"65e6c0fa-15e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 20 Apr 2024 09:15:02 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 7C1C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=12496&rf=https%3A%2F%2Frisu.io%2FHlv7j&n=570&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6828-D0Foo8dkknWJQwYfnYAGbXwYa0bjfvf0&fp_uuid=6828-9e03fe7595d9dfabcfe566f92bc587c3&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a32c023cf278da2a13c6e9d61c948ee9a22723094775cf563fb119a0279cc235

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://risu.io
date
Sat, 20 Apr 2024 09:05:02 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
publishertag.js
static.criteo.net/js/ld/ Frame 7C1C 		127 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
206ee313138c77bcb7145e7facc572f13ad9710e2bceedfb83dcbaa718942387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Apr 2024 12:20:57 GMT
server
nginx
etag
W/"661532a9-1fa82"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 21 Apr 2024 09:05:01 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 7C1C 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sat, 20 Apr 2024 09:04:59 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
3
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
cqm1Uf9JEk25uce62XPaAfjKb5lCpF5aCHNLifJOpc6VsX5ucMTeyw==
utag.js
t.ssp.hinet.net/ Frame 7C1C 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:02 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
etag
W/"65e6c0fa-15e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sat, 20 Apr 2024 09:15:02 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 4509 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12496&rf=https%3A%2F%2Frisu.io%2FHlv7j&n=244&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6828-D0Foo8dkknWJQwYfnYAGbXwYa0bjfvf0&fp_uuid=6828-9e03fe7595d9dfabcfe566f92bc587c3&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Sat, 20 Apr 2024 09:05:00 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
3
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
YRrSCwOmQsPrghXC5xjhGB42xuInIgKGie2P0vVuYFm5Ia2w76NHWA==
drawV2.js
cdn.holmesmind.com/js/ Frame 7C1C 		13 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12496&rf=https%3A%2F%2Frisu.io%2FHlv7j&n=570&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6828-D0Foo8dkknWJQwYfnYAGbXwYa0bjfvf0&fp_uuid=6828-9e03fe7595d9dfabcfe566f92bc587c3&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Sat, 20 Apr 2024 09:05:00 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
3
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
YRrSCwOmQsPrghXC5xjhGB42xuInIgKGie2P0vVuYFm5Ia2w76NHWA==
contain.js
cdn.holmesmind.com/module/product/inner/inner_facebookLive/ Frame 4509 		29 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/module/product/inner/inner_facebookLive/contain.js
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0defbf201351b83387cb36b3d2f8cd77258468fe3f1472dc0c4374b27dbfd228

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
LP3GCKkOU9aL5qCMyRjJPP11M2u_KQ.0
date
Sat, 20 Apr 2024 09:03:43 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 05:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
161
x-amz-server-side-encryption
AES256
etag
"7b07fd1477231d8bf4f7043c002b0d17"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
29972
x-amz-cf-id
z1h8IFT5y_2jEzrRW6F1Zq6qXV_1IvYUWesak0ULASWbw0iVoPYapQ==
i
ad.holmesmind.com/adserver/ Frame 4509 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1713603901&p=12496:125052:222319:e664da56c8f85191573dd16d3cfc30b9:26080
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/png
date
Sat, 20 Apr 2024 09:05:02 GMT
server
nginx/1.14.0 (Ubuntu)
c6be8e4be05ae1ee859c50a410fecc1b.jpg
cdn.holmesmind.com/image/26080/ Frame 4509 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/26080/c6be8e4be05ae1ee859c50a410fecc1b.jpg
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
667798ae73889cea1ed57d37cf188a8c6b813ee3dbc84cb091907f0a6ebfe0ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 08:38:56 GMT
x-amz-version-id
1aAj59pp3kLE5hcchc6BGn.9Wi.SmC1.
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Sat, 20 Apr 2024 06:16:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1567
etag
"32c9927829e309b437db8234aa8f9185"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
32648
x-amz-cf-id
PmyBkuek3vjd161oOXS0QHaWYzYq_cA8BEyMqr58hLT3cAHJlSaXNQ==
contain.js
cdn.holmesmind.com/module/product/inner/inner_facebookLive/ Frame 7C1C 		29 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/module/product/inner/inner_facebookLive/contain.js
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0defbf201351b83387cb36b3d2f8cd77258468fe3f1472dc0c4374b27dbfd228

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
LP3GCKkOU9aL5qCMyRjJPP11M2u_KQ.0
date
Sat, 20 Apr 2024 09:03:43 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Wed, 10 Apr 2024 05:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
161
x-amz-server-side-encryption
AES256
etag
"7b07fd1477231d8bf4f7043c002b0d17"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
29972
x-amz-cf-id
z1h8IFT5y_2jEzrRW6F1Zq6qXV_1IvYUWesak0ULASWbw0iVoPYapQ==
i
ad.holmesmind.com/adserver/ Frame 7C1C 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1713603902&p=12496:125052:222319:04a9f1ef8f09f6cd1d832e2e386863ae:26080
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/png
date
Sat, 20 Apr 2024 09:05:02 GMT
server
nginx/1.14.0 (Ubuntu)
c6be8e4be05ae1ee859c50a410fecc1b.jpg
cdn.holmesmind.com/image/26080/ Frame 7C1C 		32 KB
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/26080/c6be8e4be05ae1ee859c50a410fecc1b.jpg
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/module/product/inner/inner_facebookLive/contain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:1c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
667798ae73889cea1ed57d37cf188a8c6b813ee3dbc84cb091907f0a6ebfe0ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:02 GMT
x-amz-version-id
1aAj59pp3kLE5hcchc6BGn.9Wi.SmC1.
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Sat, 20 Apr 2024 06:16:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
1567
x-amz-server-side-encryption
AES256
etag
"32c9927829e309b437db8234aa8f9185"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
Dthtq4Xee9JI6EwwZp32BAK5iEyLoy5PnbdUzFvqJaMy8gv5axQwQA==
content-length
32648
truncated
/ Frame 4509 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f31502bd8b58a334acc32b695f096fde6dd136fa1106f2d2d9fb4825d41b1abb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
sdk.js
connect.facebook.net/zh_TW/ Frame 4509 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/module/product/inner/inner_facebookLive/contain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2fdbb3189713b6e123c404372f78442b238524a29909e48a82fac0082d5d91f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Apr 2024 09:05:02 GMT
content-md5
WGaXrfDvQA0/AUN6sd3+dw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1294, tbw=2763, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
gOyVlKBjCPJi8Rf0zyHrkzEZGg4NExCAN3Ck7/TZncFSDpEiNWO59o4XlGmY1aYv3/t4MkTJSojKWNvoP2n+7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a1388a059a2b8b060f228b54a89d0c57
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"ff6d1317ae4fb8dad7280ff28e52c026"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 20 Apr 2024 09:15:33 GMT
truncated
/ Frame 7C1C 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f31502bd8b58a334acc32b695f096fde6dd136fa1106f2d2d9fb4825d41b1abb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
sdk.js
connect.facebook.net/zh_TW/ Frame 7C1C 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/module/product/inner/inner_facebookLive/contain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2fdbb3189713b6e123c404372f78442b238524a29909e48a82fac0082d5d91f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
WGaXrfDvQA0/AUN6sd3+dw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=36, rtx=0, c=12, mss=1294, tbw=2763, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
gOyVlKBjCPJi8Rf0zyHrkzEZGg4NExCAN3Ck7/TZncFSDpEiNWO59o4XlGmY1aYv3/t4MkTJSojKWNvoP2n+7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a1388a059a2b8b060f228b54a89d0c57
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"ff6d1317ae4fb8dad7280ff28e52c026"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 20 Apr 2024 09:15:33 GMT
/
t.ssp.hinet.net/ Frame 4509 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
d3daf9e1a0e348cc373c7fff8bfae120c728419ae5e59f0b0f18f1c9dac25627
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:02 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame 7C1C 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
d3daf9e1a0e348cc373c7fff8bfae120c728419ae5e59f0b0f18f1c9dac25627
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
sdk.js
connect.facebook.net/zh_TW/ Frame 4509 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=6f6b2bf4e7b266e5abbfa7da07e30876
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
fd0e0ac629b61478ca40b41909b8b3a1245eb3f65423257ff72a45e0fe3744c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Apr 2024 09:05:02 GMT
content-md5
4U/z7z5CqTfkKyVLBIpEqw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89191
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=38, mss=1232, tbw=4276, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
jgJW3bOvhDDfzxxA8sAFdfguOkGD1Gg8crGhNp2BIkX0fgKj4HhPig4S7d3aWofMQWQyPTgrHW/8inWdVEU0cA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
0459725b0216d9bafa63031a9764a41c
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6a3be13ba875e71b8991790a49cf0e72"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 20 Apr 2025 07:48:27 GMT
sdk.js
connect.facebook.net/zh_TW/ Frame 7C1C 		305 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=6f6b2bf4e7b266e5abbfa7da07e30876
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
fd0e0ac629b61478ca40b41909b8b3a1245eb3f65423257ff72a45e0fe3744c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4U/z7z5CqTfkKyVLBIpEqw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89191
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=38, mss=1232, tbw=4276, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
jgJW3bOvhDDfzxxA8sAFdfguOkGD1Gg8crGhNp2BIkX0fgKj4HhPig4S7d3aWofMQWQyPTgrHW/8inWdVEU0cA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
0459725b0216d9bafa63031a9764a41c
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6a3be13ba875e71b8991790a49cf0e72"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 20 Apr 2025 07:48:27 GMT
video.php
www.facebook.com/v2.5/plugins/ Frame 8ED4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5be1859063958cdf%26domain%3Drisu.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frisu.io%252Ff1febb965038273df%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchichi.lilian520%2Fvideos%2F1857244681395703%2F&locale=zh_TW&sdk=joey&show_text=false&width=280
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=6f6b2bf4e7b266e5abbfa7da07e30876
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Apr 2024 09:05:03 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=316, ullat=0
x-fb-debug
92uItCCIC8P/frVqpS2vSc7S4BEBN2JKR2Sfwu0ml42kBJAD54E7hHfNhmo6IjHi3G5iwtl9BYfN3L9gpst6Ug==
x-xss-protection
0
video.php
www.facebook.com/v2.5/plugins/ Frame A200 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.5/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df8e2551232a05c5ed%26domain%3Drisu.io%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Frisu.io%252Ff62a453f90078a0cd%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fchichi.lilian520%2Fvideos%2F1857244681395703%2F&locale=zh_TW&sdk=joey&show_text=false&width=280
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=6f6b2bf4e7b266e5abbfa7da07e30876
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 20 Apr 2024 09:05:03 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1294, tbw=48911, tp=-1, tpl=-1, uplat=331, ullat=0
x-fb-debug
eVZ0BUsSvQ/KfLex/aojEJsdEk4E0Xst8U3WQ0LmrluuWKj360gvnKr6DVJbkgZ0P8fv+VoVuHVAfU1PWiZtRA==
x-xss-protection
0
emome2
t.ssp.hinet.net/ Frame 4509 		30 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=38f29347-1dcd-4960-af24-5faf4dd3a51b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
cm
t.ssp.hinet.net/ Frame 4509 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=6828-D0Foo8dkknWJQwYfnYAGbXwYa0bjfvf0&mp=38f29347-1dcd-4960-af24-5faf4dd3a51b
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net/ Frame 4509 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net/pixel?bd=38f29347-1dcd-4960-af24-5faf4dd3a51b&t=50ef57&referrer=
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 7C1C 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=6828-D0Foo8dkknWJQwYfnYAGbXwYa0bjfvf0
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://risu.io
cache-control
no-cache, private
access-control-allow-credentials
true
fpc
pmp-beacon.apx.appier.net/v1/ Frame FAD8 		12 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by
Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5988&id=ida4mlvgiastit93r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.109.52 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
52.109.117.34.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.6.2 /
Resource Hash
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.6.2
content-type
application/json; charset=utf-8
access-control-allow-origin
https://risu.io
access-control-expose-headers
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 888A
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H3
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10601
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgZk0CooHbS1xKpIy9fizl0KWBC2TcciP5Xm2hSnolJzz8LCwg%2BcAk0TK%2Bi%2BbQYyaXcYz12oIn2MCVOo4tneY2asVbq7DQfZ2h9dOUCI17SqlS0V0MXpfX3lnti8FVFzeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8773f85c0d8803b0-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
gcm
gocm.c.appier.net/ Frame 888A 		42 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gocm.c.appier.net/gcm
Requested by
Host: risu.io
URL: https://risu.io/Hlv7j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.105.203.31 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1857-31.members.linode.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
date
Sat, 20 Apr 2024 09:05:03 GMT
cache-control
no-store
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
content-length
42
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net/ Frame 7C1C 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net/pixel?bd=38f29347-1dcd-4960-af24-5faf4dd3a51b&t=50ef57&referrer=
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 888A 		975 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3374
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmx0w5EhWUno15vKpZRI%2BODad%2FEuE3KSrbFiCwaPFwGQV7somcWCK9bQXg0r3ljN2qDkXPMsFD6SSAcrPjQhANKRAK2xfTFCGb0I5zTbwnkgQGC%2F4tFyYJ8WHn5pOae3nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8773f85cde9f03b0-FRA
idRequest
sync.aralego.com/ Frame 888A 		46 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=81416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
3d9c809e0bc3688d4853f78a2dfbdf6be7e8e4d921e251a29d2f92566bd8f15e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 09:05:03 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 888A 		375 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=de-DE&je=1&dnt=0&host=risu.io&u=https%3A%2F%2Frisu.io%2FHlv7j&adid=ad-D2328A43BE32492A18639D936846E3E&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5578273746611648&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Frisu.io&lang=en-US%2Cen&deviceInfo=81416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&uaBrands=%22Chromium%22%3Bv%3D%22124.0.6367.60%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.60%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22&uaPlatform=Win32&uaPlatformVersion=10.0.0&uaMobile=%3F0&uaArch=x86&uaBitness=64
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
ba676f3e7c69c97e3ac0fde402612cece7d96d8774c7db8be59724c027cd0d13

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 09:05:03 GMT
X-Width
728
X-Height
90
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://risu.io
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
f30aca43-1f6c-34f2-9fa2-a9acd773a8f0
X-Adtype
html
Connection
close
Content-Length
375
av
ad.holmesmind.com/adserver/ Frame 4509 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=12496:125052:222319:e664da56c8f85191573dd16d3cfc30b9:26080&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
av
ad.holmesmind.com/adserver/ Frame 7C1C 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=12496:125052:222319:04a9f1ef8f09f6cd1d832e2e386863ae:26080&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.212.118 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-212-118.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:05:03 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
ysm_risu.js
ad.sitemaji.com/ Frame CA87 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_risu.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5bed9d919b7e869a3881a15c3baa4af63bb6647cac3c93e1ebaa5f00cfee4fe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 10:05:24 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 20 Feb 2024 09:47:03 GMT
server
nginx
age
82776
etag
W/"65d47517-bdc9"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14294
expires
Sat, 20 Apr 2024 10:05:24 GMT
ad_first.html
risu.io/ Frame 8F8F 		969 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://risu.io/ad_first.html?s=728x90&type=fsa_passback
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_risu.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a7553a69045a716920bdfd29446c1ebf2196bd7ca911564c76cc932a10bb71

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/Hlv7j
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8773f86fafedbf6a-WAW
content-encoding
br
content-type
text/html
date
Sat, 20 Apr 2024 09:05:05 GMT
last-modified
Sat, 17 Feb 2024 07:13:19 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 913E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
age
4770
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8773f8708da59f11-FRA
content-encoding
br
content-type
text/html
date
Sat, 20 Apr 2024 09:05:04 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIPnFmMH2lfuz72WkcUj8FceeyEthBAElzELG0WXVn9D0q%2F89IxfzDtlkGljwHwZpzxcV3%2F5FZtjKsLZB7VF%2BJBugVs%2BVNb4Uhas8oq8YVL%2BcC0jyT7eVZr7GWctVSsd5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 50AF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://risu.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Sat, 20 Apr 2024 09:05:04 GMT
ETag
"2052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 20 Apr 2024 09:05:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ Frame 888A 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 09:05:04 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ Frame 8F8F 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: risu.io
URL: https://risu.io/ad_first.html?s=728x90&type=fsa_passback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Origin
https://risu.io
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 22:09:58 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8773f8535f45920b-FRA
rocket-loader.min.js
risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 8F8F 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://risu.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: risu.io
URL: https://risu.io/ad_first.html?s=728x90&type=fsa_passback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.41.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/ad_first.html?s=728x90&type=fsa_passback
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 09:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Apr 2024 15:45:04 GMT
server
cloudflare
etag
W/"661e9d00-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8773f852dbccbf6a-WAW
expires
Mon, 22 Apr 2024 09:04:59 GMT
risu_passback.js
ad.sitemaji.com/native/ Frame 8F8F 		0
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-H814P3QJ03&gtm=45je44h0v883701885za200&_p=1713603899981&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1749293619.1713603900&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1713603900&sct=1&seg=0&dl=https%3A%2F%2Frisu.io%2FHlv7j&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%E3%80%82%E8%A1%8C%E9%8A%B7%E3%80%82%E5%88%86%E6%9E%90%20-%20Risu.io&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6539
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H814P3QJ03&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://risu.io/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 09:05:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://risu.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240417&jk=3756734265768438&bg=!LS6lLmHNAAZ55ZTXWeU7ADQBe5WfOCk2F0nqvlYg5gYi-So1xTWOwegBQTz-xlPMkwzttKvoNh_bhWRSf-uPYTKFj-XRAgAAACJSAAAAA2gBB34ANVGNalgHJ2yBkzH6Br98zvxMn_4dw-xTElK-om9lH7Xj-fGLvt3JePpqlVdfOdix6JgVjQiqmQLmC8jon2w-uqn8vQ1rCZXDd117trJeKym8CLz58_b3jiFC9pxriPBbRQlDJjZRJhu3cAA_8vRtsp3MyBc0EGHl77v2s1XlUlIKCdM7g8lvzIuDVU9ozjNUEnoXLJnIEH7xjYPChTe0V3bQeNr7Il2MHEJOP4OsE-1tdV547E9fZq7zMarB4di_Xj5h-yc6c87CTanKpY-26JzKUuaoJEE4NNl7iz22U4_qc7rvqSElsLFvfHQuEKGvs7yCFiYu4d_POTdRTSJLQVsJhgAlFJRBDkSiITcRziW7XLQmaqw_L7qsxvkMG9b01cgSCNhOTuXjgLwAoLV2AK7ZSaYyhIaPL8xIaAyfSn1tXjYFheL5bDtpRgrvzprPNi_jKWaWIL-c0J0BClLK6LuMfC8ofRLjsaiOgxxl11T_gU7GWw9VsgM79xfuLCqv1U5N0fAUYv9VcAwkuy1MkE6TlWyvrewM83LMKMMJGG1i-A2TVxf-lNzKFpk60TRZ93o3jtTIU-ywD-fLuuN856axQtJvruYpuNx-jMErOuqIbvQhYM9c_SRw8ksUO6NHSLaBLWzxMWiQPKiOPng7K556YbwWURLDF8RLxKGUYpHs851k3ladUh5zq5Oj44K0k4AaA05fVj9ryXsbG7I7zdba9xPSkWcuF9uAS5L9iT3ttdpaa7o8m9MLxozo6lK_CoWePa1G5iovM6gsDHQPHm9lidvJO32Otq5L00NejbxspAsChjLxHFrWhxtF2Za7OU34XQrei9_9UankNzyq1mZbWnF2XoyatX1mQJZZhr50clvGVa_TuYCxdksBpGClb0R9fn1nbNwAsAJCTH8Z8FXLjSxR6UYCGXDo6TPaQ3cOstTkdSINbQBkNzc0HqK2pfJXaqzkucg_sDgopnBtGEv8gN5rkw6LrAdxWJQGIgQbORQmmeKDAyyVziWUJ7DONRZODOm1AJy-R4FvAFr0-8cwatkyotuutbS6sF2jXw
Domain
ad.sitemaji.com
URL
https://ad.sitemaji.com/native/risu_passback.js

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| __cfQR object| __cfBeacon boolean| _rails_loaded object| I18n function| setImmediate function| clearImmediate object| dataLayer object| gon object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| hotkeys object| __heic2any__worker object| vttjs function| WebVTT boolean| __cfRLUnblockHandlers object| HSHeader string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| _typeof object| SD undefined| div object| urlParams object| device function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady object| GoogleGcLKhOms object| gaplugins object| gaData object| ucf object| ucfad_async object| request string| paramsString object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_llp function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OWY3OWJiMTBjOTNiYWRhOGxvYWRlcl9qcw== string| OWY3OWJiMTBjOTNiYWRhOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests

31 Cookies

Domain/Path Name / Value
risu.io/ Name: ahoy_visitor
Value: bdb89b87-70b7-4bf3-a7a4-6a74608e1954
risu.io/ Name: ahoy_visit
Value: e8be4aeb-0a19-4f9d-bc80-92a6f084467d
risu.io/ Name: _risu_session
Value: 75KIVbHyF9sCjEiJhzFncAwD41AWTsl51nDUgPKdSUdH21tivS5XyT%2BNSMuCS2TeEgTbPKOTZPcvz2XqaMdrV9GHRsmwnd1cW%2BlM7KsrEEH6XG8Sm4H3tkb7zjqK6FINDN1KId%2FIG5OoIkHPf5r6uHuPk436mU6kSpVh%2Fa60lm4fcWMIKwDd--%2FV6ihDys6lt0LbfT--SB8b8oieBqpEAjMm3TlWYQ%3D%3D
.risu.io/ Name: __cf_bm
Value: sCR96O8RRF_1dbyavKzJaru06PAut5mn0HZ7OsYq8Sc-1713603899-1.0.1.1-k7ZsMAqHMgT0zQy_utKpMe_rPYdDWzqRRla.kCP_K0MX6mcciRmxvaDGpmAMX4dyHMK0EgzjELhHSw7xluuyOQ
risu.io/ Name: prefers-color-scheme
Value: light
.risu.io/ Name: cf_clearance
Value: .oEmYJa2EnmgCFRy41mBPZXz3Jw_UhDyqAIdwHEYpDA-1713603900-1.0.1.1-z0QNZLz1HvhiW32fWtPJIBHg8_DCXig9ZtrnOvguFjO3A4QDgdIVnGyNfKuXGGubh8e8d.H5hZ7HCXR8T5c2SQ
.risu.io/ Name: _ga_H814P3QJ03
Value: GS1.1.1713603900.1.0.1713603900.0.0.0
.risu.io/ Name: _ga
Value: GA1.2.1749293619.1713603900
.risu.io/ Name: _gid
Value: GA1.2.1613711923.1713603900
.risu.io/ Name: _gat_UA-146086888-1
Value: 1
.risu.io/ Name: ISMD5VERSION
Value: 1
.risu.io/ Name: _ga_ZH634PL121
Value: GS1.2.1713603900.1.0.1713603900.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUld_cvTw39Zx1-7IJlOu3Wj25ilgsAszl9bPhZXq1Mv9URNXcsZpFDtLZrlv_Y
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.holmesmind.com/ Name: Vision
Value: 20240420-23:59,20240420-20,20240420-20,20240420-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.holmesmind.com/ Name: P
Value: 750912-4aVeI9tQqlzvBTgEFO3UspJxTTvM18d6
.aralego.com/ Name: sspid
Value: f30aca43-1f6c-34f2-9fa2-a9acd773a8f0
.risu.io/ Name: CFFPCKUUID
Value: 8043-02PUJRla3SdcL4l8TUGk1MklR30f0ckV
.risu.io/ Name: CFFPCKUUIDMAIN
Value: 6828-D0Foo8dkknWJQwYfnYAGbXwYa0bjfvf0
.risu.io/ Name: FPUUID
Value: 6828-9e03fe7595d9dfabcfe566f92bc587c3
.holmesmind.com/ Name: fcm
Value: 1
.hinet.net/ Name: uuid
Value: 38f29347-1dcd-4960-af24-5faf4dd3a51b
.lndata.com/ Name: admckid
Value: 2404201705011178267
.c.appier.net/ Name: _auid
Value: p4GlZ77dC4GIU1e6PoUjZg
.risu.io/ Name: __htid
Value: 38f29347-1dcd-4960-af24-5faf4dd3a51b
.risu.io/ Name: _ht_em
Value: 1
.risu.io/ Name: _ht_50ef57
Value: 1
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1

121 Console Messages

Source Level URL
Text
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://risu.io/Hlv7j
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

38f29347-1dcd-4960-af24-5faf4dd3a51b.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ad2.apx.appier.net
ads.aralego.com
agent.aralego.com
analytics.google.com
assets.risu.io
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
connect.facebook.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gocm.c.appier.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pmp-beacon.apx.appier.net
region1.google-analytics.com
risu.io
secure-assets.rubiconproject.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.aralego.com
t.ssp.hinet.net
tpc.googlesyndication.com
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.br
www.google.de
www.googletagmanager.com
ad.sitemaji.com
pagead2.googlesyndication.com
104.16.88.20
142.250.181.232
142.250.184.194
142.250.185.132
142.250.185.98
142.250.186.163
142.250.186.35
142.250.186.78
157.240.252.13
162.210.196.208
172.105.203.31
172.66.41.2
172.67.71.254
175.41.212.118
184.30.22.30
192.96.203.13
2001:4860:4802:34::181
2001:4860:4802:34::36
203.75.214.136
23.56.202.187
2600:9000:2250:1c00:0:e06c:e940:93a1
2600:9000:2250:8c00:0:e06c:e940:93a1
2606:4700::6810:4f49
2606:4700::6811:f8cb
2a00:1450:4001:803::200e
2a00:1450:4001:806::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.117.109.52
34.98.102.251
35.186.215.140
35.190.36.98
0588692e4e0f96d05a20ca5ee504bc1c054cdcb8763684841a2b51a5f89fdfd0
05b374d05231f031b755f2d522847efa8d0b2af827366c01b055216eda7fe1f3
0defbf201351b83387cb36b3d2f8cd77258468fe3f1472dc0c4374b27dbfd228
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
113968c123c211086afe366368f20e0a8019ded232414e7e884cc5c965518049
140d23c26269417067ca5c36ad591e3a13da19b3854209bc82ea477cc54e9986
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1a9c489241e052f86cb941f3b9474c2254c2af6b811518043a26895ef79ba433
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
206ee313138c77bcb7145e7facc572f13ad9710e2bceedfb83dcbaa718942387
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28196ab389ed9e4958f82b3528cd13035d2bfd35df0d60cc126cfb73225e2493
2fdbb3189713b6e123c404372f78442b238524a29909e48a82fac0082d5d91f9
31020b3680c09d76da253d297d6d3faa98fd6b551c1c751829db8c12a9f4a1ad
3165ae694d9a7bcf30b53cefaf86602cd21ae552ea4765bdd88f944976537c3b
3181fbcd87e8069fda16b04b43e0be62c13bb89dd7adea485b374d099475a763
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d9c809e0bc3688d4853f78a2dfbdf6be7e8e4d921e251a29d2f92566bd8f15e
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
4c34c89b92ba7a6222f549d56196466135bdbef47e2b1b06545b994b9f96cc4a
4d1616b0b54dea57a0b666686976e1a8e01cb29f7988de451560c1e01f8eade1
4e705cd6ed57b081fc5a073ba6ad27a734e5c13ffc955cfd82dc4da7e064fadb
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
5431e35cae28228dee7f49bd47cbbaf0de11f7aa9687aeca7ecbcd0a3a37a9d7
58a7553a69045a716920bdfd29446c1ebf2196bd7ca911564c76cc932a10bb71
61aff5cf966b1399abc950ad1ca973c93e5136a468951eaa6258700b4bfdd5fe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64a530dad84560bcb259fc7a6872ad18cd9d2ccd66481ac68d0c1f8fad121344
667798ae73889cea1ed57d37cf188a8c6b813ee3dbc84cb091907f0a6ebfe0ec
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
75d1ce1a2924ab3bf84247e25e09ccc33160012f230e6f5327afa37f104e424c
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
76b8a0d06c6abfa98a8da99c5b2f95a6d9cbba102e1bc92d0e44ff2d7b21e41a
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7db227ccbd6c62dbdc39e292a1f5fdad5efe2140c31e8631679ab4ce75cdb6e8
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
83a0bc46810ce02e7a503e675247e0eabf7f1f36ff5b63cbb5356b08b445a9b8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8601795e76a9cb039e4c5f389b760b135aa0ce356495374bc07f05ae25b24a63
87b6cd7d1b9f4606692a57e932dd98b9c0bd4732e69295404ca66a76ac8f6304
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
896fccdd4bf0aac29d2a1721a3d555a4884c48ebfc6f136dbcb1ccfcd69f2507
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
944a5694d898a8e02f96061254528325594a89547ce646fd445d1d25af433ec8
a32c023cf278da2a13c6e9d61c948ee9a22723094775cf563fb119a0279cc235
a7c0b68ef75d11e8354924d618278e23041191a9ccfd2e49523b85bc9a77c4f1
a81482289c80f062516faf5ea4d43306e2e412e403a7a7947759f7b965f79f2f
aa9b2661b0f503189c3facf44d61b2b2c99993b518cbc6ec2bf9010d0580ab8b
abdc14f58963ce8c06d66f083a00db89b96da1f61d8c9039412df76e10c25e4a
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
ba676f3e7c69c97e3ac0fde402612cece7d96d8774c7db8be59724c027cd0d13
c72b6fb2cb5f1f47fbba8ad37438bca4f1b944a909c7b9058d2fc1d2dc7db5c3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
cfdc5e44f9d6d72f1532998da87deb3652f9774201b5f8a65eab27ecc6172b11
d37aed64423b37967845347128d9982251691604352eba700fc6f4612059ca88
d3daf9e1a0e348cc373c7fff8bfae120c728419ae5e59f0b0f18f1c9dac25627
d524d61ab6feb72f926cba0e0d9cc87548bcc849cc2eaccab9aa157cf71c8207
de05e716292a74a520d396dd9e4b30e8299d7894fc92ee786e7392b898c8863a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2493c16c34b3d2b26680bcd78c01df5b704d662e6605c0c1ae22157b02310e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bed9d919b7e869a3881a15c3baa4af63bb6647cac3c93e1ebaa5f00cfee4fe
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f230b70fafb661f679ff2e6b151d861405ab99c918a9db15427cc520be1501ea
f31502bd8b58a334acc32b695f096fde6dd136fa1106f2d2d9fb4825d41b1abb
fd0e0ac629b61478ca40b41909b8b3a1245eb3f65423257ff72a45e0fe3744c4